Documentation is a critical tool for ensuring GxP/GMP compliance.
In the regulated environment which must be GxP/GMP compliant, document control is the cornerstone of the quality system. It is so important that if an external audit identifies deficiencies in the document control system, the entire organization can be shut down.
There are also GMP requirements for information technology. For a drug to be produced in a GxP/GMP compliant manner, some specific information technology practices must be followed. Computer systems involved in the development, manufacture, and sale of regulated product must meet certain requirements.
Change control within quality management systems (QMS) and information technology (IT) systems is a formal process used to ensure that changes to a product or system are introduced in a controlled and coordinated manner. In the regulated industries, manufactures are required to use a change control procedure.
In this presentation, we discuss the connection between GxP/GMP and document control. We describe details of document control procedures, and the role of Quality Assurance in the documentation systems. We review GMP requirements for information technology and how computer systems including documentation management systems must meet GxP/GMP requirements. We also review change control procedure and how it should be used in GxP/GMP environment.
Data Integrity app Link: https://play.google.com/store/apps/details?id=com.innovativeapps.dataintegrity&hl=en
One Step Ahead in Pharma Compliance
Across the internet, there are millions of resources are available which provide information about Computer System Validation.
Refer above Data Integrity app which helps you to understand current regulatory agencies thinking on Data Integrity.
In Pharma and Biotech, Weightage of the Documentation is around 70 % because as per FDA "If you do not have Document, You dint have do it."
So Good Documentation Practice is of tremendous importance for the Industry to comply any regulation like FDA, GMP or ISO.
Good documentation practice
Introduction
What types of documents require to follow Good Documentation Practices?
Meaning of signature
Purpose of documentation
Basic requirements of GDP
Preparation of documents
Cancellation of GMP records
reference
• Analytical Methods
• Policies
• Batch Records
• Protocols
• Bills of Materials (BOMs)
• Test Methods
• Certificate of Analyses (CoA)
• Training
Documentation
• Certificate of Compliance (CoC)
• Logbooks
• Laboratory Notebooks
• Calibration records
• Quality records - non-conformances
- CAPAs
- internal inspection reports
- change control
Good Documentation Practice (GDocP) is an essential part of the quality assurance and such, related to all aspects of GMP” this definition is based on WHO. It is a systematic procedure of preparation, reviewing, approving, issuing, recording, storing and archival of document.
Data Integrity app Link: https://play.google.com/store/apps/details?id=com.innovativeapps.dataintegrity&hl=en
One Step Ahead in Pharma Compliance
Across the internet, there are millions of resources are available which provide information about Computer System Validation.
Refer above Data Integrity app which helps you to understand current regulatory agencies thinking on Data Integrity.
In Pharma and Biotech, Weightage of the Documentation is around 70 % because as per FDA "If you do not have Document, You dint have do it."
So Good Documentation Practice is of tremendous importance for the Industry to comply any regulation like FDA, GMP or ISO.
Good documentation practice
Introduction
What types of documents require to follow Good Documentation Practices?
Meaning of signature
Purpose of documentation
Basic requirements of GDP
Preparation of documents
Cancellation of GMP records
reference
• Analytical Methods
• Policies
• Batch Records
• Protocols
• Bills of Materials (BOMs)
• Test Methods
• Certificate of Analyses (CoA)
• Training
Documentation
• Certificate of Compliance (CoC)
• Logbooks
• Laboratory Notebooks
• Calibration records
• Quality records - non-conformances
- CAPAs
- internal inspection reports
- change control
Good Documentation Practice (GDocP) is an essential part of the quality assurance and such, related to all aspects of GMP” this definition is based on WHO. It is a systematic procedure of preparation, reviewing, approving, issuing, recording, storing and archival of document.
Regulatory aspect of pharmaceutical change control systemDeveshDRA
CHANGE CONTROL,BENEFITS OF CHANGE CONTROL SYSTEM,MANAGEMENT OF CHANGE AND CONTINUOUS IMPROVEMENT(Prepare a Change Proposal,Classify & Approve Proposed Changes,Develop an Implementation Plan, Install the Change,Verify Installation,Close out the change
) FLOW CHART OF CHANGE MANAGEMENT,HANDLING AND CONTROLLING CHANGES,SOP ON CHANGE CONTROL SYSTEM,
CATEGORY OF CHANGES(Major Changes,Moderate changes,Minor changes),ENSURING TRAINING & PROCEDURES IN A MANAGEMENT OF CHANGE PROGRAM,LEVEL OF APPROVAL,REGULATOR PROSPECTIVE OF CHANGE CONTROL(21 CFR Part 211: Sec. 211.100,21 CFR Part 211.194 (Laboratory Records),ICH Q7A,USFDA Guidance for Industry: Change to an approved NDA or ANDA ( April 2004- Revison-1)),CONCLUSION
,
Computerized System Validation Business Intelligence SolutionsDigital-360
Executive Summary
Regulated pharmaceutical, biotech and medical device companies are challenged to develop manufacturing capabilities quickly and cost-effectively while at the same time safeguarding product quality and patient safety.
