Your SlideShare is downloading. ×
Gamp5 new
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Gamp5 new

2,475

Published on

Published in: Health & Medicine
0 Comments
6 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,475
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
6
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Your Validation Partner
  • Transcript

    • 1. www.kvstech.com
    • 2. TRACING THE HISTORY: www.kvstech.com
    • 3. INTRODUCTION GAMP 5 leverages risk management from GAMP 4 and addresses the entire lifecycle of automated systems The biggest change being to provide more clearly defined scalability for effort / deliverables versus the size / complexity of projects, and to align with the various regulatory bodies’ emphasis on risk / science-based GxPs. GAMP 5 aligns with major industry developments including PQLI1, ICH Q8, Q9, Q10, and ASTM E2500 and points to the future of computer systems compliance www.kvstech.com
    • 4. INTRODUCTION… GAMP 5 is applicable to a wide range of information systems, lab equipment, integrated manufacturing systems, and IT infrastructures After over 4 years of re-work GAMP 5 was released in Feb 2008,and is a major rewrite of GAMP 4 with significant changes having as primary goals:  Bringing procedures in line with the dynamic Life science industry  reducing the cost of compliance www.kvstech.com
    • 5. Coupled to this there is the need to: Avoid duplication of activities (e.g. by fully integrating engineering and computer system activities so that they are only performed once) Leverage supplier activities to the maximum possible extent, while still ensuring fitness for intended use. Scale all life cycle activities and associated documentation according to risk, complexity and novelty. Recognise that most computerised systems are now based on configurable packages, many of them networked. Acknowledge that traditional linear or waterfall development models are not the most appropriate in all cases. www.kvstech.com
    • 6. GAMP DOCUMENTATIONSTRUCTURE www.kvstech.com
    • 7. Drivers for GAMP 5 www.kvstech.com
    • 8. GAMP-5 MODEL www.kvstech.com
    • 9. Few of the Important Points:  GAMP 5 is not prescriptive. All lifecycle activities and associated documentation are to be scaled according to risk, complexity, novelty. (Some examples): • Risk: manufacturing process control = high risk, database containing training records = low risk • Complexity: SAP = high complexity, Excel spreadsheet calculating lab results = low complexity. • Novelty: Excel = used by millions worldwide, lab instrument PC software = used by thousands worldwide, in-house developed application - used only by the company that developed it.  GAMP 5 - all about risk. Increasing complexity and/or novelty = higher risk = more effort and deliverables.  Moving away from traditional qualification terminology (e.g. IQ, OQ, PQ). Terminology confuses people outside of the validation and QA departments. Terminology is still available, but optional. www.kvstech.com
    • 10. Few of the Important Points. . .  Most computerized systems now based on configurable packages, many of them networked.  Validate only if there could be an impact on patient safety, product quality, data integrity. If none of these, no need to validate, good engineering practice is sufficient.  Need to be clear on the differences between system owner and process owner.  QA less involved than in the past. For example QA should review a URS against the applicable regulations. URS technical review is for technical subject matter experts. QA does not need to sign a design spec, as they do not understand it.QA can verify that design specs are being produced for projects but QA does not need to sign every document in a project.  GAMP 5 approach is consistent with ASTM E2500-07 Standard Guide for Specification, Design, and Verification of Pharmaceutical and Biopharmaceutical Manufacturing Systems and Equipment. www.kvstech.com
    • 11. LIFE CYCLE APPROACHIt entails defining and performing activities in a systematic way from conception,understanding requirements, through development, release & operational use tosystem requirement Specification, Design and verification Process www.kvstech.com
    • 12. LIFE CYCLE PHASES www.kvstech.com
    • 13. QUALITY RISK MANAGEMENT  It is a systematic process for the assessment, control, communication & review of risk.  It is an iterative process used throughout the entire computerized system life cycle from concept to retirement.  For a given organization, a framework for making risk management decisions should be defined to ensure consistency of application across systems and business functions.  Terminology should be agreed upon, particularly regarding definitions and metrics for key risk factors. www.kvstech.com
    • 14. Overview and Benefits ofrisk management www.kvstech.com
    • 15. RISK ASSESSMENT METHOD www.kvstech.com
    • 16. RELATIONSHIP OF RISK,SEVERITY AND CONTROL Effect on High Risk Priority •Patient safety Use risk •Data integrity assessment to identify specific controls and rigor Medium Risk Priority Use generic checklist controls Low Risk Priority Use “Good practice” www.kvstech.com
