User Requirements

Insert logo
Specification

User Requirements Specification

Insert Project Name
Reference Number Enter the reference number
Version 01
Effective Date
Supersedes / Replaces
Responsible Department /
Owner

Name Role Date Signature

(DD-MM-YYYY)
Author

Reviewer

Approver

1 Contents
2 Overview.............................................................................................................................................3
3 Scope and Applicability........................................................................................................................3
4 References and Associated Documents...............................................................................................4
5 Requirements......................................................................................................................................5
5.1 System Requirements..................................................................................................................5
5.2 Business Process Workflow Administration.................................................................................6
5.3 Quality Event...............................................................................................................................6
5.4 CAPA............................................................................................................................................6
5.5 Change Control............................................................................................................................7
5.6 Inquiries and Complaints.............................................................................................................7
5.7 Audit / Audit Finding....................................................................................................................8
5.8 Out of Specification.....................................................................................................................8
5.9 Risk Management........................................................................................................................9
5.10 Supplier Quality Management.....................................................................................................9
5.11 Customers, Accounts, Products, Suppliers, Materials..................................................................9
5.12 Document Management System Requirements........................................................................10
Confidential Page 1/16 Enter Document Reference
 User Requirements
Insert logo
Specification

5.13 Training Management System Requirements............................................................................11

5.14 Report Requirements.................................................................................................................12
5.15 Artificial Intelligence..................................................................................................................13
5.16 Interfacing..................................................................................................................................13
5.17 Electronic Record / Electronic Signature / Audit trail................................................................13
5.18 Business Continuity....................................................................................................................14
5.19 Users and Licenses.....................................................................................................................15
6 Glossary.............................................................................................................................................15
7 Document History..............................................................................................................................15
8 Appendices........................................................................................................................................15

Confidential Page 2/16 Enter Document Reference

 User Requirements
Insert logo
Specification

2 Overview
The User Requirements document describes the business requirements for software to manage
processes outlined in Scope and Applicability to be implemented at insert company name.

This document describes, clearly and precisely what the system is supposed to do from a user’s point of
view. It defines the functions to be carried out, the data on which the system will operate and the
operating environment. The document also defines the system functionality and what functions are
required to support compliance with regulations and industry expectations.

The user requirements are defined with collaboration of end user. It is the basis for further design, build
and acceptance activities during the project lifecycle.

3 Scope and Applicability

The following processes are included in this URS (Add more processes as required):

 EQMS
o Audit
 Finding
o Quality Event
 Investigation
o Change Control
 Change assessments
 Action
o CAPA
 Action
 Effectiveness check
 Customers, Products and Materials
 Supplier Quality Management
 Inquiries and Complaints
 Document Management System
 Training Management System

Confidential Page 3/16 Enter Document Reference

 User Requirements
Insert logo
Specification

4 References and Associated Documents

 Add internal reference (SOPs, Work Instructions or Policies)
 PIC/S - Good Practices for Computerised Systems in regulated “GXP” Environments, PIC/S: PI
011-3
 EudraLex, The Rules Governing Medicinal Products in the European Union – Volume 4, Good
Manufacturing Practice, Medicinal Products for Human and Veterinary Use, Annex 11:
Computerised Systems
 EudraLex, The Rules Governing Medicinal Products in the European Union – Volume 4, Good
Manufacturing Practice, Medicinal Products for Human and Veterinary Use, Chapter 4:
Documentation
 AGIT, Guidelines for the Validation of Computerized Systems, Good Laboratory Practice (GLP),
Version 03
 FDA - General Principles of Software Validation, Final Guidance for Industry and FDA Staff, Fina
 FDA - 21 CFR Part 11, Electronic Records, Electronic Signatures, Final
 FDA - 21 CFR Part 11, Electronic Records, Electronic Signatures - Scope and Application, Final
 FDA – Glossary of Computerized System and Software Development Terminology (8/95)
(http://www.fda.gov/iceci/inspections/inspectionguides/ucm074875.htm)
 GAMP 5 – A Risk-Based Approach to Compliant GxP Computerized Systems, ISPE, ISBN 1-
931879-61-3, GAMP 5 /
 GAMP Good Practice Guide: Global Information Systems Control and Compliance, ISPE
(Publishers),
 EMEA - CPMP/ICH/135/95; ICH Topic E6 (R1); Guideline for Good Clinical Practice, Release 1
 Medicines & Healthcare products Regulatory Agency (MHRA) - ‘GXP’ Data Integrity Guidance
and Definitions
 Data Integrity and Compliance With CGMP Guidance for Industry
 PIC/S GOOD PRACTICES FOR DATA MANAGEMENT AND INTEGRITY IN REGULATED GMP/GDP
ENVIRONMENTS
 WHO - GUIDANCE ON GOOD DATA AND RECORD MANAGEMENT PRACTICES

