V5 Traceability - Smart FAQs
for Regulated Manufacturing

SG Systems Global positions itself as a supplier for regulated manufacturing environments. V5 Traceability is the company’s execution and traceability platform for process and batch operations where teams need controlled workflows, attributable evidence, and records that stand up to review, release, investigation, and audit pressure.

In practical terms, V5 is meant to help customers run production, quality, and inventory activities with defined steps, in-flow checks, and evidence captured at the point of execution instead of rebuilt later from paper and memory.

Related pages: About SG Systems • Leadership & Governance

V5 is aimed at regulated manufacturers that need more than after-the-fact reporting. The strongest fit is for operations that must execute work in a controlled sequence, capture deviations when they occur, and produce evidence quickly when QA, customers, or regulators ask questions.

The public site now consistently frames that fit around regulated manufacturing use cases across food, beverage, supplements, cosmetics, medical device, pharmaceutical, biotech, and similar environments where traceability and procedural control matter during the work itself.

V5 is presented as a unified execution layer that can cover MES-style execution, QMS-style quality workflows, and WMS-style inventory movement in one system. The exact depth depends on the selected tier and the scope you actually buy.

ERP is typically where planning, purchasing, inventory valuation, finance, and broader business records live. V5 is the execution layer that governs what happens on the floor in real time and captures the evidence trail automatically.

That distinction matters in regulated operations. A system that records the outcome later is not the same thing as a system that guides, constrains, and documents the work while it is happening. V5 is positioned for the second job.

ERP integration is available where purchased and scoped, but it is not automatically included in the subscription just because the customer has an ERP.

On the current site, “audit-ready” is not framed as magic compliance language. It is framed as controlled execution with evidence tied to the actual event. That means guided steps, required inputs and checks where configured, deviations captured when they occur, and records structured to support review and investigation.

• Evidence captured at point of execution to reduce transcription and timing drift
• Audit trail structures intended to support review and investigation workflows
• Trace-back / trace-forward and genealogy outputs intended to support response timelines
• Record structures that support review-by-exception instead of repeated reconciliation

That still does not remove customer responsibility. Control intent depends on intended use, configuration, SOPs, training, and validation.

The Leadership & Governance page is now explicitly governance-only. It defines who holds ownership for contracts and commercial commitments, software lifecycle control, release governance, compliance / audit-support coordination, onboarding governance, and support continuity.

That matters for procurement and quality teams because it answers a common supplier question directly: who is accountable when the issue is commercial, technical, validation-related, or operational? The site now gives a clearer answer than the old FAQ did.

The strongest starting point is the public demo intake flow. It lets a prospect define industry, evaluation drivers, regulations, outcomes, and demo segments before the meeting so the session reflects the real use case instead of a generic product tour.

SG Systems recommends a 60-minute evaluation, with support for extending to 90 minutes where a customer wants a broader review. After that, a paid POC may make sense if the customer wants to confirm fit using a real execution scenario rather than a sales demo.

See: Configure Your Demo

The current demo workflow is built around your intended use. Buyers should be ready to identify which workflows matter, which compliance expectations matter, which outputs they want to see, and what a “good fit” would look like internally.

• Your industry and core manufacturing flow
• Main evaluation drivers and desired outcomes
• Applicable regulations or standards
• ERP context, if any
• Validation expectations and rollout questions

The public demo page also explicitly tells prospects to avoid sharing proprietary formulas, patient data, or sensitive personal information in the intake notes.

Yes. A POC is presented as a paid, limited-scope engagement designed to confirm fit quickly using real execution and traceability, without pretending to be a full implementation.

Common POC outcomes include one end-to-end run, an eBR output, and, depending on tier, basic forward / backward traceability evidence. Common exclusions include ERP or accounting integrations, multi-site rollout, mass master-data migration, and validation services such as IQ/OQ/UAT unless they are explicitly purchased.

