Skip to contents

RPACT Systems Development Policy

RPACT GbR

POL-RPACT-002

Version 1.0.0

POL-RPACT-002_Systems_Development_Policy.Rmd

 

RPACT GbR

Am Rodenkathen 11
23611 Sereetz
Germany
www.rpact.com

Copyright © 2025 RPACT GbR. All rights reserved.

Policy ID POL-RPACT-002
Title RPACT Systems Development Policy
Description This policy outlines the procedures for managing the development, modification, access, review, approval, and distribution of information systems within RPACT GbR.
Author Friedrich Pahlke
Reviewer Gernot Wassmer, Daniel Sabanés Bové
Creation date 2025-03-26
Version 1.0.0
Date of modification 2025-03-31
Effective date 2025-03-31

Purpose

This policy outlines RPACT’s approach to the development of information systems, including software tools and validation documents. The process ensures that all developments are fit for purpose, meet requirements, and are verified before release. The effort and documentation applied are appropriate to the risk and complexity of the system being developed.

Scope

This policy applies to all software and information system development activities carried out by RPACT GbR, including both internal tools (e.g. R packages) and externally delivered systems (e.g. rpact, RPACT Cloud).

Responsibilities

  • The RPACT partners are jointly responsible for the oversight and approval of each development project.
  • External contributors work under NDA and follow the same procedures as internal team members.

Development Lifecycle

Planning and Documentation of Approach

  • Each development project begins with the definition of scope and approach, captured either via GitHub Issues or internal documentation.
  • The selected approach is reviewed and agreed upon by both partners.

Requirements Definition

  • Functional and technical requirements are documented before development begins.
  • For client-driven projects, these requirements are clarified and agreed with the client (e.g., via meeting notes, emails, or issue tracking systems).

Design to Meet Requirements

  • The architecture and technical design of each system is aligned with the defined requirements.
  • Design decisions are documented where appropriate and validated by both partners.

Implementation and Configuration

  • Source code is developed in version-controlled repositories (e.g. GitHub or Subversion SVN).
  • Development on GitHub is carried out in isolated branches and merged via Pull Requests.

Verification Against Requirements

  • All systems are subject to rigorous automated testing using CI/CD pipelines.
  • We aim for a minimum unit test coverage of 80% during development, with transparent and traceable reporting available on codecov.io (e.g., see the rpact test coverage). However, for graphical user interfaces (GUIs), such high coverage cannot be guaranteed and is not required, given the nature of visual and interactive components; manual testing and visual validation are used to supplement automated processes in these cases.
  • Manual checks are performed as necessary for critical functions.

Approval to Release

  • No code or documentation is released without approval from at least one partner.
  • Approvals are documented either via GitHub (e.g., Pull Request review) or internal record (e.g., change log or validation document signature page).

Risk-Based Proportionality

  • The extent of documentation and formality of each step is proportional to the complexity and criticality of the system.
  • For minor updates or non-critical features, lightweight procedures may apply.
  • For GxP-relevant components, full validation and traceability are ensured.

Review of Policy

This policy is reviewed annually or when significant changes to the development approach occur.

Approved by:

Dr. Friedrich Pahlke
Prof. Dr. Gernot Wassmer

Date: 2025-03-31

Copyright © 2025 RPACT GbR. All rights reserved.