SlideShare a Scribd company logo
1 of 47
Download to read offline
Overview of
Computerized Systems Compliance
Using the GAMP® 5 Guide
Jim John
ProPharma Group, Inc.
(816) 682-2642
jim.john@propharmagroup.com
Who Cares About CSV?
• Systems throughout the organization involved
in the development, production, storage and
distribution of pharmaceutical products or
medical devices have to be considered
• Resources involved in any way with IT,
computer, or automated systems is affected:
– Developers
– Maintainers
– Users
Purpose of This Presentation
• To discuss and clarify key topics
• Get to know the evolution of the GAMP
Methodology to the latest release
• Consider where GAMP 5 concepts can
improve your existing methodology
GAMP Objectives
GAMP® guidance aims to achieve
computerized systems that are fit for
intended use and meet current regulatory
requirements, by building upon existing
industry good practice in an efficient and
effective manner.
4
Guidance
• It is not a prescriptive method or a standard,
but..
– Pragmatic guidance
– Approaches
– Tools for the practitioner
• Applied with expertise and good judgement
5
Evolution of GAMP Guidance
54321
Calibration Legacy Systems
Laboratory VPCS
ERES Testing
Data Archiving Global
Information Systems
IT Infrastructure
Drivers
Other Drivers
• Avoid duplication
• Leverage suppliers
• Scale activities
• Reflect today
– Configurable packages
– Development models
8
Key Objectives
9
patient safety
product quality
data integrity
10
GAMP
Document
Structure
Main Body Overview
• Key Concepts
• Life Cycle
• Quality Risk Management
• Regulated Company Activities
• Supplier Activities
• Efficiency Improvements
11
5 Key Concepts
• Life Cycle Approach Within a QMS
• Scaleable Life Cycle Activities
• Process and Product Understanding
• Science-Based Quality Risk Management
• Leveraging Supplier Involvement
12
User and Supplier Life Cycles
Product and Process Understanding
• Basis of science- and risk-based decisions
• Focus on critical aspects
– Identify
– Specify
– Verify
• CQAs / CPPs
14
Life Cycle Approach Within a QMS
• Suitable Life Cycle
–Intrinsic to QMS
• Continuous improvement
15
Specify
Plan
Verify
Configure
& Code
Report
RiskManagement
A Basic Framework For Achieving Compliance
and Fitness For Intended Use
Figure xx:
Figure 3.3: A General Approach for Achieving Compliance and Fitness for Intended Use
Source Figure 3.3, GAMP 5 A Risk Based Approach to Compliance GxP Computerized Systems © Copyright ISPE 2008. All rights reserved.
GAMP V Model Transition
VerifiesUser Requirement
Specification
Functional
Specification
Design
Specification
System
Build
Installation
Qualification
Operational
Qualification
Performance
Qualification
Verifies
Verifies
Scaleable Life Cycle Activities
• Risk
• Complexity and Novelty
• Supplier
17
Science Based Quality Risk
Management
Focus on patient safety,
product quality,
and data integrity…
18
Assessment
Control
Communication
Review
Based on
ICH Q9
Leveraging Supplier Involvement
• Assess:
– Suitability
– Accuracy
– Completeness
• Flexibility:
– Format
– Structure
• Requirements
gathering
• Risk assessments
• Functional / other
specifications
• Configuration
• Testing
• Support and
maintenance 19
Life Cycle Phases
Compatibility with Other Standards
ASTM E2500 Standard Guide for
Specification, Design, and Verification of
Pharmaceutical and Biopharmaceutical
Manufacturing Systems and Equipment
21
GAMP 5
Ongoing
Operations
GAMP 5
Reporting
and
Release
GAMP 5
Verification
GAMP 5
Specification
Configuration
Coding
GAMP 5
Planning
GAMP5 and ASTM E2500
Good Engineering Practice
Risk Management
Design Review
Change Management
Requirements Specification
and Design
Verification Acceptance
and
Release
Operations &
Continuous
Improvement
Product
Knowledge
Process
Knowledge
Regulatory
Requirements
Company
Quality Regs.
The Specification, Design, and Verification Process – Diagram from ASTM E2500
Governance
• Policies and procedures
• Roles and responsibilities
• Training
• Supplier relationships
• System inventory
• Planning for compliance & validation
• Continuous improvement
23
Stages Within the Project Phase
• Planning
• Specification, configuration, and
coding
• Verification
• Reporting and release
24
Overview of Computerized Systems Compliance Using the GAMP® 5 Guide
Planning
• Activities
• Responsibilities
• Procedures
• Timelines
26
See Appendix M1
