Professional Documents
Culture Documents
of the system to affect product quality and safety guidelines, and EU directives to ensure we had a
and record integrity" (1). global approach to risk assessment and mitiga-
Procter & Gamble (P&G) started developing a tion.
risk model by reviewing two available assess- To weave our way through all of these regula-
ment tools that showed some promise: the Soci- tions, we developed a decision-tree branching
ety of Quality Assurance Computer Validation method. The process is initiated by asking a se-
Initiative Committee's article on risk assessment ries of questions, starting with those indicated
and validation priority setting (3) and Interna- in Table 1.
tional Society for Pharmaceutical Engineering's If the business and technical system owners
(ISPE's) guidelines posted on their Web page performing the assessment know which regula-
(4). We realized that neither of these models ad- tions, directives, or guidelines apply to their ap-
dressed two of the three key objectives of the plication, they choose either of the first two an-
guidance: product quality and safety (of the swers and continue. If the owners are aware that
product and patients). The third key objective is the computerized systems do not handle any
record integrity. To ensure we addressed these regulated data, then they must still verify and
objectives, we listed the FDA predicate rules and document that their computerized system
guidances in our model. This led us to expand meets business and financial objectives; howev-
our development team to include experts from er, they can exit the RAMP process. If the busi-
all the good (regulatory) practice (GxPs), regula- ness and technical owners do not know whether
tory submission creation, and information tech- regulations, directives, or guidelines apply, then
nology (IT) areas. the model guides them to a series of specific
To develop our RAMP model, we used our reg- questions based directly on the regulations, di-
ulatory, IT, and quality assurance (QA) experts to rectives, and guidelines to ascertain which may
ensure the regulations and guidances promul- be relevant and whether a computerized system
gated by FDA and other regulatory authorities handles regulated data. For example, the first
were properly interpreted and applied. question in GMP determination asks:
The three main regulations we reviewed were Does your computerized system support the man-
the Good Clinical Practice (GCP) regulations ufacturing, analytical determinations prior to,
(21 CFR Part 312 151 and the International Con- during, or after of the manufacturing, testing,
ference on Harmonisation [ICH] GCPs (6]),the packaging, or storing processes: or distribution of
Good Laboratory Practice (GLP) standards (21 government regulated products, or are the records
CFR Part 58 [7]), and the Good Manufacturing within the system kept in order to prove compli-
Practice (GMP) regulations (21 CFR Parts 210 ance with regulations, guidances, or directives on
and 211 [ 8 , 9 ] )and the European Union's (EU's) the manufacturing, testing, packaging, storing or
Annex 11 (10).We also included the regulations distribution processes?
from the Prescription Drug Marketing Act If they answer yes to this question, RAMP di-
(PDMA [ll])and other FDA guidances, ICH rects them to eight specific GMP questions to
TABLE 1
Owstion 1: WLkb Rqpblbn, Directive, or Gddelha Applks to Your ComprtatizdSystem?
~ ~~
TABLE 2
TABLE 3
DOM Y#r hptuizod Systom H#k th Fobwing Dotar hfomdbn?
G M P s ( i i * ~ GIR GcR(iisuknisdaca)
ond sampling)
GMP master, botch produaion, ond Protocols EIectronK records from NDA/BIA
control records Amendments S u h
specifications SOPS Adverse event report/suhmhts
SOPS Rawdata Potientdatafrompiyglpl*ond*
Methods Findreports studies (eq,phase Ilb ond phase 111 dinicol
Processvdidotionrecords lndiidwlxienfbtreports studm)
Productreleose/stobiliidata, Somplechoinofcustody Patient dot0 from PK drug lo& dinicol
componentand lobeli records Test and control orlide: occountobiii, studiesand PK drugdrug interaction rtudii
3
Equipmentdeaningo uselogs
Returndrugprodudorsolwging
~rpaerizption,comntmh,
formUlation
records
Distributionrecords
otherdotdhmentsusedto
make product quahy dedsions,
comploint records, and varipnce
reports
If yes to one of these records, then your aiticalii is HIGH
If no, continue ...
Does Yorr Computerized System Handle h a Fdlowhg Data or Idarmtiom?
