Software validation poses a serious dilemma for regulated companies. They are required to perform validation, but there’s no prescribed method for doing it. There are guidance documents that encourage risk assessment, but there’s no specified formula for calculating risks. There’s no one “right” way to conduct software validation.