Specification, Configuration, &
Coding
• Specifications allow
– Development
– Verification
– Maintenance
• Number and level of
detail varies
• Defined process
27
Verification
• Testing
• Reviews
• Identify defects!
28
Supporting Processes
• Risk Management
• Change and Configuration Management
• Design Review
• Traceability
• Document Management
29
Design Review
• Planned
• Systematic
• Identify Defects
• Corrective Action
• Scaleable
– Rigor/Extent
– Documentation
30See also Appendix M5
Traceability
Requirements
Specification
Design
Verification
Configure/Code
GAMP 5 Categories
Category GAMP 4 GAMP 5
1 Operating system Infrastructure software
2 Firmware No longer used
3 Standard software packages Non-configured products
4
Configurable software
packages
Configured products
5 Custom (bespoke) software Custom applications
Continuum
GAMP 5
Quality Risk Management
33
Critical Processes are Those Which:
• Generate, manipulate, or control data supporting
regulatory safety and efficacy submissions
• Control critical parameters in preclinical, clinical,
development, and manufacturing
• Control or provide information for product release
• Control information required in case of product recall
• Control adverse event or complaint recording or
reporting
• Support pharmacovigilance (investigation of Adverse
risks)
34
Definitions
• Harm Damage to health, including the
damage that can occur from loss
of product quality or availability.
• Hazard The potential source of harm.
• Risk The combination of the
probability of occurrence of harm
and the severity of that harm.
• Severity A measure of the possible
consequences of a hazard.
35
Step 1 – Initial Risk Assessment
• Based on business processes, user requirements, regulatory
requirements and known functional areas
36Don’t repeat unnecessarily!
Inputs Outputs
GxP or non-GxP
Major Risks
Considered
Overall Risk
User Requirements
GxP Regulations
Previous Assessments
Step 2 – Identify Functions with GxP Impact
• Functions with impact on patient safety, product quality, and
data integrity
37
Specifications
System Architecture
Categorization of
Components
Inputs Outputs
List of Functions to
be further evaluated
Step 3 – Perform Functional Risk Assessments
& Identify Controls
Functions from Step 2
SME Experience
Scenarios
Possible Hazards
38
Breakdown of Risks
to Low, Medium and
High.
Detailed
Assessments and
Mitigation for High
Inputs Outputs
Functional Risk Assessment
• Identify
– Hazards and risk scenarios
– Severity – impact on safety quality or
other harm
– Probability
– Detectability
39
GAMP Risk Assessment Tool
40
Probability
Severity
Low
Medium
High
Low
Medium
High
Class 3
Class 2
Class 1
A simple two-step process:
Plot Severity vs. Probability to obtain Risk Class
GAMP Risk Assessment Tool
41
Priority 1
Priority 3
Priority 2
3
2
1
High
Medium
Low
RiskClass Detectability
Plot Risk Class vs. Detectability to obtain Risk Priority
Step 3 (continued) Controlling the Risk
42
Mitigation Strategies
• Change the process
• Change the design
• Add new features
• Apply external
procedures
Scenarios with
High Risk from
Functional
Analysis
Inputs Outputs
Step 4 – Implement & Verify Appropriate
Controls
• Verification activity
should demonstrate
that the controls are
effective in performing
the required risk
reduction.
43
Step 5 – Review Risks Monitor Controls
Establish Periodic Review
of Control Effectiveness
Apply Risk Process in
Change Management
Activities
44
Frequency and
extent of any
periodic review
should be based on
the level of risk
Risk-Based Decisions
What do they impact ?
• Number and depth of design reviews
• Need for, and extent of, source code review
• Rigor of supplier evaluation
• Depth and rigor of functional testing
45
Operation Appendices
• O1 – Handover
• O2 – Establishing & Managing
Support Services
• O3 – Performance Monitoring
• O4 – Incident Management
• O5 – Corrective and
Preventive Action (CAPA)
• Performance Monitoring
• O6 – Operational Change &
Configuration Management
• O7 – Repair Activity
• O8 – Periodic Review
• O9 – Backup and Restore
• O10 – Business Continuity
Management
• O11 – Security Management
• O12 – System Administration
• O13 – Archiving and Retrieval
46
Summary
• GAMP 5 provides more flexibility in the
number and types of validation lifecycle
products used.
• Application of Risk and use of SME
Knowledge are keys to success
47