Validation has been an essential part of regulated industries for over 20 years, yet as the field has evolved, little has changed in the business, or manual, approach to validation.
In this slide contains definition, importance, benefits of annual product review.
Presented by: Ravi Sanker babu .D.V (Department of pharmaceutical analysis and quality assurance).
RIPER, anantapur.
Good documentation practice (commonly abbreviated GDP, recommended to abbreviate as GDocP to distinguish from "good distribution practice" also abbreviated GDP) is a term in the pharmaceutical industry to describe standards by which documents are created and maintained. While some GDocP standards are codified by various competent authorities, others are not but are considered cGMP (with emphasis on the "c", or "current"). Some competent authorities release or adopt guidelines, and they may include non-codified GDocP expectations. While authorities will inspect against these guidelines and cGMP expectations in addition to the legal requirements and make comments or observations if departures are seen. In the past years, the application of GDocP is also expanding to cosmetic industry, excipient and ingredient manufacturers.
Data integrity is critical throughout the CGMP data life cycle, including in the creation, modification, processing, maintenance, archival, retrieval, transmission, and disposition of data after the record’s retention period ends. It would be helpful for data management.
This presentation is about the validation of software. It focus on the validation of software used in pharmacy. It contains definition of validation, computer system and validation of computer system. It explains the models which are used for software validation and on example i.e. HPLC software validation.
This presentation is contain information about Documentation System of Pharmaceuticals. This presentation is prepared for training on documentation in Drug International Limited (Herbal Division) Depending on WHO and ICH guideline.
Process validation is defined as the collection and evaluation of data, from the process design stage throughout production, which establishes scientific evidence that a process is capable of consistently delivering quality products.
The U.S. Food and Drug Administration (FDA) has proposed guidelines with the following definition for process validation: – “PROCESS VALIDATION” is establishing documented evidence which provides a high degree of assurance that a specific process consistently produces a product meeting its predetermined specifications and quality attributes.
Review of Quality Control Record and Analytical Data by Dr. A. AmsavelDr. Amsavel A
Review of Quality Control Record and Analytical Data
Objective and Requirement for Analytical data review
Role of Analyst and reviewer,
Procedure and checklist for review of records/data
Review of traceable /associated documents
Review of calibration, Reference standard record, sampling reports,
Review of Audit trail
Role of Analyst & Reviewer
Review of chromatograms& audit trail,
Data Integrity & Good Record Practice
FDA Citations
Data integrity is a Fundamental in a pharmaceutical quality system. It ensures that medicines are of required quality. This presentation is based on MHRA Guidance and provides MHRA expectations. Guidance complements existing EU GMP relating to active substances and dosage forms. This guidance should be d in conjunction with national medicines legislation and the GMP standards published in Eudralex volume 4.
CCK Discussion Forum held at ICCBS, University of Karachi, attended by over hundred of registered experienced pharmaceutical professionals participants belonging from dozen of pharmaceutical manufacturing facilities
Regulatory aspect of pharmaceutical change control systemDeveshDRA
CHANGE CONTROL,BENEFITS OF CHANGE CONTROL SYSTEM,MANAGEMENT OF CHANGE AND CONTINUOUS IMPROVEMENT(Prepare a Change Proposal,Classify & Approve Proposed Changes,Develop an Implementation Plan, Install the Change,Verify Installation,Close out the change
) FLOW CHART OF CHANGE MANAGEMENT,HANDLING AND CONTROLLING CHANGES,SOP ON CHANGE CONTROL SYSTEM,
CATEGORY OF CHANGES(Major Changes,Moderate changes,Minor changes),ENSURING TRAINING & PROCEDURES IN A MANAGEMENT OF CHANGE PROGRAM,LEVEL OF APPROVAL,REGULATOR PROSPECTIVE OF CHANGE CONTROL(21 CFR Part 211: Sec. 211.100,21 CFR Part 211.194 (Laboratory Records),ICH Q7A,USFDA Guidance for Industry: Change to an approved NDA or ANDA ( April 2004- Revison-1)),CONCLUSION
,
Computerized System Validation Business Intelligence SolutionsDigital-360
Executive Summary
Regulated pharmaceutical, biotech and medical device companies are challenged to develop manufacturing capabilities quickly and cost-effectively while at the same time safeguarding product quality and patient safety.