See: Implementation & POC Model

The public quote builder lets prospects model User-Based or Device-Based licensing and compare monthly vs annual billing. It is useful for early budget framing and internal discussion, but it is still a quoting tool — not the contract.

• It is focused on licensing
• Onboarding, integrations, validation, and go-live services are scoped separately
• The final commercial scope is established in the Order Form / Signed Proposal
• The contractual framework still sits in the MSA, with the SQA added where incorporated

Use the tools for direction. Use the Order Form for commitment.

See: V5 Quote Builder

Under the current MSA, customers must elect at least three active user licenses or at least one device-based license. A User License is assigned to a named individual and is not shareable. A Device License is assigned to a specific HMI and is tied to that hardware.

Starter quantities shown in public calculators are useful for estimation, but binding licensing terms come from the MSA and your signed commercial documents.

SG Systems offers both Hosted Services and On-Premise Installation. The current MSA states that On-Premise is the default deployment architecture unless Hosted is clearly elected on the Order Form / Signed Proposal.

The public system requirements page makes this much clearer than the old FAQ. In most deployments, customers use standard Windows tablets or PCs on the floor plus normal admin / QA workstations. On-Prem deployments also need a server environment to run SQL and V5 services.

• Production / warehouse / laboratory endpoints: Windows 10 / 11, 2.0 GHz quad-core, 4 GB RAM minimum, 100 GB free
• Control Center workstations: Windows 10+ 64-bit, 3.0 GHz quad-core, 8 GB RAM minimum
• On-Prem server baseline includes Microsoft SQL Server 2016 Standard or later and JRE 1.8+ (64-bit)
• Stable LAN / WLAN connectivity is required

See: V5 System Requirements

No. A Device is a dedicated human-machine interface such as a PC or tablet used by a person to access the software. Passive peripherals such as scanners, scales, and printers do not count as licensed Devices / HMIs unless they are expressly listed as licensed HMIs on the Order Form.

This is now stated consistently in the MSA and the System Requirements page.

• Barcode scanners: should be programmable for AIM ID and support CR/LF suffix where required
• Scales: supported via USB, Ethernet (TCP/IP), or RS232 depending on the device and integration approach
• Label printers: any networked printer that accepts ZPL (Zebra-compatible); static IP or DHCP reservation is recommended

The key point is that SG Systems does not force a bundled hardware model. The environment still needs to be engineered sensibly, but most customers can use standard industrial PCs / tablets plus supported peripherals.

For On-Premise, customer IT owns the infrastructure layer: servers, network security, patching, backups / DR, monitoring, supporting third-party licenses, and the practical connectivity required for endpoints, SQL, printers, and any approved remote support paths.

• Static IP is required for the V5 server
• Endpoints must be able to reach SQL on the configured port
• Only required ports should be opened and administrative access should be logged per IT policy
• Backups / restore testing and DR remain customer-owned unless otherwise agreed in writing

SG Systems supports the software. Customer IT owns the environment.

Yes. Onboarding is presented as a paid, one-time professional service. The public onboarding page frames it as a three-phase process:

• Plan & Prepare — kickoff, readiness confirmation, deployment / licensing / tier alignment, optional POC
• Setup & Train — configuration, data load, integrations if purchased, role-based training
• Validate & Launch — UAT, IQ/OQ support where applicable, change-control readiness, go-live

This is a better public explanation than “onboarding is included” hand-waving. Regulated implementations need structure.

See: Onboarding Process

• Kickoff and project management
• Readiness confirmation and deployment / licensing setup
• ERP Gap Analysis if purchased
• Data migration planning and master data load
• System configuration, roles / permissions, workflow templates, compliance-relevant settings
• Role-based training for operators, supervisors, QA, and IT
• Customer-specific API integration if purchased
• UAT / IQ/OQ assistance where included in scope

The actual scope still depends on the Order Form / Signed Proposal. The FAQ should explain the shape of onboarding, but not imply that every item is always included by default.