More Related Content

What's hot

Overview on “Computer System Validation” CSV
Overview on  “Computer System Validation” CSVOverview on  “Computer System Validation” CSV
Overview on “Computer System Validation” CSVAnil Sharma
 
Computer system validation
Computer system validationComputer system validation
Computer system validationGaurav Kr
 
computer system validation
computer system validationcomputer system validation
computer system validationGopal Patel
 
Computerized system validation_final
Computerized system validation_finalComputerized system validation_final
Computerized system validation_finalDuy Tan Geek
 
Computer System Validation
Computer System ValidationComputer System Validation
Computer System ValidationEric Silva
 
Computerized System Validation Business Intelligence Solutions
Computerized System Validation Business Intelligence SolutionsComputerized System Validation Business Intelligence Solutions
Computerized System Validation Business Intelligence SolutionsDigital-360
 
Risk assessment for computer system validation
Risk assessment for computer system validationRisk assessment for computer system validation
Risk assessment for computer system validationBangaluru
 
Computer system validation review article by-mahesh b wazade
Computer system validation review article by-mahesh b wazadeComputer system validation review article by-mahesh b wazade
Computer system validation review article by-mahesh b wazadeMahesh B. Wazade
 
21 cfr part 11 an approach towards compliance
21 cfr part 11   an approach towards compliance21 cfr part 11   an approach towards compliance
21 cfr part 11 an approach towards compliancedeepak mishra
 
Computer Software Assurance (CSA): Understanding the FDA’s New Draft Guidance
Computer Software Assurance (CSA): Understanding the FDA’s New Draft GuidanceComputer Software Assurance (CSA): Understanding the FDA’s New Draft Guidance
Computer Software Assurance (CSA): Understanding the FDA’s New Draft GuidanceGreenlight Guru
 
Risk Based Approach CSV Training_Katalyst HLS
Risk Based Approach CSV Training_Katalyst HLSRisk Based Approach CSV Training_Katalyst HLS
Risk Based Approach CSV Training_Katalyst HLSKatalyst HLS
 
21 cfr part 210 and 211
21 cfr part 210 and 21121 cfr part 210 and 211
21 cfr part 210 and 211Bhanu Chava
 
Good Automated Manufacturing Practices
Good Automated Manufacturing PracticesGood Automated Manufacturing Practices
Good Automated Manufacturing PracticesPrashant Tomar
 
Equipment qualification of medical device
Equipment qualification of medical deviceEquipment qualification of medical device
Equipment qualification of medical deviceNahri Musyrif
 

What's hot (20)

Overview on “Computer System Validation” CSV
Overview on  “Computer System Validation” CSVOverview on  “Computer System Validation” CSV
Overview on “Computer System Validation” CSV
 
Computer system validation
Computer system validationComputer system validation
Computer system validation
 
computer system validation
computer system validationcomputer system validation
computer system validation
 