GMPs (induding dii'bution and GLPS GCPs (induding s u b m i i )
sampling)
Inventory records Archive indices Patient dot0 from nonpivotaldinicol dies
Equipment colibmiion and Auditreports PIltienthfromollPKstudiiexceptas
mointenonce logs Deviotionreportsandmemos noted for highrecordsof c h h y
Comultontrecords Equipmentcclribrationond
Annual produd reviews maintenonce logs
Moderschedule
Qwhy mswonce stotement
Studydirectorcon
Tartondc~doX~~mn
Test= pccountobilii,
dktn ,mointe~~~nce
If yes to one of these records, then your criticolii is MODERATE
Ifno,continue...
not pose a risk to patient and product safety, quality, and efficacy and drug manufacturing
product quality, or record integrity (eg. these process or the ability to reconstruct a regulated
recommendations could run from stringent au- process. Each system must be rated for the most
tomated checking controls for a high system to critical records it handles. The questions for
manual or process controls for a low system). GMP, GLP, and GCP are similar but are specific
to the types of electronic records in each regu-
GxP R E C O R D C R I T I C A L I T Y lated area. The RAMP model presents the asses-
The critically of a record is the extent to which a sor(s) with only the questions pertaining to
record is crucial to patient health, drug safety, their identified area (Table 3).
TABLE 3
Does Your Computerized System H a d o th Fdlowlng Data or Infonnatioll?
GMPs (includingdisttibutionand GLPS GCPS (including submissions)
sampling)
Validation records Validationrecords Finanaal didosure statements
Training records and CVs Troining recordsand CVs Investigator CVs
Facilities records Facilitiesrecords Validationrecords
Raport formatting records, etc Reportfwmottingrecords Training records and CVs
Other records Test system ordering, etc Focilitiesrecords
Other records Report formotting records
Protocok
Protocol amendments
Form FDA 1572
Drug inventory records (receipt, diiibution,
accountability)
Internal review boord/ethics boord
documents
Investigator's brochure
Sponsor SOPS
Other records
If yes to one of these records, then your criticoh is LOW
TABLE 4
&system f u r k .
Electronic hcopture Systems thot M i he electronic copture of h 3
Dotosntry/modificatiom Systems used to enter, n d y , or delete electronic data records 3
Doto c o k u k , transfolmation,or derivotion Systems used to mote new doreddata by chonging the data fwmat 2
(ie, chonggi on dpho to o numeric) or by deriving it from ofher
stored data
No& If there is o ' nificot impact on patient heohh or produdsofety
7
basedonhetypeo hbeingtmmformedorderived, increase
thii volue to 3
Dotoamepurhg e of data sets
S y s t m u s e d t o a n o l y z e ~ m a y b e i n t h form 2
or QmPhreports
submiicreoting Systems used to tdkte ond publish o regulatory s u b m i i or report 2
Systems used to move h o n K records from one platform to o& 1
of validation, audit trail, and record retention is deliverables and testing commensurate with an
part of the gap analysis process. The gap analy- overall computerized system risk level and com-
sis follows the requirements listed in 21 CFR plexity. Each system is assessed against each of
Part 11 (12) and was modified according to the the 25 requirements of Part 11. On the basis of
recommendations in the Guidance for Scope the justified assessment, this model instructs by
and Application (1). We have interpreted this providing specific remediation requirements for
guidance to consolidate or reduce validation each risk level.
TABLE 5
BUSINESS PRIORITY R A N K I N G
The business priority ranking (Table 8) is an op- modifications to the system based on areas
tional activity. It takes into consideration gov- identified as out of compliance in the 21 CFR
ernment audit findings on this or similar com- Part 11 gap analysis.
puterized systems and the ability of the business When a high-priority rank is determined, a
to manage or tolerate the impact of system un- system owner may want to use this to elevate the
availability. Priority ranking indicates the signif- risk to the next higher level to justify following
icance an organization should place on provid- the more stringent guidelines for validation,
ing resources toward any necessary remediation record retention, and audit trailing. For exam-
as determined by the gap analysis. ple, a warning letter on a low-risk system would
If an assessment is being done on a system pri- increase the business priority rank, and this
or to implementation, then there is no reason to could be used to justify elevating the system risk
identify a business priority ranking as any areas to require a more rigorous handling of this
identified in the gap analysis will be addressed system.
during system requirement analysis and imple- Adding together these two values will give the
mentation. While all areas determined by the business priority rank (a number from 0 to 10) for
gap analysis to be out of compliance must be your application.
corrected, in reality an organization may not
have readily available resources to address all COMPLIANCE PLANNING
needs of all systems as soon as they are identi- All systems that are in production and have ar-
fied. In this case, the business priority ranking eas out of compliance, as determined by the
can help them determine the order to apply the 21 CFR Part 11 gap analysis, must complete a
limited resources. compliance plan. A compliance plan consists
The business priority rank focuses on regula- of identifying discrepancies based on the 21
tory experience and system vulnerability. Each CFR Part 11 gap analysis, setting a priority to
of these areas is scored, and combining their these systems, and scheduling appropriate re-
scores provides a ranking number of 0 through sources and target completion dates to accom-
10. The ranking number determines appropri- plish the required tasks. The business priority
ate priority for managing resources for multiple rank should be used to allocate resources
systems within a single risk category (high, mod- within a compliance plan and for resources
erate, low). A higher business priority rank indi- that cross over functional areas (eg, IT
cates a higher urgency for the business to make resources).