Confidential Page 4/16 Enter Document Reference

 User Requirements
Insert logo
Specification

5 Requirements
(Adjust as needed for your company requirements)

5.1 System Requirements

Ref-No Description Mandatory /
Optional
1. The system shall be available as a SAAS
2. The system will be used by all company sites.
3. The system will be cloud based
4. The system will be available via a mobile device (smartphone
or tablet)
5. The system uses a multi-tenant platform infrastructure
6. The system provides the customer with a single tenant
instance that can be configured and maintained by the
customer.
7. The process workflows will be the same for all the sites.
8. The system will support the following number of sites:
(Insert number of sites)
9. The system will support the following number of users:
(Insert number of users)
10. The system will be accessible 24 hours per day / 7 days per
week except for needed downtime for maintenance
11. Upgrades are never pushed
12. Upgrades require the “opt-in” of the customer
13. It must be possible to send a notification by email at defined
steps
14. The system is configurable by the customer
15. Configuration is never changed by the vendor or any
upgrades that are provided
16. The platform is validated
17. Standard workflows are available for Deviations, CAPA,
Change Control, Audits, Supplier Quality Management, Risk
Management, OOS
18. Standard workflows are validated
19. System allows translation to the following languages:
(add required languages here)
20. The system shall provide the ability to set up user groups with
different levels of access
21. The system shall have searching capabilities within the
business process and overall level.
22. The system shall have the ability to import and export data.
23. The system shall have role-based access control. Security
provided at multiple levels

Confidential Page 5/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional
24. The system shall assign a unique identifier to each individual
record
25. The system shall allow the attachment of multiple files to a
record

5.2 Business Process Workflow Administration

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to capture the workflow
status of a record
2. The system shall provide the ability to create workflow rules,
which enforce the permitted sequencing of steps and events
for a specific object
3. The application shall provide the ability to perform
configurable process automation

5.3 Quality Event

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to record deviations and
suggested resolutions to the deviations
2. Allow different roles to complete their assigned
responsibilities for management of the process.
3. Ability to assign the record to a responsible person
4. Quality Event must contain the following information:
(List the data fields needed.)
5. Ability to raise a child investigation to record the investigation
6. Ability to assign the investigation to a responsible user

5.4 Nonconformance
Ref-No Description Mandatory /
Optional

1. The system shall provide the ability to record and investigate

failures to meet specifications or requirements for products,
materials or processes.
2. Allow different roles to complete their assigned
responsibilities for management of the process.
3. Ability to assign the record to a responsible person

4. Nonconformance must contain the following information:

(List the data fields needed.)

Confidential Page 6/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional

5. Ability to identify impacted lots and disposition the lot or lots

that are identified in the nonconformance.

6. Ability to assign actions related to the investigation,

correction and disposition of impacted lots.

5.5 CAPA
Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to capture measures
needed to correct and prevent identified problems
2. Allow different roles to complete their assigned
responsibilities for management of the process
3. Ability to assign the record to a responsible person
4. The system shall provide the ability to review and approve
the proposed actions
5. The system shall provide the ability to track the successful
completion of the action plan
6. The system shall provide the ability to review and approve
the implementation
7. CAPA must contain the following information:
(add required fields)
8. It must be possible to have an Effectiveness Check for each
CAPA
9. It must be possible to start the process from a related record,
or initiate a CAPA as a stand alone record.

5.6 Change Control

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to record and manage a
change
2. Allow different roles to complete their assigned
responsibilities for management of the process
3. Ability to assign the record to a responsible person
4. Change Control must contain the following information:
(add required fields)
5. Ability to create change assessments
6. Ability to create change actions

Confidential Page 7/16 Enter Document Reference

 User Requirements
Insert logo
Specification

5.7 Inquiries and Complaints

Ref-No Description Mandatory /
Optional
1. The system shall provide ability to create and track inquiries
2. The system shall provide the ability to track compliant
information and progress the complaint
3. Allow different roles to complete their assigned
responsibilities for management of the process
4. The system shall allow for evaluation of inquiries to
determine whether the case qualifies as a complaint and can
generate associated complaint if applicable
5. The system shall allow for the evaluation of complaints to
determine whether an investigation is necessary and can
record associated investigation/root cause information
6. Ability to assign the record to a responsible person
7. Complaint must contain the following information:
(add required fields)
8. The system shall allow for creation of a complaint assessment
which will determine if complaint is reportable
9. The system shall allow for creation of an investigation which
is linked to a complaint
10. The system shall enforce a confirmation about completion of
all assessments and investigations (if applicable) before
allowing the related complaint to be closed
11. The system shall provide the ability to categorize complaint
records by type with a designated code for reporting and
trending data
12. The system shall provide the ability to track, process and
report reportable events to the competent authorities for the
different markets across the globe.
13. The system shall provide the ability to log and track a product
return

5.8 Audit / Audit Finding

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to track and process
quality audit information
2. Allow different roles to complete their assigned
responsibilities for management of the process
3. Ability to assign the record to a responsible person
4. The system shall provide the ability to capture audit findings
5. The system shall provide the ability to assign tasks related to
an audit

Confidential Page 8/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional
6. The system shall provide the ability to record a problem (non-
conformance) that has occurred
7. Audit must contain the following information:
(List the data fields needed.)

