In Earlier post we understood what is Traceability Matrix, Its Use, & Benefits in Computer system Validation.
Now in this article we are going to understand what is Software Code Review & Its Checklist to review source code in Computer system validation?
Software code review is performed to detect and fix coding errors before the system goes into formal testing. It verifies that the software has been developed in accordance with the design & programming standards have been followed.
Software code review is performed when supplier audit is not possible & vendor unable to provide strong evidence.
If vendor provide satisfactory evidence that source code was developed in effective manners & follow guidance software development life cycle then source code review not required.
Software code review is often implemented as code inspections & code walkthroughs. Such static analyses provide a very effective means to detect errors before execution of the code.
Code review is best done as early in the process as possible, preferably before submitting a module to test.
Software Code Review Checklist
A checklist is a useful means of ensuring that common mistakes are identified.
1 General Check:
- Comments must be added at the beginning and the end of the blog code that user modify.
- Comment must clear, correct & it explain purpose.
- All parameters have descriptive names?
- Does the code work? Does it perform its intended function, the logic is correct etc.
- Is all the code easily understood?
- Does it conform to your agreed coding conventions? These will usually cover location of braces, variable and function names, line length, indentations, formatting, and comments.
- Is there any redundant or duplicate code?
- Are Folder names and types in conformity with the content and standard of developing tools?
- Do loops have a set length and correct termination conditions?
- Do the names used in the program convey intent?
2 Documentation Check:
- Do comments exist and describe the intent of the code?
- Are all functions commented?
- Is the use and function of third-party libraries documented?
- Are data structures and units of measurement explained?
- Is there any incomplete code? If so, should it be removed or flagged with a suitable marker like ‘TODO’?
3 Security Check:
- Are all data inputs checked (for the correct type, length, format, and range) and encoded?
- Where third-party utilities are used, are returning errors being caught?
- Are output values checked and encoded?
- Are invalid parameter values handled?
4 Performance Check:
- Are there any obvious optimizations that will improve performance?
- Can any logging or debugging code be removed?
5 Testing
- Is the code testable? The code should be structured so that it doesn’t add too many or hide dependencies, is unable to initialize objects, test frameworks can use methods etc.
- Do tests exist, and are they comprehensive?
- Do unit tests actually test that the code is performing the intended functionality?
Download our Free Data Integrity App to access more related content.
Across the internet, there are millions of resources are available provide information about almost everything.
Here all useful Pharma IT Compliance & Inspection preparation information is available in your hands for your ready reference.
We recommended you this “Data Integrity” App which contains most important Pharma IT Compliance tricks & techniques which help you to understand
- Current Regulatory Agencies thinking on Data Integrity.
- Importance of Mock Inspection & its tricks and techniques how to conduct.
- Checklist for Inspection
- Best Practices for CSV.
- Useful Resources & References
So, let’s try this Free “Data Integrity” app & stay updated in world of Pharma IT compliance.
Be Innov@tive 