    • 17. SCIENCE BASED QUALITY RISK MANAGEMENT Determining the risks posed by a computerized system requires a common and shared understanding of: Impact of the computerized system on patient safety, product quality and data integrity Supported business processes CQA (Critical Quality Attributes) for systems that monitor or control CPP (Critical Process parameters) User requirements Regulatory requirements Project approach System components and architecture System functions Supplier capability www.kvstech.com
    • 18. SCIENCE BASED QUALITY RISK MANAGEMENT… Managing the risks may be achieved by: Elimination by Design [EbD] Reduction to an acceptable level Verification to demonstrate that risks are managed to an acceptable level www.kvstech.com
    • 19. Quality Risk Management Process  The ICH Guideline ICH Q9 describes a systematic approach to quality risk management intended for general application within pharmaceutical industry  It defines following two primary principles of quality risk management 1.The evaluation of risk to quality should be based on scientific knowledge and ultimately link to the protection of the patient. 2.The level of effort, formality and documentation of the quality risk management process should be commensurate with the level of risk. www.kvstech.com
    • 20. Quality Risk Management Process • QRM structured according to ICH Q9 & ISPE Guide • Starts with system impact • Including FMEA [Failure Mode and Effects Analysis] www.kvstech.com
    • 21. RISK ASSESSMENT EFFORT SCALEDACCORDING TO FUNCTION IMPACT www.kvstech.com
    • 22. GAMP CATEGORY1 DIFFERENCE BETWEEN GAMP 4 AND GAMP 5  OPERATING  INFRASTRUCTURE SYSTEMS[GAMP-4] SOFTWARE[GAMP-5] Only Operating Expanded greatly to systems included cover established or commercially available layered software and infrastructure software tools www.kvstech.com
    • 23. GAMP CATEGORY2 DIFFERENCE BETWEEN GAMP 4 AND GAMP 5…  FIRMWARE  FIRMWARE [GAMP-4] [GAMP-5] Configurable and Discontinued- non-configurable firmware is now firmware only. treated as software Custom firmware is in one of Category 5 categories 3,4 or 5. www.kvstech.com
    • 24. GAMP CATEGORY3 DIFFERENCE BETWEEN GAMP 4 AND GAMP 5…  STANDARD  NON-CONFIGURED SOFTWARE PRODUCTS[GAMP-5] PACKAGES[GAMP-4] Off-the-shelf products Commercially available used for business standard software processes, as well as packages. those that are Configuration limited configurable, but for to establishing the which only the default run-time environment configuration is used www.kvstech.com
    • 25. GAMP CATEGORY4 DIFFERENCE BETWEEN GAMP 4 AND GAMP 5…  CONFIGURABLE  CONFIGURED SOFTWARE PRODUCTS[GAMP-5] PACKAGES[GAMP-4] Configured products Configurable software provide standard packages provide interfaces and functions standard interfaces and that enable configuration functions that enable of the application to configuration of user- meet user specific specific business or business processes. manufacturing processes Configuration using a vendor-supplied language should be handled as custom components (Category 5) www.kvstech.com
    • 26. GAMP CATEGORY5 DIFFERENCE BETWEEN GAMP 4 AND GAMP 5… CUSTOM (BESPOKE)  CUSTOM SOFTWARE[GAMP-4] APPLICATIONS [GAMP-5] These systems are These systems or developed to meet the subsystems are specific needs of the developed to meet the user company specific needs of the regulated company. Inherent risk is high www.kvstech.com
    • 27. Regulated Company Activities This involves activities at both the organizational level and at the level of individual system, therefore this section is divided into..1. Governance for achieving compliance2. System specific activities www.kvstech.com
    • 28. 1.Governance for achieving compliance ACTIVITIES… Establishing computerized systems compliance policies and procedures Identifying clear roles and responsibilities Training Managing supplier relationships Maintaining a system inventory Planning for validation Continuous improvement activities www.kvstech.com
    • 29. 2.System Specific Activities ACTIVITIES… Identify compliance standards Identify system User requirement specification Determine strategy for achieving compliance and fitness for intended use Planning System specifications Development and review of software for custom applications Test strategy and testing Reporting and release Maintaining system compliance during operation System retirement www.kvstech.com
    • 30. Supplier Activities Supplier products, applications and services Supplier good practices Quality management system Requirements Supplier Quality Planning Sub-supplier assessments Specifications Design reviews Software production/configuration Testing Commercial release User documentation and training System support and maintenance during operation System replacement and retirement www.kvstech.com
    • 31. EFFICIENCY IMPROVEMENTS Establishing verifiable and objective user requirements Use of risk based decisions Leveraging supplier input Leveraging existing documentation Efficient testing practice Well managed handover Efficient change management Anticipating data archiving and migration needs www.kvstech.com
    • 32. www.kvstech.com
    • 33. www.kvstech.com
    • 34. Critical Process Parameters (CPP’s)“Process parameters whose variability impact a qualityattribute and therefore need to be controlled to ensure theprocess produces the desired quality…….. and have aneffect on the CQA(s) of the drug substance or drugproduct.”A CPP remains critical even if it is controlled. www.kvstech.com
    • 35. Critical Quality Attributes (CQA’s)“Physical, chemical, biological or microbiologicalproperties or characteristics that need to be controlled(directly or indirectly) to ensure product quality.(i.e. dissolution, potency, homogeneity, purity)” www.kvstech.com
