Risk based validation and the road to reasonableness… Those of you who have been in on of my classes recently will understand why I answered the headline question with, “It Depends.” It has become an inside joke of mine that I never give a straight answer. By the time you finish one of my workshops, you understand why, “It Depends” is the most accurate answer to just about any question about validation.As professionals, we want our products to be safe. As professionals who want to stay out of trouble with regulatory agencies, we want our products to be safe. You can’t possibly test a bit of software enough to call it “safe” or to say it will make “safe” products. Through testing alone you can’t even tell me what “safe” means. You need to know what the intended use is. And, you need to know how risky that intended use is. And you need to be assured that the software will perform the intended use consistently. And you need to document this assurance. How sure do you need to be? It depends on how risky the intended use is. This is the crux of risk based validation.Risk based validation answers the question “How much is enough?”. It also is a thread that will weave its way through all of my posts. Risk based validation is not just something else you do, it is a mind set. It’s my mind set, so keep reading this blog. Or take my Risk Based CSV workshop (shameless plug). Either way, tell me what you think.