No. The current MSA is explicit that ERP integration, ERP Gap Analysis, and Custom API Integration are provided only if they are expressly purchased and described in the applicable Order Form / Signed Proposal.

That is the right answer operationally too. Integration scope depends on the ERP, the objects that exist, the workflow design, the quality of the data, and the customer’s validation expectations. Pretending it is always “included” would create project risk fast.

ERP Gap Analysis is the structured review of the customer ERP needed to confirm objects, fields, mappings, workflow gaps, and the most realistic interface / test approach before custom integration work begins.

On the public onboarding page, it is presented as a commonly purchased upfront service. That is the correct posture: it reduces rework, avoids fake assumptions about ERP readiness, and gives the project a clearer technical basis before code is written.

Related: Onboarding Process • Implementation Services

The current public material breaks timelines into practical chunks rather than one vague “go-live in X weeks” statement. Simpler POCs are shown in 1, 2, 3, or 7-day models depending on tier, while custom API integration work is estimated at roughly 1 to 4 weeks depending on complexity and customer access.

The real schedule depends on how quickly the customer can supply decisions, access, data, and the right people. Clean inputs make projects fast. Dirty inputs make projects look “complex” when the real issue is readiness.

The implementation estimator is useful because it forces a prospect to think in terms of tier, lines, operators, sites, optional integrations, and validation add-ons. That is good discipline.

But it is still informational only. The site states that subscription fees, taxes, and travel are not included, and that services and deliverables are included only if purchased and stated on the Order Form.

Use the estimator to shape a serious internal conversation. Use the Order Form to know what was actually bought.

V5 is presented as supporting regulated-use controls such as access control, audit trail, record integrity, electronic signatures, controlled workflows, and attributable evidence structures relevant to Part 11, Annex 11, and broader GMP-aligned expectations.

But the public compliance content now does a better job of stating the hard truth: software can support compliance, yet customer intended use, configuration, SOPs, training, access governance, and validation inside the customer quality system are still what make the deployment defensible.

SG Systems states that it provides access, during an active subscription and subject to confidentiality obligations, to its independent Assessment Documentation for V5 Software Version 5.9.

The public assessment page explains what this document is and is not. It is supplier-focused assessment content meant to support supplier qualification, CSV review, and audit discussion. It is not an FDA approval, a blanket certification, or a substitute for site validation.

See: Independent 21 CFR Part 11 Assessment

Customer remains responsible for intended use, process design, SOPs, training, validation strategy, execution, review, approval, and ongoing periodic review decisions within the customer quality system.

SG Systems provides software controls, documentation, and paid validation support services where purchased. It does not take over the customer quality system.

Yes. The public onboarding content now spells out that SG Systems can provide UAT planning structure, facilitation support, issue triage / retest coordination, IQ/OQ templates, and reasonable assistance — particularly for Enterprise customers or any customer that purchases those services in onboarding / implementation scope.

Final acceptance still belongs to Customer QA, and the customer remains responsible for execution, review, approval, and ongoing maintenance of validation records.

The MSA now states that major updates, patches, and enhancements are handled under a change-control approach appropriate for regulated environments. Significant Hosted updates are to be communicated in advance so customers can assess validation impact, with 30 days' notice for major Hosted updates except for emergency security patches.

Hosted deployment timing is provider-controlled. On-Prem update timing is customer-controlled. In both models, release notes and compliance-impact visibility matter because validation effort depends on what actually changed.

The Security & Trust page describes a risk-based information security program intended to protect confidentiality, integrity, and availability for customer data and services, especially in regulated manufacturing environments.

It also makes the operating model clearer: SG Systems describes itself as remote-first, with controls emphasizing identity, access management, secure endpoint use, controlled administration, periodic review, and documented security-relevant procedures.

See: Security & Trust

For Hosted Services, the MSA states that SG Systems will notify the customer within 24 hours of becoming aware of a Security Incident and provide a more detailed report within 3 business days, with follow-up reporting as needed.