Validation has been an essential part of regulated industries for over 20 years, yet as the field has evolved, little has changed in the business, or manual, approach to validation.
In this slide contains definition, importance, benefits of annual product review.
Presented by: Ravi Sanker babu .D.V (Department of pharmaceutical analysis and quality assurance).
RIPER, anantapur.
Good documentation practice (commonly abbreviated GDP, recommended to abbreviate as GDocP to distinguish from "good distribution practice" also abbreviated GDP) is a term in the pharmaceutical industry to describe standards by which documents are created and maintained. While some GDocP standards are codified by various competent authorities, others are not but are considered cGMP (with emphasis on the "c", or "current"). Some competent authorities release or adopt guidelines, and they may include non-codified GDocP expectations. While authorities will inspect against these guidelines and cGMP expectations in addition to the legal requirements and make comments or observations if departures are seen. In the past years, the application of GDocP is also expanding to cosmetic industry, excipient and ingredient manufacturers.
Data integrity is critical throughout the CGMP data life cycle, including in the creation, modification, processing, maintenance, archival, retrieval, transmission, and disposition of data after the record’s retention period ends. It would be helpful for data management.
This presentation is about the validation of software. It focus on the validation of software used in pharmacy. It contains definition of validation, computer system and validation of computer system. It explains the models which are used for software validation and on example i.e. HPLC software validation.
This presentation is contain information about Documentation System of Pharmaceuticals. This presentation is prepared for training on documentation in Drug International Limited (Herbal Division) Depending on WHO and ICH guideline.
Process validation is defined as the collection and evaluation of data, from the process design stage throughout production, which establishes scientific evidence that a process is capable of consistently delivering quality products.
The U.S. Food and Drug Administration (FDA) has proposed guidelines with the following definition for process validation: – “PROCESS VALIDATION” is establishing documented evidence which provides a high degree of assurance that a specific process consistently produces a product meeting its predetermined specifications and quality attributes.
Review of Quality Control Record and Analytical Data by Dr. A. AmsavelDr. Amsavel A
Review of Quality Control Record and Analytical Data
Objective and Requirement for Analytical data review
Role of Analyst and reviewer,
Procedure and checklist for review of records/data
Review of traceable /associated documents
Review of calibration, Reference standard record, sampling reports,
Review of Audit trail
Role of Analyst & Reviewer
Review of chromatograms& audit trail,
Data Integrity & Good Record Practice
FDA Citations
Data integrity is a Fundamental in a pharmaceutical quality system. It ensures that medicines are of required quality. This presentation is based on MHRA Guidance and provides MHRA expectations. Guidance complements existing EU GMP relating to active substances and dosage forms. This guidance should be d in conjunction with national medicines legislation and the GMP standards published in Eudralex volume 4.
CCK Discussion Forum held at ICCBS, University of Karachi, attended by over hundred of registered experienced pharmaceutical professionals participants belonging from dozen of pharmaceutical manufacturing facilities
Document control procedure for legal practicesVal Antoff
Document control is one of the most important elements of any quality management system. It is essential for the management of information in any legal practice, including practices that don't have the resources to develop and maintain a fully fledged QMS.
free training on Quality Management systems in software industry.Iso 9000,ISO...aaditya
Concerned with ensuring that the required level of quality is achieved in a software product.
Involves defining appropriate quality standards and procedures and ensuring that these are followed.
Should aim to develop a ‘quality culture’ where quality is seen as everyone’s responsibility.
Similar to GxP/GMP & its Consequences to Documentation and Information Technology Systems (20)
People don’t talk much about the value of information but information is the strategic asset of a company. What makes the company great among other things is the ability to take information and use it as an asset. Information is what drives an organization, whether it is through development of new drugs, new products, looking into new geographic regions to expand to, etc.
Pharmaceutical companies are regulated industry and therefore are subject to strict compliance regulations. Document control and information governance in pharmaceutical companies are especially important.