5.9 Risk Management

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to assess, control and
review risks and log them as part of a risk register aligned
with ISO 14971.
2. Allow different roles to complete their assigned
responsibilities for management of the process.

3. Ability to assign the record and tasks to a responsible person

or persons

4. Risk record must contain the following information:

(List the data fields needed.)

5. Ability to perform and record a hazard analysis associated to

a risk register

6. Ability to perform and record a Failure Mode Effects Analysis

(FMEA) for Design, Process or Use of a Product

7. Ability to perform initial risk and residual risk assessments

8. Ability to define and assign the mitigation options to a
responsible user
9. Ability to define and assign mitigation actions to a responsible
user

5.10 Supplier Quality Management

Ref-No Description Mandatory /
Optional
1. The system shall provide ability to maintain broker, supplier
and manufacturing site records that gives an overview of all
related entities
2. Allow different roles to complete their assigned
responsibilities for management of the process
3. Ability to assign the record to a responsible person

Confidential Page 9/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional
4. The system shall provide ability to collaborate with supplier
on quality related records
5. Ability to link Materials to one or more suppliers
6. Ability to link a supplier to one or more suppliers

5.11 Customers, Accounts, Products, Suppliers, Materials

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to manage customers,
products, suppliers and materials and store associated
information for that object including specific account
identifiers
2. The system shall provide the ability to categorize such objects
by type

5.12 Document Management System Requirements

Ref-No Description Mandatory /
Optional
1. The system shall provide the ability to create, store, manage,
update and track electronic documents
2. The system shall provide the ability to progress a document
through a review cycle
3. The system shall provide version control, so changes can be
tracked from one version to another
4. Version control supports minor and major versions
5. Capability to assign one or multiple reviewers
6. Reviewers can add comments and complete the review
7. Reviewers can reject the document
8. System supports metadata to be added to the document
9. Can define one or multiple approvers
10. Approvers can approve or reject the document
11. The system provides the ability to create author, reviewer,
and approver groups and assign DMS users to those groups
which allow users to have the appropriate permissions to
perform functions in the system
12. Periodic review requirements can be maintained in the
metadata for the document
13. Notifications can be sent out when actions are required
14. Notifications can be sent out when a document becomes
approved
15. The system shall provide the ability to integrate with a
Training Management System (TMS) to allow for document

Confidential Page 10/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional
training items to be automatically created in the TMS when
approved in DMS
16. System can generate a pdf
17. System can generate a cover page
18. Information on the cover page can be configured
19. System can create a watermark for each document
highlighting the current status of the document
20. The following file types are supported doc, docx, xls, xlsx, ppt,
pptx
21. Ability to group documents in a folder structure based on
meta data attributes
22. Document Administrator: the application provides the ability
for an administrator to perform administrative functions such
as configurable document numbering, reconciling users,
manage permission sets and creation of document types and
departments. The administrator can also manage unlocking
documents as required
23. Ability to have different document types
24. Ability to create templates for document types
25. The system shall provide the ability to control print a
document that includes additional metadata such as printed
by, date printed, purpose, recipients, batch number, number
of times printed in the header and footer of the printed
document.
26. Ability to track controlled printing in an audit trailed.
27. Ability to notify the user that printed the document, when a
new version of a document becomes effective, so that they
can take appropriate action with the printed copy
28. Ability to control download the electronic file of a document
29. Ability to make a document effective immediately
30. Ability to set the document effective date based on a lag time
from last approval
31. Ability to set the effective date of a document based on
training thresholds

5.13 Training Management System Requirements

Ref-No Description Mandatory /
Optional
1. Ability to assign, deliver, and record completion of training
for personnel
2. Supports different types of training, such as classroom
trainings and document trainings

Confidential Page 11/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional
3. The system shall provide the ability to version training
courses and documents
4. The system shall provide the ability to release course and
document trainings to trainees
5. Ability to define retraining frequency
6. Quizzes can be created to test knowledge
7. Quizzes can be assigned to a training
8. Training plans can be created containing groups of
requirements
9. Training plans can be assigned to individuals
10. Individuals can have multiple training plans assigned to them
11. Instructors can sign off on trainings
12. Objective evidence can be attached to support the training
13. The system shall provide the ability for trainees to manage
the completion of assigned trainings
14. The system shall provide the ability for trainees to sign up for
instructor led trainings, and for instructors to enroll trainees
15. The system shall provide the ability for a Manager to review a
direct report’s assigned training records for compliance
16. The system shall provide the ability to add ad-hoc trainings to
a trainee’s plan
17. Reports are available to check completion of training and
overall compliance
18. The system shall have the ability to create custom training
reports
19. The system shall have the ability to interface with Document
Management application
20. The system shall provide administrators the ability to
schedule training notifications