For On-Premise, the customer controls incident management for customer-controlled infrastructure, while SG Systems supports software-focused issues consistent with the MSA and SQA.

If a problem may affect regulated records, audit trails, or data integrity, customers are directed to flag that explicitly by stating “Potential GxP / data integrity impact” in the subject line.

Customer retains ownership of Customer Data. SG Systems receives a limited right to process that data solely to provide the software and services, including support, troubleshooting, security monitoring, and obligations under the MSA.

Where required by law, privacy terms are handled through a Data Processing Addendum (DPA). The public material also states that subprocessors may be used under written agreements intended to protect customer data.

If privacy review matters for your engagement, this belongs in the contract review — not in assumptions.

Yes. The Security & Trust page says additional documentation may be provided to customers and qualified prospects, subject to confidentiality obligations and, where applicable, NDA terms.

• Change-management and release-documentation summaries
• Incident-response summary aligned to contractual obligations
• Backup / DR continuity summary aligned to deployment boundary
• Independent assessment documentation
• Subprocessor list and DPA template where applicable
• Structured SIG / CAIQ-style questionnaire responses when requested

That is a strong addition to the public site because supplier qualification teams usually ask for this material early.

Yes. The MSA states that SG Systems collects and processes Usage Data to operate, secure, support, and improve the software, troubleshoot issues, enforce licensing, and create aggregated / de-identified outputs.

• Essential telemetry for security, service delivery, and license enforcement is always active
• Non-essential analytics may be disabled by written notice per the provider process
• Raw Usage Data retention is limited to thirteen months unless a longer period is required for security, audit, or legal hold
• On-Prem note: some analytics capability may require outbound connectivity

• Severity 1 / Critical: response within 90 minutes (24/7/365), resolution within 4 hours
• Severity 2 / High: response within 4 business hours, resolution within 24 business hours
• Severity 3 / Medium: response within 8 business hours, resolution within 5 business days
• Severity 4 / Low: response within 2 business days, resolution within 10 business days

Business hours are defined in the MSA as Monday through Friday, 8:00 AM to 5:00 PM Central Time, excluding U.S. federal holidays, unless otherwise agreed in writing.

For Hosted Services, the current MSA states:

• 99.9% monthly uptime
• RTO: 4 hours
• RPO: 15 minutes
• Service credits may apply if certain Hosted SLA commitments are missed

Those Hosted uptime / backup / RTO / RPO commitments do not apply to On-Premise deployments. On-Prem customers own uptime and recovery for the environment unless otherwise agreed in writing.

Each Order Form establishes a 365-day subscription term. Terms auto-renew unless the customer provides written cancellation notice at least 30 days before the start of the next term.

The MSA also states that onboarding fees are billed upfront and are generally non-refundable once paid, and that fees are non-refundable unless expressly stated otherwise in the MSA or Order Form. Cancellation, non-use, or project abandonment does not create a refund right by default.

That is blunt, but it is clear — which is exactly what the FAQ should be.

Customer owns Customer Data. During the subscription, SG Systems will make commercially reasonable efforts to support export using standard export methods. For Hosted Services, Customer Data remains retrievable for 90 days post-termination upon request, provided all undisputed amounts have been paid.

Custom exports may require separate written agreement. The practical advice is simple: if offboarding is on the horizon, do not wait until the last week to talk about extraction.

The public pages now support a clearer order of precedence:

• 1. Order Form / Signed Proposal — scope, deployment election, tier selection, effective dates, and commercial selections
• 2. Supplier Quality Addendum (if incorporated) — regulated / GxP operational constructs and support boundaries
• 3. Master Services Agreement — broader legal, commercial, SLA, security, and customer-data framework

This FAQ, the Security & Trust page, and similar website summaries are informational aids. They are helpful, but they do not override the signed contract set.