This presentation covers the following topics:
- document control requirements per GxP/GMP requirements;
- GxP/GMP requirements for IT systems;
- proliferation of content;
- documents and legal exposure;
- documents and process inefficiency;
- social computing and its effect on information governance;
- documents and mobile computing and its effect on information governance;
- bring your own device (BYOD) and its effect on information governance;
- vulnerability of sensitive information;
- documents and crisis management;
- documents and E-discovery;
- role of documents in collaboration and new employees onboarding;
- documents and manual processes.
After knowledge management initiative has been implemented, it can become outdated and underutilized. It is important for organizations to move forward while being aware of emerging trends, methods, and techniques in knowledge management.
This presentation describes current trends and technology in knowledge management. It reviews best practices in knowledge management once it has been implemented as well as analytics and reporting methodology and tools. Special focus is on Information governance, risk management, and compliance.
There are few knowledge management tools available on the market today. SharePoint is widely adopted today as one of knowledge management tools.
This presentation describes main SharePoint features and presents few other content management systems such as Documentum, TeamSite, OpenText ECM Suite, Oracle UCM, and others. It further describes user adoption strategies, information governance in general and specifically in SharePoint.
During the last ten years, the volume and diversity of information grew at unprecedented rates. The growth of information continues to outpace available storage capacity. Businesses and individuals are being overloaded with information that exceeds their ability and time to analyze, synthesize, and disseminate it.
This presentation describes current information overload and methods of dealing with it.
During the last ten years, the volume and diversity of information grew at unprecedented rates. The growth of information continues to outpace available storage capacity. Businesses and individuals are being overloaded with information that exceeds their ability and time to analyze, synthesize, and disseminate it.
This presentation describes current information overload and methods of dealing with it.
Unleashing the Power of Data_ Choosing a Trusted Analytics Platform.pdfEnterprise Wired
In this guide, we'll explore the key considerations and features to look for when choosing a Trusted analytics platform that meets your organization's needs and delivers actionable intelligence you can trust.
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeWalaa Eldin Moustafa
Dynamic policy enforcement is becoming an increasingly important topic in today’s world where data privacy and compliance is a top priority for companies, individuals, and regulators alike. In these slides, we discuss how LinkedIn implements a powerful dynamic policy enforcement engine, called ViewShift, and integrates it within its data lake. We show the query engine architecture and how catalog implementations can automatically route table resolutions to compliance-enforcing SQL views. Such views have a set of very interesting properties: (1) They are auto-generated from declarative data annotations. (2) They respect user-level consent and preferences (3) They are context-aware, encoding a different set of transformations for different use cases (4) They are portable; while the SQL logic is only implemented in one SQL dialect, it is accessible in all engines.
#SQL #Views #Privacy #Compliance #DataLake
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfGetInData
Recently we have observed the rise of open-source Large Language Models (LLMs) that are community-driven or developed by the AI market leaders, such as Meta (Llama3), Databricks (DBRX) and Snowflake (Arctic). On the other hand, there is a growth in interest in specialized, carefully fine-tuned yet relatively small models that can efficiently assist programmers in day-to-day tasks. Finally, Retrieval-Augmented Generation (RAG) architectures have gained a lot of traction as the preferred approach for LLMs context and prompt augmentation for building conversational SQL data copilots, code copilots and chatbots.
In this presentation, we will show how we built upon these three concepts a robust Data Copilot that can help to democratize access to company data assets and boost performance of everyone working with data platforms.
Why do we need yet another (open-source ) Copilot?
How can we build one?
Architecture and evaluation
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...sameer shah
"Join us for STATATHON, a dynamic 2-day event dedicated to exploring statistical knowledge and its real-world applications. From theory to practice, participants engage in intensive learning sessions, workshops, and challenges, fostering a deeper understanding of statistical methodologies and their significance in various fields."
Analysis insight about a Flyball dog competition team's performanceroli9797
Insight of my analysis about a Flyball dog competition team's last year performance. Find more: https://github.com/rolandnagy-ds/flyball_race_analysis/tree/main
State of Artificial intelligence Report 2023kuntobimo2016
Artificial intelligence (AI) is a multidisciplinary field of science and engineering whose goal is to create intelligent machines.
We believe that AI will be a force multiplier on technological progress in our increasingly digital, data-driven world. This is because everything around us today, ranging from culture to consumer products, is a product of intelligence.