    • 36. ASTM E2500[American Standard for Testing Materials]Provides a Risk / Science Based Approach for Specification, Design & Verification of Manufacturing Systems and Equipment using Systematic, Efficient & Effective Methods www.kvstech.com
    • 37. LIFE CYCLE PHASE: CONCEPT During concept phase, the regulated company considers opportunities to automate one or more business processes based upon business need and benefits. At this phase initial requirements will be developed and potential solutions considered. From initial understanding of scope, costs and benefits, a decision is made on whether to proceed to the project phase. www.kvstech.com
    • 38. LIFE CYCLE PHASE: PROJECT The project phase involves…  planning,  supplier assessment & selection ,  various levels of specification,  configuration (or coding for custom applications) and  verification leading to acceptance and release for operation. Risk management is applied…  to identify risks and  to remove or reduce them to an acceptable level. www.kvstech.com
    • 39. LIFE CYCLE PHASE: OPERATION System operation, typically, is the longest phase and is  managed by.. the use of defined, up to date, operational procedures  applied by.. personnel who have appropriate training, education and experience. key aspects :  Maintaining control (including security),  fitness for intended use and  compliance important activity:  The management of changes of different impact, scope and complexity. www.kvstech.com
    • 40. LIFE CYCLE PHASE: RETIREMENT It involves decisions about…  Data retention,  Migration or destruction and  The management of this processes www.kvstech.com
    • 41. ICH: International Conference on Harmonisation of technical Requirements for Registration of Pharmaceuticals for Human UseICH Q-Documents  Q1 Stability  Q2 Analytical Validation  Q3 Impurities  Q4 Pharmacopoeias  Q5 Quality of Biotechnological Products  Q6 Specifications  Q7 Good Manufacturing Practice  Q8 Pharmaceutical Development  Q9 Quality Risk Management  Q10 Pharmaceutical Quality Systems www.kvstech.com
    • 42. Pharmaceutical Development (Q8)Past: Data transfer / Variable outputPresent: Knowledge transfer / Sciencebased / Consistent outputQuality Risk Management (Q9)Past: Used, however poorly definedPresent: Opportunity to use structured process thinkingPharmaceutical Quality Systems (Q10)Past: GMP checklistFuture: Quality Systems across product life cycle www.kvstech.com
    • 43.  HACCP: Hazard Analysis and Critical Control Points www.kvstech.com
    • 44.  PQLI Physical Quality of Life Index www.kvstech.com
    • 45.  ISPE: International Society for Pharmaceutical Engineering www.kvstech.com
    • 46. PROJECT PHASE www.kvstech.com
    • 47. www.kvstech.com
    • 48. PLANNINGPlanning should cover all required activities, responsibilities,procedures and timeline PLANNING • Activities should be scaled according to: HIERARCHY o System impact on patient safety, product MULTI-SITE quality and data integrity (risk assessment) o System complexity and novelty (Architecture and categorization of system components) SITE o Outcome of supplier assessment Supplier capability ) • User requirements are the responsibilityDEPARTMENT of the user community and should be OR AREA maintained and controlled • Approach should be based on product and process understanding and relevant SYSTEM regulatory requirements www.kvstech.com
    • 49. SPECIFICATION The role of specification is to enable systems to be developed, verified and maintained The number and level of the detail of the specifications will vary depending upon type of system and its intended use Before use ,regulated company should ensure that they are adequate to support subsequent activities, including risk assessment, further specification and development of the system, and verification as appropriate Specification may be available from supplier www.kvstech.com
    • 50. CONFIGURATION AND CODING The requirements for configuration and coding activities depend on the type of the system Any required configuration should be performed in accordance with a controlled and repeatable process The need for code reviews should be addressed as part of risk management Configuration management is an intrinsic and vital aspect of controlled configuration and coding www.kvstech.com
    • 51. VERIFICATION Verification confirms that specifications have been met This may involve multiple stages of reviews and testing depending on the type of system, the development method applied, and its use Testing computerized systems is a fundamental verification activity Testing often is performed at several levels depending on the risk, complexity and novelty There is a range of different types of testing possible including normal case (positive), invalid case (negative), repeatability, performance, volume/load, regression and structural testing www.kvstech.com
    • 52. REPORTING Acceptance and release of the system for use in GxP regulated activities should require the approval of…  the process owner,  system owner,  quality unit representatives At the conclusion of the project, a computerized system validation report should be produced summarizing…  the activities performed,  any deviations from the plan ,  any outstanding and corrective actions,  providing a statement of fitness for intended use of the system www.kvstech.com

    ×