Computerized system validation_final
Computerized system validation_finalComputerized system validation_final
Computerized system validation_final
 
Computer System Validation
Computer System ValidationComputer System Validation
Computer System Validation
 
21 cfr part 11 basic
21 cfr part 11 basic21 cfr part 11 basic
21 cfr part 11 basic
 
Computerized System Validation Business Intelligence Solutions
Computerized System Validation Business Intelligence SolutionsComputerized System Validation Business Intelligence Solutions
Computerized System Validation Business Intelligence Solutions
 
Risk assessment for computer system validation
Risk assessment for computer system validationRisk assessment for computer system validation
Risk assessment for computer system validation
 
Computer system validation review article by-mahesh b wazade
Computer system validation review article by-mahesh b wazadeComputer system validation review article by-mahesh b wazade
Computer system validation review article by-mahesh b wazade
 
21 CFR PART 11
21 CFR PART 1121 CFR PART 11
21 CFR PART 11
 
21 cfr part 11 an approach towards compliance
21 cfr part 11   an approach towards compliance21 cfr part 11   an approach towards compliance
21 cfr part 11 an approach towards compliance
 
Gamp 5 overview by jaya prakash ra
Gamp 5 overview by jaya prakash raGamp 5 overview by jaya prakash ra
Gamp 5 overview by jaya prakash ra
 
Computer Software Assurance (CSA): Understanding the FDA’s New Draft Guidance
Computer Software Assurance (CSA): Understanding the FDA’s New Draft GuidanceComputer Software Assurance (CSA): Understanding the FDA’s New Draft Guidance
Computer Software Assurance (CSA): Understanding the FDA’s New Draft Guidance
 
Cfr 21 part 11
 Cfr 21 part 11 Cfr 21 part 11
Cfr 21 part 11
 
Risk Based Approach CSV Training_Katalyst HLS
Risk Based Approach CSV Training_Katalyst HLSRisk Based Approach CSV Training_Katalyst HLS
Risk Based Approach CSV Training_Katalyst HLS
 
Change control
Change controlChange control
Change control
 
21 cfr part 210 and 211
21 cfr part 210 and 21121 cfr part 210 and 211
21 cfr part 210 and 211
 
Understanding 21 cfr part 11
Understanding 21 cfr part 11Understanding 21 cfr part 11
Understanding 21 cfr part 11
 
Good Automated Manufacturing Practices
Good Automated Manufacturing PracticesGood Automated Manufacturing Practices
Good Automated Manufacturing Practices
 
Equipment qualification of medical device
Equipment qualification of medical deviceEquipment qualification of medical device
Equipment qualification of medical device
 

Similar to Overview of Computerized Systems Compliance Using the GAMP® 5 Guide

Quality by design pptx.pdf
Quality by design pptx.pdfQuality by design pptx.pdf
Quality by design pptx.pdfChaitaliAgrawal6
 
GOOD ENGINEERING PRACTICES
GOOD ENGINEERING PRACTICESGOOD ENGINEERING PRACTICES
GOOD ENGINEERING PRACTICESAditya Singh
 
The 5 core tools are recognized as standard quality tools for the automotive ...
The 5 core tools are recognized as standard quality tools for the automotive ...The 5 core tools are recognized as standard quality tools for the automotive ...
The 5 core tools are recognized as standard quality tools for the automotive ...arvindsinghrathore6
 
Quality Laggards.pdf
Quality Laggards.pdfQuality Laggards.pdf
Quality Laggards.pdfNishaVatwani
 
Risk minor major critical
Risk minor major criticalRisk minor major critical
Risk minor major criticalyasser mekky
 
risk based testing and regression testing
risk based testing and regression testingrisk based testing and regression testing
risk based testing and regression testingToshi Patel
 
Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...Ahmed Hasham
 
Risk Management integrated pub
Risk Management integrated pubRisk Management integrated pub
Risk Management integrated pubManfred Walder
 
