Typically, there should be a set of procedures to determine a validation or quality conclusion prior to implementation, as well as on an ongoing basis (e.g., periodic reviews, internal/external audits). Exacting that a system is “certified” by a third party might be required if the sponsor has a policy or procedure in place that promotes this expectation. A sponsor might choose to have independent reviews of the system performed by an in-house group or leverage an independent third-party, external organization. The more layers of quality assurance (e.g., independent review and assessment) definitely provide for more confidence in the overall validation effort and validated state of the system. The sponsor determines whether or not it is a required activity.