5.14 Report Requirements

Ref-No Description Mandatory /
Optional
1. Any user must be able to create custom reports

2. Ability to create reports possible ad hoc

3. Ability for several end users to create a report at the same
time using the same data
4. Provide the ability to extract the data by using standard or
configurable reports

Confidential Page 12/16 Enter Document Reference

 User Requirements
Insert logo
Specification

Ref-No Description Mandatory /

Optional

5. Ability to create a report with point and click configuration

6. Ability to export data in a comma-separated value file or
excel
7. The system shall have the ability to display a user’s actionable
items in one place, assigned individually or by group, and
perform those actions on the records

8. Ability for every user to create dashboards to visually display

information
9. Ability for administrators to publish reports and dashboards
for all or a group of users
10. Ability to schedule reports and dashboards to automatically
run at a set frequency and be distributed to a defined list of
end users
11. The system shall support the creation, saving and sharing of
queries and/or filters

5.15 Artificial Intelligence

Ref-No Description Mandatory /
Optional
1. Ability to apply artificial intelligence to suggest auto
categorization of events and complaints for the end user
based on natural processing language
2. Ability to apply artificial intelligence to suggest insights of
related records for events and complaints for the end user
based on natural processing language

5.16 Interfacing
Please describe any other electronic systems that will be interfaced with this system. If not
needed this section can be deleted.
Describe what the user requires this interfacing to do e.g. provide equipment list and equipment
codes etc.
Ref-No Description Mandatory /
Optional
1. The system will be interfaced with:

Confidential Page 13/16 Enter Document Reference

 User Requirements
Insert logo
Specification

5.17 Electronic Record / Electronic Signature / Audit trail

Ref-No Description Mandatory /
Optional
1. Provide the ability to identify users uniquely for the life of the
system
2. Each electronic signature user account and password
combination shall be unique to one individual and shall not
be reused by, or reassigned to, anyone else
3. Provide the ability to de-activate users without losing their
history of activity in the system
4. Provide the ability to reset the password of a user if the
password is lost or potentially compromised
5. Provide a time-out feature due to user’s inactivity
6. Provide the ability to capture in an audit trail:
- User or administrator name
- Date and time of the event
- Old data or value in case of modification or deletion
- Reason for modification (as deemed applicable)
7. Ability to generate time-stamped workflow audit trails to
independently record the date and time of user workflow
actions
8. Prevent the users from turning off the audit trail
9. Allow the administrator to define which objects are audit
trailed
10. Audit trail must be printable
11. Provide the ability to prompt the user to sign electronically in
the proper sequence
12. Provide the ability to ensure users are:
- Aware of which record he/she is signing
- Aware of the context in which their signature is to be
used (e.g. approval).
13. Electronic signatures shall employ at least two distinct
identification components such as a user identification code
and password
14. Each individual electronic signature shall be linked to the
associated electronic record and the user performing the
signature
15. The system shall enforce the uniqueness of each combined
identification code and password, such that no two
individuals have the same combination of identification code
and password

Confidential Page 14/16 Enter Document Reference

 User Requirements
Insert logo
Specification

5.18 Business Continuity

Ref-No Description Mandatory /
Optional
1. Maximum un-availability acceptable is 15 min for planned
maintenance
2. Maximum loss of data in case of disaster is 4 hour or less of
data entry (RPO)
3. Maximum downtime until the system is back up and running
after a disaster is 12h or less (RTO)
4. Site contingency plan must be available to describe how the
users will operate manually using paper to cover processes
usually managed by the system
5. Provide the ability to back up and restore the application
6. Provide ability to back up, archive and restore audit trail
7. Data is stored in at least to geographically separate server
locations

5.19 Users and Licenses

Ref-No Description Mandatory /
Optional
1. User management is performed by local administrators at the
site level
2. Each local administrator can activate a user at the site
3. The system shall provide the ability to set up user groups with
different levels of access
4. Different types of licenses are available of the users:
- admin license
- full user license
- read only license
5. Licenses are valid for all current and future modules that are
part of the subscription
6. The system shall provide the ability to restrict access to
records and their child records to select users using pre-
defined user lists.

6 Glossary

7 Document History
Version Effective Date Summary of Changes

Confidential Page 15/16 Enter Document Reference

 User Requirements
Insert logo
Specification

8 Appendices

Confidential Page 16/16 Enter Document Reference