LSREL04-BP03 Establish reliability qualification procedures

Create formal verification procedures for reliability aspects of your system that align with regulatory expectations. Include installation qualification (IQ), operational qualification (OQ), and performance qualification (PQ) elements that verify reliability features like high availability, disaster recovery, and data backup and restore capabilities. Maintain these qualification records as part of your regulatory documentation.

Desired outcome: A formal, documented qualification process that verifies reliability features work as intended and meet regulatory requirements. The qualification procedures provide evidence that the system can reliably perform its intended functions under expected conditions and recover from failures, satisfying both technical reliability needs and regulatory requirements.

Common anti-patterns:

Focusing qualification only on functional aspects while neglecting reliability features.
Not including disaster recovery and failover testing in qualification procedures.
Qualifying systems only at initial deployment without re-qualification after significant changes.
Documenting only successful test results without capturing and addressing failures.
Separating reliability qualification from the overall validation process.
Using manual, non-repeatable qualification procedures that can't be consistently executed.

Benefits of establishing this best practice:

Provides documented evidence of reliability capabilities for regulatory adherence.
Thoroughly verifies reliability features before production use.
Establishes baseline performance for monitoring and continuous improvement.
Reduces risk of reliability-related findings during inspections.
Builds confidence in the system's ability to maintain data integrity during failures.
Creates a foundation for continuous adherence as systems evolve.

Level of risk exposed if this best practice is not established: Medium

Implementation guidance

Use AWS Systems Manager documents to create standardized qualification procedures.

Consider AWS Backup for testing and validating backup and recovery procedures.

Implement infrastructure as code using AWS CloudFormation for consistent, repeatable infrastructure deployment.

Use AWS Config to verify that production environments match qualified configurations.

Consider implementing AWS Resilience Hub to assess application resilience against defined resilience policies.

Use AWS Fault Injection Service to validate recovery procedures in a controlled manner.

Implementation steps

Define qualification protocols for reliability features (like HA, DR, or backup and restore) based on risk assessment.
Create IQ procedures to verify infrastructure components are properly installed and configured:

Validate AWS service configurations match design specifications.
Verify networking components, security controls, and monitoring systems.

Develop OQ procedures to test reliability features under normal conditions:

Test automatic failover between availability zones.
Verify data replication mechanisms function correctly.
Validate backup processes complete successfully.

Establish PQ procedures to verify performance under expected load and stress conditions:

Test system recovery after simulated failures.
Verify data integrity is maintained during recovery operations.
Validate system meets defined recovery time and point objectives.

Document qualification results with evidence of successful testing.
Implement change control procedures to maintain qualified state and determine when re-qualification is required.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

LSREL04-BP02 Implement risk-based reliability testing for regulated systems

Workload architecture