UAT Roadmap: The Basics of UAT

By Editorial Team on October 17, 2023

Part 2 – The Basics of UAT: Responsibilities and Process

User Acceptance Testing (UAT) is a crucial phase in validating systems, particularly in regulated industries, including clinical research. In clinical research, UAT ensures that a system or software meets the requirements and expectations of study end-users and complies with applicable regulations (e.g., Good Clinical Practices – GCP, Good Lab Practices – GLP, 21 CFR Part 11). In this article, we will delve into the basics of UAT as it pertains to lab and clinical research, including: 

  • Who is responsible, 
  • What are their responsibilities, 
  • Planning for UAT, and 
  • An overview of the UAT process 

Who Is Responsible?

User Acceptance Testing (UAT) involves several roles to ensure the system’s readiness and acceptability. These roles include: 

  • The Sponsor, 
  • User Representative(s), 
  • Designated Builder(s), and 
  • Quality Assurance 

What Are Their Responsibilities? 


The sponsor is responsible for ensuring that User Acceptance Testing (UAT) is conducted before system use and ensures UAT documentation is completed. The sponsor may designate another party, such as a Clinical Research Organization (CRO), to conduct UAT. 

User Representative

A user representative represents an end-user’s needs, the end-user being anyone accessing the data collection system to input, review, and/or retrieve data. User representatives are tasked with performing the tests prescribed in the testing scripts during UAT. When testing, each team member must ensure: 

  • Data can be captured as described in the protocol, 
  • The study build does not hinder data collection, and  
  • Data integrity is upheld in compliance with relevant regulations. 

User representatives may include project managers, monitors, investigators, and data entry personnel. 

Designated Builder

The designated builder builds and manages the study build/database per the study protocol. Because they are most familiar with the study build and how it relates to the study protocol, they may assist in creating testing scripts. This role is also responsible for ensuring that study build/database requests made during UAT are documented from beginning to end – request submission, approval (if needed), implementation, and verification by another party (i.e., not the person who implemented the requested update), usually the requestor. 

Quality Assurance

Quality Assurance (QA) is vital in overseeing UAT – ensuring that UAT is completed, that the process aligns with company SOPs and policies, and that regulatory requirements are met. Therefore, QA must 

  • Understand how the data collection tool (e.g., electronic data capture (EDC) system) works to verify that it meets the necessary criteria and complies with regulations. 
  • Review the entire UAT process from 
    • Initial requirements to 
    • Testing scripts to 
    • Testing artifacts to 
    • Audit findings (i.e., feedback post-UAT – the documentation of request, change, and verification previously managed by the designated builder). 

Overall, UAT involves a collaborative effort with a clear focus on developing a study build/database to meet the requirements of the protocol, with the end-user needs and regulatory requirements in mind. 

When Should We Start Planning for UAT?

User Acceptance Testing (UAT) should be on the UAT team’s radar when selecting a data collection system. But getting ready for UAT really starts after a system has been chosen and validation begins. At this point, a subset of the UAT team – the designated builder and user representatives with input from Quality Assurance (QA) – will start working on the UAT document. If available, a User Requirements Specification (URS), outlining the requirements for the selected data collection system, can help guide the development of the UAT document – to formulate general testing scripts (e.g., which edit checks are needed, what regulatory requirements need to be met). 

What Does the UAT Process Look Like?

The User Acceptance Testing (UAT) process involves steps to ensure the system’s readiness and acceptability. 

  1. It begins with establishing clear system requirements, often detailed in the User Requirements Specification (URS) and the protocol. 
  2. During the system’s development phase, a basic UAT document is created. This document will list testing scripts. At this point, these scripts will likely be based on the URS and protocol requirements only.  
  3. In the meantime, Quality Assurance (QA) personnel should familiarize themselves with the data collection system in alignment with Quality by Design (QbD) principles. 
  4. While the study is in its build phase, testing scripts are developed for the upcoming UAT stage. There are generally two types of tests: 
    • General: These would apply across an organization’s studies and may be found in Standard Operating Procedures (SOPs). Examples include “Visit dates entered must not be set to a future date” or “Weight in pounds must be converted to kilograms.”
    • Study-specific: These would apply to a specific protocol and would be detailed in said protocol. Designated builders may assist in creating these testing scripts as they are most familiar with the study build as laid out by the protocol. Examples include a dosing calculation or “all roles except the treatment administrator is masked to treatment group.” 

As a general rule, if there is a requirement, there should be a test to ensure the requirement is met. 

  1. Finalize the UAT document, which now should include general testing scripts followed by study-specific testing scripts. 
  2. QA reviews the testing scripts to guarantee complete requirement coverage before testing begins. 
  3. A round of feedback is conducted to address any concerns and ensure that major changes are flushed out before UAT commences. This may be ad-hoc and does not require testing scripts. 
  4. After feedback and revisions are completed, and no significant changes to the study build are called for, UAT (i.e., running through the testing scripts) can begin per the designated builder’s greenlight. 
  5. And finally, UAT begins. User representatives run through the testing scripts and document their results. The designated builder can update the study build in real time or wait until UAT is complete. The latter is typically preferred so that all feedback can be synthesized before implementation. 
  6. After UAT is complete, all testing script results are documented in the UAT document. This document should also include study build/database update requests and verification that requested updates were implemented. 

From beginning to end, the UAT team must ensure that the UAT process and system design meet study requirements. Overall, this structured approach to UAT facilitates effective validation, leading to successful system implementation and regulatory compliance. And with that, we will close this article with a…

UAT Checklist

  1. Roles & Responsibilities: Ensure all UAT team members fully understand their roles and responsibilities. 
  2. Requirements: Verify that system requirements are clearly defined and comprehensive. 
  3. Regulatory Compliance: Ensure the data collection system meets all applicable standards and regulations. 
  4. SOP Compliance: Adhere to company Standard Operating Procedures (SOPs) throughout the UAT process, if applicable. 
  5. Testing Scripts: Review testing scripts to confirm they adequately cover study requirements. If there is a requirement, there should be a corresponding testing script. 
  6. Feedback: Gather and address feedback before UAT initiation to prevent major updates during UAT. 
  7. UAT: Use testing scripts to ensure study build meets end-user needs. 
  8. Documentation: Ensure UAT documentation is complete and aligns with established requirements. 

Learn More About UAT

Navigating User Acceptance Testing (UAT)

Looking to learn more about User Acceptance Testing (UAT)? Explore our collection of resources to understand how UAT ensures that your study database meets study requirements and expectations of end-users and complies with applicable regulations.