BC-VSP-001 · v1.0
Validation Support Package (IQ/OQ)
20 February 2026 · Document Number: BC-VSP-001
This document provides pre-written IQ and OQ test protocols for customer validation of BatchCortex under EU GMP Annex 11 and GAMP 5 Second Edition. Customer-specific fields (marked [CUSTOMER TO COMPLETE]) should be filled during execution. Download the editable .docx version from the Validation Documentation page.
1. Purpose & Scope
This Validation Support Package provides pre-written Installation Qualification (IQ) and Operational Qualification (OQ) test protocols to support customer validation of the BatchCortex platform under EU GMP Annex 11 and GAMP 5 Second Edition requirements.
Scope of validation:
- BatchCortex web application (dashboard, sign-off workflow, report generation)
- Edge agent connectivity (OPC-UA or MQTT — select applicable)
- Anomaly detection pipeline (Isolation Forest model)
- Audit trail and electronic signature functionality
- Escalation notification system
Out of scope: Customer DCS/SCADA systems, OPC-UA server configuration, network infrastructure.
2. Regulatory References
- EU GMP Annex 11 (2025 Draft) — Computerised Systems
- EU GMP Annex 22 (2025 Draft) — Artificial Intelligence
- GAMP 5 Second Edition — Risk-Based Approach to Compliant GxP Computerised Systems
- 21 CFR Part 11 — Electronic Records; Electronic Signatures
- ALCOA+ Data Integrity Principles
3. GAMP 5 System Classification
| GAMP Category | Category 4/5 — Configurable/Custom with GMP impact |
| GxP Impact | Direct — anomaly detection affects batch quality decisions |
| Data Integrity Risk | High — electronic batch records, Part 11 signatures |
| AI/ML Component | Yes — Isolation Forest (static, deterministic, Annex 22 compliant) |
| Validation Approach | IQ + OQ required; PQ at customer discretion based on risk |
4. Installation Qualification (IQ)
The IQ verifies that BatchCortex has been installed correctly and that the environment meets specified requirements. Each test must be executed, results recorded, and pass/fail determined by the validation lead.
| # | Test | Expected Result |
|---|---|---|
| IQ-01 | Access batchcortex.com dashboard via supported browser (Chrome 120+, Firefox 121+, Edge 120+) | Login page loads. TLS padlock visible. No console errors. |
| IQ-02 | Verify software version displayed in Settings matches current release | Version number matches supplier release notes. |
| IQ-03 | Confirm data residency: verify Supabase region is EU (Frankfurt) via Settings > System Info | Region displayed as EU (Frankfurt, Germany). |
| IQ-04 | Edge agent installation: run install.sh on site gateway. Verify service starts. | systemd service batchcortex-edge shows status: active (running). |
| IQ-05 | Confirm edge-to-cloud connectivity: verify sensor readings appear in dashboard within 60 seconds of edge start | Live readings visible in dashboard within 60 seconds. |
| IQ-06 | OPC-UA connection: verify edge agent connects to site OPC-UA server and reads configured nodes | Edge log shows [INFO] OPC-UA connected. Readings flow. |
| IQ-07 | Verify sub-processor list matches approved DPA (Supabase, Mistral AI, Twilio, Sentry, Vercel, Resend) | Settings > System Info lists matching sub-processors. |
| IQ-08 | Verify environment variables and credentials are stored in .env, not hardcoded | Code review or vendor attestation confirms no hardcoded secrets. |
5. Operational Qualification (OQ)
The OQ verifies that BatchCortex operates as intended throughout its operating range. Tests cover all critical GMP functions.