The State of AI Report is now in its sixth year. Consider this report as a compilation of the most interesting things we’ve seen with a goal of triggering an informed conversation about the state of AI and its implication for the future.
We consider the following key dimensions in our report:
Research: Technology breakthroughs and their capabilities.
Industry: Areas of commercial application for AI and its business impact.
Politics: Regulation of AI, its economic implications and the evolving geopolitics of AI.
Safety: Identifying and mitigating catastrophic risks that highly-capable future AI systems could pose to us.
Predictions: What we believe will happen in the next 12 months and a 2022 performance review to keep us honest.
2. Agenda
Galaxy Consulting - www.galaxyconsulting.net
1. GxP/GMP and Documentation
2. Purpose of Document Control
3. Controlled Documents – Types, Identification
4. Role of QA in Document Control
5. Document Control Procedures
6. Document Management System
7. Measuring Success of Document Control System
8. Change Control Procedure
9. GxP/GMP and Information Technology
10. IT Systems Validation
11. Q & A
3. Galaxy Consulting - www.galaxyconsulting.net
GxP/GMP is about Quality Management System
(QMS)
Documentation is the critical tool for ensuring
GxP/GMP compliance.
Cornerstone of QMS is document control.
GMP – “Each manufacturer shall establish and
maintain procedures to control all documents that are
required.”
GMP documentation requirements are aligned with
GDP or GDocP – Good Documentation Practice.
GDP – systematic procedure of preparation, reviewing,
approving, issuing, recording, storing, and archiving
documents.
Auditors pay particular attention to documentation to
make sure that it complies with GMP and GDP.
GxP/GMP requirements must have a document
control system in place.
GxP/GMP and Documentation
4. Galaxy Consulting - www.galaxyconsulting.net
The primary purpose of document control is to ensure
that only current documents and not superseded
documents are used to perform work and that
obsolete versions are removed.
Document control also ensures that current
documents are approved by the competent and
responsible for the specific job people and documents
are distributed to the places where they are used.
Document control is an essential preventive measure
ensuring that only approved, current documents are
used throughout the organization.
Inadvertent use of out-of-date documents or not
approved documents can have significant negative
consequences on quality, costs, and customer
satisfaction.
Purpose of Document Control
5. Galaxy Consulting - www.galaxyconsulting.net
Controlled document is any document that is used
to perform work and not for reference. Furthermore,
GxP/GMP states that documents required by the
QMS should be controlled.
The most important rule of document control is
only current documents must be used for work.
The format and storage of controlled documents
must protect a document from being rendered
unreadable due to wear or damage.
Controlled Documents
6. Galaxy Consulting - www.galaxyconsulting.net
Policies - the company’s position or intention for its operations
Procedures - responsibilities and processes for how the
company operates to comply with its policies
Work and/or test instructions - step-by-step instructions for a
specific job or task
Forms and records
Drawings - those that are issued for work
Process maps, process flow charts, and/or process descriptions
Specifications
Production schedules
Approved supplier lists
Test and inspection plans
Quality plans
Typical Controlled Document Types
7. Galaxy Consulting - www.galaxyconsulting.net
Quality manual
Company quality policy and quality objectives
Standard Operating Procedures (SOPs)
Batch Records, Test Methods, Specifications, Equipment
Records, Packaging Instructions, Logbooks
Records determined by the organization to be necessary to
ensure the effective planning, operation, and control of its
processes
The format and structure of the quality policy, quality
objectives, and quality manual is a decision for each
organization, and will depend on the organization’s size,
culture and complexity.
A small organization may find it appropriate to include the
description of its entire QMS within a single manual, including
all the documented procedures required by the standard.
Large, multi-national organizations may need several manuals
at the global, national or regional level, and a more complex
hierarchy of documentation.
QMS Documents
8. Galaxy Consulting - www.galaxyconsulting.net
Controlled documents must be legible.
Controlled documents need to be clearly and readily identified
through a title and document number which should be unique for
each document.
Current version of a document must be identified on the
document.
All master documents should have the effective date and approval
date.
Hard copy documents need to be stamped.
Electronic documents need to be watermarked so that when they
are printed, they could be identified as controlled documents and a
user can be alerted to verify an electronic version prior to use of
this document.
Identification of Controlled Documents
9. Galaxy Consulting - www.galaxyconsulting.net
The role of QA in regards to the document control system is
one of management and overview.
QA ensures that all documents are maintained in a controlled
fashion and that all controlled documents are approved by
the appropriate subject matter experts and are consistent with
other documents, and are the most current version.