Data integrity - the review process
Data integrity - the review processData integrity - the review process
Data integrity - the review processpi
 
21st Century Regulatory Step by Step Compliance Part-1
21st Century Regulatory Step by Step Compliance Part-121st Century Regulatory Step by Step Compliance Part-1
21st Century Regulatory Step by Step Compliance Part-1Md. Saddam Nawaz
 
APQP Training presentation
APQP Training  presentationAPQP Training  presentation
APQP Training presentationQualsys Ltd
 
Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...
Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...
Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...Greenlight Guru
 
Process Analytical Technology (PAT)
Process Analytical Technology (PAT)Process Analytical Technology (PAT)
Process Analytical Technology (PAT)Krupa Dharwadker
 
Quality by Design
Quality by DesignQuality by Design
Quality by DesignTeny Thomas
 

Similar to Overview of Computerized Systems Compliance Using the GAMP® 5 Guide (20)

Quality by design pptx.pdf
Quality by design pptx.pdfQuality by design pptx.pdf
Quality by design pptx.pdf
 
GOOD ENGINEERING PRACTICES
GOOD ENGINEERING PRACTICESGOOD ENGINEERING PRACTICES
GOOD ENGINEERING PRACTICES
 
The 5 core tools are recognized as standard quality tools for the automotive ...
The 5 core tools are recognized as standard quality tools for the automotive ...The 5 core tools are recognized as standard quality tools for the automotive ...
The 5 core tools are recognized as standard quality tools for the automotive ...
 
5. QbD.pptx
5. QbD.pptx5. QbD.pptx
5. QbD.pptx
 
SQA.ppt
SQA.pptSQA.ppt
SQA.ppt
 
Quality Laggards.pdf
Quality Laggards.pdfQuality Laggards.pdf
Quality Laggards.pdf
 
Risk minor major critical
Risk minor major criticalRisk minor major critical
Risk minor major critical
 
t map brief
t map brieft map brief
t map brief
 
risk based testing and regression testing
risk based testing and regression testingrisk based testing and regression testing
risk based testing and regression testing
 
Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...
 
Risk Management integrated pub
Risk Management integrated pubRisk Management integrated pub
Risk Management integrated pub
 
Apply Risk Management to Computerized and Automated Systems
Apply Risk Management to Computerized and Automated SystemsApply Risk Management to Computerized and Automated Systems
Apply Risk Management to Computerized and Automated Systems
 
Data integrity - the review process
Data integrity - the review processData integrity - the review process
Data integrity - the review process
 
SQA.ppt
SQA.pptSQA.ppt
SQA.ppt
 
SQA.ppt
SQA.pptSQA.ppt
SQA.ppt
 
21st Century Regulatory Step by Step Compliance Part-1
21st Century Regulatory Step by Step Compliance Part-121st Century Regulatory Step by Step Compliance Part-1
21st Century Regulatory Step by Step Compliance Part-1
 
APQP Training presentation
APQP Training  presentationAPQP Training  presentation
APQP Training presentation
 
Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...
Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...
Understanding the Medical device Single Audit Program (MDSAP) & How to Prepar...
 
Process Analytical Technology (PAT)
Process Analytical Technology (PAT)Process Analytical Technology (PAT)
Process Analytical Technology (PAT)
 
Quality by Design
Quality by DesignQuality by Design
Quality by Design
 

Recently uploaded

Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 

Recently uploaded (20)

Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 

Overview of Computerized Systems Compliance Using the GAMP® 5 Guide

  • 1. Overview of Computerized Systems Compliance Using the GAMP® 5 Guide Jim John ProPharma Group, Inc. (816) 682-2642 jim.john@propharmagroup.com
  • 2. Who Cares About CSV? • Systems throughout the organization involved in the development, production, storage and distribution of pharmaceutical products or medical devices have to be considered • Resources involved in any way with IT, computer, or automated systems is affected: – Developers – Maintainers – Users
  • 3. Purpose of This Presentation • To discuss and clarify key topics • Get to know the evolution of the GAMP Methodology to the latest release • Consider where GAMP 5 concepts can improve your existing methodology
  • 4. GAMP Objectives GAMP® guidance aims to achieve computerized systems that are fit for intended use and meet current regulatory requirements, by building upon existing industry good practice in an efficient and effective manner. 4
  • 5. Guidance • It is not a prescriptive method or a standard, but.. – Pragmatic guidance – Approaches – Tools for the practitioner • Applied with expertise and good judgement 5
  • 6. Evolution of GAMP Guidance 54321 Calibration Legacy Systems Laboratory VPCS ERES Testing Data Archiving Global Information Systems IT Infrastructure
  • 8. Other Drivers • Avoid duplication • Leverage suppliers • Scale activities • Reflect today – Configurable packages – Development models 8
  • 11. Main Body Overview • Key Concepts • Life Cycle • Quality Risk Management • Regulated Company Activities • Supplier Activities • Efficiency Improvements 11
  • 12. 5 Key Concepts • Life Cycle Approach Within a QMS • Scaleable Life Cycle Activities • Process and Product Understanding • Science-Based Quality Risk Management • Leveraging Supplier Involvement 12
  • 13. User and Supplier Life Cycles
  • 14. Product and Process Understanding • Basis of science- and risk-based decisions • Focus on critical aspects – Identify – Specify – Verify • CQAs / CPPs 14
  • 15. Life Cycle Approach Within a QMS • Suitable Life Cycle –Intrinsic to QMS • Continuous improvement 15
  • 16. Specify Plan Verify Configure & Code Report RiskManagement A Basic Framework For Achieving Compliance and Fitness For Intended Use Figure xx: Figure 3.3: A General Approach for Achieving Compliance and Fitness for Intended Use Source Figure 3.3, GAMP 5 A Risk Based Approach to Compliance GxP Computerized Systems © Copyright ISPE 2008. All rights reserved. GAMP V Model Transition VerifiesUser Requirement Specification Functional Specification Design Specification System Build Installation Qualification Operational Qualification Performance Qualification Verifies Verifies
  • 17. Scaleable Life Cycle Activities • Risk • Complexity and Novelty • Supplier 17
  • 18. Science Based Quality Risk Management Focus on patient safety, product quality, and data integrity… 18 Assessment Control Communication Review Based on ICH Q9
  • 19. Leveraging Supplier Involvement • Assess: – Suitability – Accuracy – Completeness • Flexibility: – Format – Structure • Requirements gathering • Risk assessments • Functional / other specifications • Configuration • Testing • Support and maintenance 19
  • 21. Compatibility with Other Standards ASTM E2500 Standard Guide for Specification, Design, and Verification of Pharmaceutical and Biopharmaceutical Manufacturing Systems and Equipment 21
  • 22. GAMP 5 Ongoing Operations GAMP 5 Reporting and Release GAMP 5 Verification GAMP 5 Specification Configuration Coding GAMP 5 Planning GAMP5 and ASTM E2500 Good Engineering Practice Risk Management Design Review Change Management Requirements Specification and Design Verification Acceptance and Release Operations & Continuous Improvement Product Knowledge Process Knowledge Regulatory Requirements Company Quality Regs. The Specification, Design, and Verification Process – Diagram from ASTM E2500
  • 23. Governance • Policies and procedures • Roles and responsibilities • Training • Supplier relationships • System inventory • Planning for compliance & validation • Continuous improvement 23
  • 24. Stages Within the Project Phase • Planning • Specification, configuration, and coding • Verification • Reporting and release 24
  • 26. Planning • Activities • Responsibilities • Procedures • Timelines 26 See Appendix M1