5.1 Anomaly Detection
| # | Test | Expected Result |
|---|---|---|
| OQ-01 | Start demo batch in simulation mode. Observe nominal readings for 2 minutes. | Dashboard shows green status. All CPPs within limits. No alerts. |
| OQ-02 | Trigger temperature anomaly via simulation (inject value exceeding alert limit). | Anomaly alert appears within 60 seconds. Dashboard status changes to ALERT. Email escalation sent. |
| OQ-03 | Verify anomaly is logged in audit trail with: timestamp (UTC), parameter, value, anomaly type, batch ID. | Audit trail entry present with all required fields. Timestamp accurate to second. |
| OQ-04 | Verify AI deviation report is generated. Confirm report contains: batch ID, detected parameter, alert time, root cause hypothesis, CAPA placeholder. | Report generated. All required sections present. Report marked as DRAFT pending QA sign-off. |
| OQ-05 | Verify hard limit breach detection: inject value exceeding validated specification limit (distinct from alert limit). | CRITICAL alert fired. Immediate Tier 1 escalation triggered. Batch hold recommendation shown. |
| OQ-06 | Verify slope/drift detection: inject gradual parameter drift over 5 minutes within alert limits. | Drift warning generated. Early warning alert appears before hard limit breach. |
5.2 Electronic Signatures & Audit Trail
| # | Test | Expected Result |
|---|---|---|
| OQ-07 | QA Manager logs in and signs a generated deviation report. | System requires: username confirmation, password re-entry, meaning of signature. Sign event logged in audit trail with timestamp and user ID. |
| OQ-08 | Attempt to edit a signed record. | System rejects edit. Audit trail entry created showing attempted modification. |
| OQ-09 | Attempt to delete an audit trail entry (via API or UI). | Deletion rejected. RLS policy blocks operation. Error logged. |
| OQ-10 | Log out and attempt to access dashboard URL directly. | Redirected to login page. No data visible without authentication. |
| OQ-11 | Log in as User A. Attempt to access Org B data by manipulating URL parameters. | Access denied. RLS isolation confirmed. No cross-tenant data visible. |
| OQ-12 | Export audit trail for completed batch. Verify PDF/CSV is complete and timestamped. | Export contains all events. No gaps in timestamps. Export action itself logged in audit trail. |
5.3 Escalation System
| # | Test | Expected Result |
|---|---|---|
| OQ-13 | Trigger Tier 1 anomaly alert. Verify email notification sent to configured QA contact within 2 minutes. | Email received. Contains: batch ID, parameter, value, timestamp, dashboard link. |
| OQ-14 | Leave Tier 1 alert unacknowledged for configured escalation window. Verify Tier 2 SMS sent. | SMS received by configured contact. Escalation event logged in audit trail. |
| OQ-15 | Verify opt-out: remove SMS consent for a user. Trigger escalation. Confirm no SMS sent to that user. | No SMS sent. Other consented contacts receive escalation normally. |
| OQ-16 | Verify Tier 3 voice call (if configured). Trigger critical alert. Confirm voice call initiated. | Automated voice call received. Message intelligible. Event logged. |
5.4 Store-and-Forward Buffer
| # | Test | Expected Result |
|---|---|---|
| OQ-17 | Disconnect edge agent network connection. Observe for 2 minutes. Reconnect. | During disconnection: readings buffered locally (SQLite). After reconnect: buffered readings sync to cloud with original timestamps. No data gap in batch record. |
| OQ-18 | Verify buffered readings retain original timestamps (not sync timestamps). | Audit trail shows original capture timestamp, not reconnection timestamp. ALCOA+ Contemporaneous requirement met. |
6. Traceability Matrix
| Req | Description | Regulatory Basis | Test(s) |
|---|---|---|---|
| REQ-01 | System shall record all parameter changes with timestamp and user ID | Annex 11 §9, Part 11 §11.10(e) | OQ-03, OQ-07 |
| REQ-02 | Audit trail shall be tamper-evident and deletion-protected | Annex 11 §12, ALCOA+ | OQ-08, OQ-09 |
| REQ-03 | Electronic signatures shall require identity confirmation | Part 11 §11.200, Annex 11 §14 | OQ-07 |
| REQ-04 | Anomaly detection shall alert within 60 seconds of breach | Annex 22 §performance metrics | OQ-02 |
| REQ-05 | Data shall not be lost during connectivity interruption | ALCOA+ Complete/Consistent | OQ-17, OQ-18 |
| REQ-06 | Multi-tenant data isolation shall prevent cross-org access | GDPR Art.25, Annex 11 §12 | OQ-11 |
| REQ-07 | AI model shall be static/deterministic in production | Annex 22 §AI governance | Supplier attestation in SQA |
| REQ-08 | Human approval required before batch record finalised | Annex 22 §human oversight | OQ-07 |
| REQ-09 | Edge agent shall operate continuously without manual restart | Annex 11 §operational continuity | IQ-04, IQ-05 |
| REQ-10 | Sub-processors shall be disclosed and DPA in place | GDPR Art.28 | IQ-07, DPA document |
7. Deviation Management
Any test that does not meet the expected result shall be recorded as a deviation. Deviations must be resolved before the validation can be approved.
8. Final Approval
Validation status: System is validated and approved for GMP use following resolution of all deviations and QA sign-off.
Document reference: BC-VSP-001 v1.0 — BatchCortex — vilmer@batchcortex.com