One way that QA ensures this is by being the last signee on
all approved documents.
All documents: current, obsolete, superseded, as well as all
the history on the creation and revision of the document
should be kept in Quality Assurance.
Role of QA in Document Control
10. Galaxy Consulting - www.galaxyconsulting.net
Document Control
Procedures
These are document control procedures:
Documents Creation
Documents Revising
Documents Routing
Documents Approval
Documents Distribution
Documents Archiving
11. Galaxy Consulting - www.galaxyconsulting.net
Documents Creation
Any knowledgeable employee should be able to
write or revise documents as needed.
Documents must be clear and legible.
Clear and concise titles should be used.
Full text spelling with abbreviation in brackets
should be used for the 1st time. Abbreviation may
be used for the remainder of the document.
Current date must be used. Backdating is not
allowed.
Newly created documents need to be approved.
12. Galaxy Consulting - www.galaxyconsulting.net
Documents Revising
GMP – “Changes to documents shall be reviewed and
approved by an individual(s) in the same function or
organization that performed the review and approval
of original documents, unless specifically designated
otherwise. Approved changes shall be communicated
to the appropriate personnel in a timely manner. Each
manufacturer shall maintain records of changes to
documents. Change records shall include a description
of the change, identification of the affected
documents, the signature of the approving
individual(s), the approval date, and when the change
becomes effective.”
13. Galaxy Consulting - www.galaxyconsulting.net
All documents must be periodically reviewed,
updated, and re-approved.
This review can be tied to a company's internal audit
process, management review or scheduled on some
periodic (annual) basis.
A record of such reviews must be kept.
Usually, the change process starts when someone
identifies an issue that may need to be addressed with
a change to the product. It ends when the agreed-upon
change is implemented.
Ensure that changes and the current revision status of
documents are identified.
When a document is updated, a record and history of
changes must be kept of the change, including the
reasons for and nature of the change.
Documents Revising
14. Galaxy Consulting - www.galaxyconsulting.net
Documents Routing
The document control function of QA is responsible for
routing documents for review and approval.
It is suggested that a pre-route be done to ensure that all
affected parties are in agreement with the document
before it is submitted to QA.
There should be a documented process detailing how
documents are submitted for review and approval.
A controlled form listing all the changes made to the
document, justification for the changes, and a list of
personnel who need to review and approve the document
needs to be routed along with the document.
15. Galaxy Consulting - www.galaxyconsulting.net
GMP requires that documents are approved for
adequacy prior to issue.
GMP - “Each manufacturer shall designate an
individual(s) to review documents for adequacy and
approve prior to issuance all documents. The approval,
including the date and signature of the individual(s)
approving the document, shall be documented.
Documents shall be available at all locations for which
they are designated, used, or otherwise necessary, and
all obsolete documents shall be promptly removed from
all points of use or otherwise prevented from
unintended use.”
Documents Approval
16. Galaxy Consulting - www.galaxyconsulting.net
An approval system ensures that controlled documents
are appropriate for people receiving them and that
they are correct.
Document approvals are mandatory and must be kept
as a record as well.
Once all affected parties agreed to the changes,
document control should prepare the document for
approval. All changes have to be incorporated into the
document.
A master document should be routed for approval
signatures.
When determining who should approve a particular
document, limit approvals to those with direct
knowledge or responsibility for the document.
Typically the approval people are the Author, the
Department Head, all affected department heads, and
QA. Other Subject Matter Experts can be included.
QA must be the last signature on all documents.
Documents Approval
17. Galaxy Consulting - www.galaxyconsulting.net
Approvals may be in the form of a written signature on a
paper document or a password-protected electronic
approval record.
Approval signatures must be recorded prior to the release
and use of the document.
No scanned signatures, duplicated signatures, or stamps
in lieu of signature should be used. Signature should be
handwritten and original.
Signing for other people is not allowed.
Signature should be kept throughout the life of the
document.
Approval signatures only appear on the 1st page of the
document.
If there is no electronic signature, the approval usually
can be verified through electronic workflow the
document went through to get approved.
Documents Approval
18. Galaxy Consulting - www.galaxyconsulting.net
The date of all approvals must precede the
document's release date.
For new documents the version number should be 00.
For each revision of a document the version number
should increase (01, 02, 03, etc).
Once the master document has been signed, the
effective date should be stamped onto each page of
the document.
The effective date must be far enough in advance to
allow for the document to be trained on before it
becomes effective (typically this is 5 days).