TABLE 7
R d Retention Risk
SystemwiicomplywithpredJcptenrlsretenniorequirenmnntr
Note: If the system is not responsible for record retention, then there must be another validated process or system in place to handle
this requirement for the records generated by thissystem.
HM Moderate LOW
Retentionprocess preserves the Retentionprocess preserves the content Retentionprocess BUHVBS the contM and
tontent and meaning, ovides for and meaning, provides for occurate meaning, providesrn accurate retrieval, and is
J
occurate retrieval, a is a part of the
+em validation plan
retrieval, and is a part of the system
validation plan
a port of the system validation plan
Records can be readily retrieved Records can be readily retrieved during E-records are retainedin human-readable
during retention period retention period format (ie, paper, microfiche) or in common
e-format (ie, PDF)
E-records are retoined in human- E-records ore retained in human-readd.-
readable format
System has an automotedaudit boilas Physical record deletion is not ollowed System has control measures (automated OT
defined in 21 CFR Part 11: "Use of (but logical deletion is permissible) during nonautomated)
secure, computer- enerated, time- the record retention period
\
stamped audit trai to independently
record the date ond time of operator Changes to recordsdo not obscure
entries and actions that create, modify, previous entries
or delete electronic records. Record
changes shall not obscure reviody Nonroutine "system repair" work that
(R
recorded information. Su audit trail cannot be captured in an audit trail is
documentationshall be retained for a documented using appropriate system
'od at least as long m that required change procedures
h
t
resubject electronic records and
shall be moilable for agency review
and copying."
TABLE 7
Low
TABLE 8
Regulatory Experke: ckoou,One Coaditbnlbal Best ksuibes the Regulatory Experhe of Your Application
Conatloa Defhith Vdue
Warning letter within the industry Warning letter has been issued on this or similar computerizedsystem 5
here or within the industry
Critical Part 11 gap 21 CFR Part 11 gap analyses indicate a compliance outage in the system 5
that could pose a risk of receiving a warning letter.
483 and EIR within the industry 483 observation and EIR with requiredaction indicated has been issued 4
on this or similar computerized system here or within the industry
Significant Part 11 gap 21 CFR Part 11 gap analyses indicate a compliance outage in the system 4
that could pose a risk of receiving a 483 observation
System routinely inspected FDA typically looks at recordsfrom thistype of system during routine 3
inspections
No information No regulatory information available for this or similar computerized 3
systm
No 483; voluntary action indicated in EIR No 483 issued, comments made during debriefing; vduntary action 2
indicated in EIR
Not routinely inspected or not inspected FDA does not typically Id at records from this type of system during 1
impactions or has not performed an impech'on on thismtem
No 483; no action indicated FDA has inspectedthis systemhecords and made no comments or 0
indicated no actions
Vu- Choose One Codtion That Best Describes the B u s k s s Tobrowe of
TMs Applkatron Beiq Out of Production
Cornlition Definition Value
Low tolerance of dawntime (ie, less than a day) If the system should go dawn for a short period of time, then there wil 5
be a negative impact on patient health, product quahy, or business
obiectives
Low tolerance and contingency plan Ahhough there is a low tolerance of downtime, a tested contingency 4
plan is in place
Moderate tderance of dawntime (ie, 2-4 days) If the system should go dawn for a moderate period of time, then there 3
wil be moderate impact on patient health, product quality, or business
obiectives
Moderate tolerance and contingency plan Ahhough there is a moderate tolerance of downtime, a tested 2
contingency plan is in place
High tolerance of downtime (ie, 5t days) If the system should go dawn for a long period of time, then there wil 1
be M e impact on patient health, product quality, or business obiectives
Hightolerance and contingency plan There is a high tolerance of downtime and a tested contingencyplan is 0
in place
Drug Information Jo~u-nal Downloaded from dij.sagepub.com at UNIV OF CALIFORNIA SANTA CRUZ on April 4, 2015