Professional Documents
Culture Documents
Overview of Computerized Systems Compliance Using The GAMP 5 Guide
Overview of Computerized Systems Compliance Using The GAMP 5 Guide
GAMP Objectives
GAMP guidance aims to achieve
computerized systems that are fit for
intended use and meet current regulatory
requirements, by building upon existing
industry good practice in an efficient and
effective manner.
Guidance
It is not a prescriptive method or a standard,
but..
Pragmatic guidance
Approaches
Tools for the practitioner
Calibration
Legacy Systems
Laboratory
VPCS
ERES
Testing
Data Archiving Global
Information Systems
IT Infrastructure
Drivers
Other Drivers
Avoid duplication
Leverage suppliers
Scale activities
Reflect today
Configurable packages
Development models
8
Key Objectives
patient safety
product quality
data integrity
9
GAMP
Document
Structure
10
Key Concepts
Life Cycle
Quality Risk Management
Regulated Company Activities
Supplier Activities
Efficiency Improvements
11
5 Key Concepts
12
CQAs / CPPs
14
15
Verifies
User Requirement
Specification
Performance
Qualification
Report
Functional
Specification
Specify
Design
Specification
RiskManagement
Plan
Verifies
Verifies
Operational
Qualification
Verify
Installation
Qualification
Configure
& Code
System
Build
Figure
3.3: A General Approach for Achieving Compliance and Fitness for Intended Use
Figure xx: A Basic Framework For Achieving Compliance
and Fitness For Intended Use
Source Figure 3.3, GAMP 5 A Risk Based Approach to Compliance GxP Computerized Systems Copyright ISPE 2008. All rights reserved.
Risk
Complexity and Novelty
Supplier
17
Control
Communication
Focus on patient safety,
product quality,
and data integrity
Review
Based on
ICH Q9
18
Assess:
Suitability
Accuracy
Completeness
Flexibility:
Format
Structure
19
21
Requirements
Process
Knowledge
Regulatory
Requirements
Company
Quality Regs.
Specification
and Design
Verification
Acceptance
and
Release
Operations &
Continuous
Improvement
GAMP 5
GAMP 5
GAMP 5
GAMP 5 GAMP 5
Planning
Specification
Verification
Reporting
Ongoing
Configuration
and
Operations
Coding
Release
Risk Management
Design Review
Change Management
The Specification, Design, and Verification Process Diagram from ASTM E2500
Governance
23
24
Planning
Activities
Responsibilities
Procedures
Timelines
See Appendix M1
26
27
Verification
Testing
Reviews
Identify defects!
28
Supporting Processes
Risk Management
Change and Configuration Management
Design Review
Traceability
Document Management
29
Design Review
Planned
Systematic
Identify Defects
Corrective Action
Scaleable
Rigor/Extent
Documentation
30
Traceability
Requirements
Specification
Verification
Design
Configure/Code
GAMP 5 Categories
Continuum
Category
GAMP 4
GAMP 5
Operating system
Infrastructure software
Firmware
No longer used
Non-configured products
Configurable software
packages
Configured products
Custom applications
GAMP 5
Quality Risk Management
33
34
Definitions
Harm
Hazard
Risk
Severity
35
Outputs
User Requirements
GxP or non-GxP
GxP Regulations
Major Risks
Considered
Previous Assessments
Dont repeat unnecessarily!
Overall Risk
36
Inputs
Specifications
System Architecture
Outputs
List of Functions to
be further evaluated
Categorization of
Components
37
Inputs
Functions from Step 2
SME Experience
Scenarios
Possible Hazards
Outputs
Breakdown of Risks
to Low, Medium and
High.
Detailed
Assessments and
Mitigation for High
38
High
Medium
Low
Probability
Severity
Class 1
High
Class 2
Medium
Low
Class 3
40
Risk Class
Low
Medium
High
Detectability
Priority 1
1
Priority 2
2
3
Priority 3
41
Outputs
Mitigation Strategies
Scenarios with
High Risk from
Functional
Analysis
43
Frequency and
extent of any
periodic review
should be based on
the level of risk
44
Risk-Based Decisions
What do they impact ?
45
Operation Appendices
O1 Handover
O2 Establishing & Managing
Support Services
O3 Performance Monitoring
O4 Incident Management
O5 Corrective and
Preventive Action (CAPA)
Performance Monitoring
O6 Operational Change &
Configuration Management
O7 Repair Activity
O8 Periodic Review
O9 Backup and Restore
O10 Business Continuity
Management
O11 Security Management
O12 System Administration
O13 Archiving and Retrieval
46
Summary
GAMP 5 provides more flexibility in the
number and types of validation lifecycle
products used.
Application of Risk and use of SME
Knowledge are keys to success
47