Documents Approval
19. Galaxy Consulting - www.galaxyconsulting.net
Need to ensure that current versions of applicable
documents are available at points of use.
On the effective day copies of the signed master
document should be distributed to the affected
departments.
The departments should remove the old version and
replace it with the new version (for revised documents). If
the document is new, there will be no replacement
document.
The old versions must be returned to document control.
On a periodic basis document control personnel should
audit the departments binders to determine if they contain
the correct document versions.
Each document binder should contain a table of contents
and only those documents that the department is
responsible for.
Documents Distribution
20. Galaxy Consulting - www.galaxyconsulting.net
A full set of all approved documents should be in the QA
department as well as in a central company location.
Distribution may be physical (paper documents) or
electronic.
When posting the document on electronic systems, ensure
that it is watermarked and everybody who needs to have the
new document knows about the posting (e.g. through an
email or workflow notifications).
When paper documents are distributed, documents need to
be stamped to identify that this is a controlled document and
users of this document need to verify that this is the most
current version before starting work.
An inventory of controlled documents should be created
with the exact location of each controlled document.
Documents Distribution
21. Galaxy Consulting - www.galaxyconsulting.net
Documents Distribution
Consider where designated controlled locations of your
documents will be established.
The storage and access of documents must easily allow
individuals to find the current version of a document to
use where needed.
Typically, the easier it is for employees to access
controlled copies when needed, the fewer times they
will feel the need to use an uncontrolled copy of a
document.
Inability to quickly find documents is frequently the
source of high costs and repeated discrepancies.
Ensuring timely and convenient access to documents is
very important.
22. Galaxy Consulting - www.galaxyconsulting.net
External Documents Distribution
GMP – “Ensure that documents of external origin determined
by the organization to be necessary for the planning and
operation of the Quality Management System are identified
and their distribution is controlled.”
Documents that do not originate within the organization
but are necessary for ensuring quality and meeting
customer requirements must also be controlled.
These can include customer, supplier or industry
documents. However, the extent of control is limited to
clear identification and controlled distribution.
A log or other records would suffice to track external
documents.
23. Galaxy Consulting - www.galaxyconsulting.net
Documents Archiving
GMP – “Prevent the unintended use of obsolete documents,
and apply suitable identification to them if they are retained
for any purpose. Old revisions of documents should be
stamped as superseded. No document revisions should be
discarded or altered. A file should be maintained within QA
that contains all the superseded documents and the signature
approvals of personnel who agreed to the revisions.”
Out-of-date documents or older versions of revised
documents must be protected from unintentional use.
Request the receiver of new documents to send back
obsolete documents.
If for some reason you need to retain obsolete versions of
documents, they need to be marked “obsolete” and
segregated from other documents to avoid their
unintended use.
Many organizations use a stamp: "Obsolete Document".
Retention schedule should be established.
24. Galaxy Consulting - www.galaxyconsulting.net
Document Management System
GMP regulations require that all documentation be
issued, managed, and controlled using a document
management system.
Main Objectives
Communication of Information - documentation is
a tool for information transmission and
communication.
Evidence of conformity - documentation is
provision of evidence that what was planned has
actually been done.
Knowledge sharing - documentation is used to
disseminate and preserve the organization’s
knowledge. A typical example would be a technical
specification, which can be used as a base for
design and development of a new product.
25. Galaxy Consulting - www.galaxyconsulting.net
Measuring Success of
Document Control System
User Satisfaction – Periodically survey your users on
usability of your documentation. Use the results to
improve the format of your documents and authors’
training.
Document Errors – Track the number of document
revisions due to mistakes in your documentation. Results
will often reveal weaknesses in your review and
proofreading processes.
Cycle Time – Measure the time it takes for a document to
be developed or revised from initial draft to release.
Cost – Consider tracking the costs associated with your
documentation including developing, revising, storing,
retrieving, distributing, filing, auditing, reviewing,
approving, etc. Of these potential costs, document
retrieval is often an expensive hidden cost generated
when individuals search endlessly for a document
because of inadequate indexing, organization, storage or
training.
26. Galaxy Consulting - www.galaxyconsulting.net
Change Control Procedure
A change control procedure is usually a Standard Operating
Procedures(SOP). It usually includes a change control form.
Used in a wide variety of products and systems.
Change procedure usually includes the following
components:
Identification - The identification of the changed
component and any other related item or document.