  • 27. Specification, Configuration, & Coding • Specifications allow – Development – Verification – Maintenance • Number and level of detail varies • Defined process 27
  • 29. Supporting Processes • Risk Management • Change and Configuration Management • Design Review • Traceability • Document Management 29
  • 30. Design Review • Planned • Systematic • Identify Defects • Corrective Action • Scaleable – Rigor/Extent – Documentation 30See also Appendix M5
  • 32. GAMP 5 Categories Category GAMP 4 GAMP 5 1 Operating system Infrastructure software 2 Firmware No longer used 3 Standard software packages Non-configured products 4 Configurable software packages Configured products 5 Custom (bespoke) software Custom applications Continuum
  • 33. GAMP 5 Quality Risk Management 33
  • 34. Critical Processes are Those Which: • Generate, manipulate, or control data supporting regulatory safety and efficacy submissions • Control critical parameters in preclinical, clinical, development, and manufacturing • Control or provide information for product release • Control information required in case of product recall • Control adverse event or complaint recording or reporting • Support pharmacovigilance (investigation of Adverse risks) 34
  • 35. Definitions • Harm Damage to health, including the damage that can occur from loss of product quality or availability. • Hazard The potential source of harm. • Risk The combination of the probability of occurrence of harm and the severity of that harm. • Severity A measure of the possible consequences of a hazard. 35
  • 36. Step 1 – Initial Risk Assessment • Based on business processes, user requirements, regulatory requirements and known functional areas 36Don’t repeat unnecessarily! Inputs Outputs GxP or non-GxP Major Risks Considered Overall Risk User Requirements GxP Regulations Previous Assessments
  • 37. Step 2 – Identify Functions with GxP Impact • Functions with impact on patient safety, product quality, and data integrity 37 Specifications System Architecture Categorization of Components Inputs Outputs List of Functions to be further evaluated
  • 38. Step 3 – Perform Functional Risk Assessments & Identify Controls Functions from Step 2 SME Experience Scenarios Possible Hazards 38 Breakdown of Risks to Low, Medium and High. Detailed Assessments and Mitigation for High Inputs Outputs
  • 39. Functional Risk Assessment • Identify – Hazards and risk scenarios – Severity – impact on safety quality or other harm – Probability – Detectability 39
  • 40. GAMP Risk Assessment Tool 40 Probability Severity Low Medium High Low Medium High Class 3 Class 2 Class 1 A simple two-step process: Plot Severity vs. Probability to obtain Risk Class
  • 41. GAMP Risk Assessment Tool 41 Priority 1 Priority 3 Priority 2 3 2 1 High Medium Low RiskClass Detectability Plot Risk Class vs. Detectability to obtain Risk Priority
  • 42. Step 3 (continued) Controlling the Risk 42 Mitigation Strategies • Change the process • Change the design • Add new features • Apply external procedures Scenarios with High Risk from Functional Analysis Inputs Outputs
  • 43. Step 4 – Implement & Verify Appropriate Controls • Verification activity should demonstrate that the controls are effective in performing the required risk reduction. 43
  • 44. Step 5 – Review Risks Monitor Controls Establish Periodic Review of Control Effectiveness Apply Risk Process in Change Management Activities 44 Frequency and extent of any periodic review should be based on the level of risk
  • 45. Risk-Based Decisions What do they impact ? • Number and depth of design reviews • Need for, and extent of, source code review • Rigor of supplier evaluation • Depth and rigor of functional testing 45
  • 46. Operation Appendices • O1 – Handover • O2 – Establishing & Managing Support Services • O3 – Performance Monitoring • O4 – Incident Management • O5 – Corrective and Preventive Action (CAPA) • Performance Monitoring • O6 – Operational Change & Configuration Management • O7 – Repair Activity • O8 – Periodic Review • O9 – Backup and Restore • O10 – Business Continuity Management • O11 – Security Management • O12 – System Administration • O13 – Archiving and Retrieval 46
  • 47. Summary • GAMP 5 provides more flexibility in the number and types of validation lifecycle products used. • Application of Risk and use of SME Knowledge are keys to success 47