Effective Date - The effective date of the change which is
usually a completion date.
Responsibility - The change procedure should state which
department or designee is responsible for each function to
be performed.
Revision Number - The change procedure should describe
the way the revision level is to be incremented. It is
common practice to use sequential numbers for revisions.
Communication - The change procedure should describe
the communication of changes to all affected parties such as
production, purchasing, contractors, suppliers, etc.
27. Galaxy Consulting - www.galaxyconsulting.net
Change Control Procedure
Updating Documentation - The change procedure should cover
updating of primary and secondary documentation such as
instruction manuals.
Documentation Distribution - Revised documentation should be
distributed to persons responsible for the operations affected by
the change and old documents removed and filed or discarded, as
appropriate.
Remedial Actions - Certain changes may require remedial
action. Changes of this nature should be addressed in the change
control procedure.
Regulatory Submissions - There may be changes may that
require a regulatory submission. The change control procedure
should specify if regulatory submissions should be considered
when making a change.
Business Factors - The change procedure should also cover other
factors such as financial impact, modification of sales literature,
update of products in commercial distribution, etc.
Quality Assurance Review - The change procedure should cover
if the quality assurance review is required for the change.
28. Galaxy Consulting - www.galaxyconsulting.net
Formal process to ensure that changes to a system are
controlled and coordinated.
Reduces the possibility of unnecessary changes
without analysis, introducing faults into the system.
Goals include minimal disruption to services,
reduction in back-out activities, and cost-effective
utilization of resources involved in implementing a
change.
Typical examples are patches to software products,
installation of new operating systems, upgrades to
network routing tables, or changes to the electrical
power systems supporting such infrastructure.
IT Change Control Procedure
29. Galaxy Consulting - www.galaxyconsulting.net
IT Change Control Procedure Steps:
Record - A user initiates a change by making a formal
request.
Classify - The change control team then records and
categorizes that request. This categorization would include
estimates of importance, impact, and complexity.
Assess - Change control team makes an assessment
concerning risk, both to the business and to the process, and
who should carry out the change.
Plan - Management will assign the change to a specific
delivery team. The team will plan the change in detail and
construct a regression plan in case the change needs to be
backed out.
Build/Test - If all stakeholders agree with the plan, the
delivery team will build the solution, which will then be
tested. They will then seek approval and request a time and
date to carry out the implementation phase.
Implement – Solution is implemented.
Close/gain acceptance – Post-implementation review and
if users agrees that the change was implemented correctly,
the change can be closed.
30. Galaxy Consulting - www.galaxyconsulting.net
GxP/GMP and Information Technology
For a product to be produced in a GMP compliant manner, computer
systems involved in the development, manufacture, and sale of
regulated products must meet certain requirements:
Secure logging - each system activity must be registered, in
particular what users of the system do in the system.
No changes allowed - the logged information has to be secured so
that it cannot be changed once logged, not even by an
administrative user of the system.
Auditing – a system must be able to provide conclusive evidence
in litigation cases, to reconstruct the decisions and potential
mistakes that were made in developing or manufacturing a
regulated product.
Regular back-up and off-site storage of backed up data.
31. Galaxy Consulting - www.galaxyconsulting.net
Keeping archives - relevant audit information must be kept
for a set period. In certain countries, archives must be kept for
several decades. Archived information is still subject to the
same requirements, but its only purpose is to provide trusted
evidence in litigation cases.
Accountability - every piece of audited information must have
a known author who has signed into the system using an
electronic signature. No actions can be performed by
anonymous individuals.
Non-repudiation - audit information must be logged in a way
that no user could say that the information is invalid, e.g.
saying that someone could have tampered with the
information. One way of assuring this is the use of digital
signatures.
GxP/GMP and Information Technology
32. Galaxy Consulting - www.galaxyconsulting.net
IT Systems Validation
GMP guidelines require that IT systems must be validated by
adequate and documented testing.
GMP - “The software development process should be
sufficiently well planned, controlled, and documented to
detect and correct unexpected results from software changes."
Validation is defined as the documented act of demonstrating
that a procedure, process, and activity will consistently lead
to the expected results.
To validate software, it must be:
structured, documented, and evaluated as it is developed;
checked to make sure that it meets specifications;
adequately tested with the assigned hardware systems;
operated under varied conditions by the intended
operators or persons of like training to assure that it will
perform consistently and correctly.
It is important to note that since a document management
system is required to control documents, this document
management system must meet these validation requirements.