Upload
others
View
176
Download
2
Embed Size (px)
Citation preview
10/7/2004 [email protected]
Good Automated Manufacturing Practices (GAMP)
Klaus Krause, AmgenISPE/GAMP Americas Steering Committee
ISPE San Francisco/Bay Area Chapter Meeting, October 7, 2004
10/7/2004 [email protected]
Presentation Overview
I. GAMP - Organization and Objectives
II. GAMP4 Guide for Validation of Automated Systems
10/7/2004 [email protected]
Pivotal InspectionBefore
AfterValidation PlanAdditionally:
SpecificationDesign Review (DQ)Source Code ReviewSupplier Audit
IQ
OQ
PQ
Validation Report
10/7/2004 [email protected]
GAMP Objectives
Achieve Compliance by building upon existing industry good practices in an effective and efficient manner
10/7/2004 [email protected]
GAMP Forum
Special Interest Groups (SIGs)
European Steering
Committee
AmericasSteering
Committee
GAMP Council
IndustryBoard
Local ISPE
10/7/2004 [email protected]
GAMP CouncilTechnical Sub-Committee of ISPE
Set DirectionsInfluence Industry and Regulators on the Interpretation of Regulations pertaining to:
Information SystemsControl SystemsLaboratory Systems
10/7/2004 [email protected]
GAMP Organizations
GAMP DACH
GAMP Americas
JETT
Supplier ForumSupplier Forum
GAMP Europe
GAMP Japan
10/7/2004 [email protected]
Special Interest Groups (SIGs)
Laboratory Systems IT Infrastructure QualificationManufacturing Execution SystemsElectronic Data ArchivingGlobal Information SystemsResearch and Development Systems
10/7/2004 [email protected]
Special Interest Groups (SIGs)
Building Management SystemsTesting of GxP Critical Systems JETT Consortium
10/7/2004 [email protected]
Influence
Established reference in UK/Europe Cited by regulators as baseline practice by regulators (inc. FDA and MCA)Training of FDA Inspectors
10/7/2004 [email protected]
GAMP Good Practices Guides
GAMP4 Validation of Automated SystemsCalibration ManagementValidation of Process Control SystemsValidation of Legacy Systems
10/7/2004 [email protected]
GAMP Good Practices Guides
In PreparationValidation of Laboratory SystemsIT Infrastructure QualificationValidation of Manufacturing Control Systems (MES)Validation of Global Information Systems
10/7/2004 [email protected]
GAMP Good Practices Guides
In PreparationValidation of R&D SystemsValidation of Building Management SystemsTesting of GxP Critical SystemsRisk based Qualification of Equipment
10/7/2004 [email protected]
GAMP4 Principles
Create simple, well understood rulesScale validation for size, criticality, and complexityBenefit from supplier capabilitiesBenefit from configurable SW packagesMaintain validated state of the system in the operational environment
10/7/2004 [email protected]
GAMP4 Principles
Harmonize GAMP terminology with international quality concepts and industry initiativesCollaborate with other industry groupsAchieve greater awareness of GAMP internationally
10/7/2004 [email protected]
Structure of GAMP4 Guidance
GAMP4 Guide is main bodyGood Practices Guides are supplements to GAMP4 GuideGuidance follows validation life cycleGxP Compliance Solutions for System Users and Suppliers
10/7/2004 [email protected]
Structure of GAMP4 Guide
GAMP Principles and Framework
Appendices
Management Development Operation
10/7/2004 [email protected]
GAMP4 Themes
System Development Life CycleValidation PlanningRisk and Impact AssessmentSupplier Quality ManagementSpecificationsDesign ReviewFormal Testing/Verification
10/7/2004 [email protected]
Automated SystemEnvironment: Legal, Organizational, Physical, Technical
Documentation
Equipment, InstrumentsComputer Hardware
System Software
Application SW
Data
Used together …for a given task
10/7/2004 [email protected]
GAMP4 Software Categories
1 - Operating Systems2 - Firmware3 - Standard Software Packages4 - Configurable Software Package5 - Custom Software
10/7/2004 [email protected]
GAMP4 Life CycleUser Requirements
Specifications PerformanceQualification
FunctionalSpecifications
DesignSpecifications
InstallationQualification
OperationalQualificationrelated to
related to
related to
System Build
10/7/2004 [email protected]
System Verification & Validation
Sys. Req.
System User Requirements
Supplier Hardware Software Data0101 0110 1010 1011 0101 1101 0101 0110
QMS
Design Review
Audit Report
Qualific. Protocol
Test Report
Verification Protocol
Review Protocol
= Validation Summary Report
10/7/2004 [email protected]
Management of the Validation
Validation PlanningSupplier AuditRisk AssessmentCategories of Software and HardwareDesign Review and Traceability MatrixQuality and Project PlanningDocument ManagementProject Change ControlValidation Reporting
10/7/2004 [email protected]
Validation Planning
StrategyDeliverablesResponsibilitiesStandards and Procedures
Formally approved Plan
10/7/2004 [email protected]
System Categorization
Many systems contain software components of more than one category:
Operating SystemConfigurable applicationFirmwareCustom modules
10/7/2004 [email protected]
Supplier Assessment
Guidance and tools on: Assessment of capabilities and productAuditsManagement
10/7/2004 [email protected]
User – Supplier RelationshipPrimary Responsible for TestingPrimary Responsible for Specification
System Acceptance Testing(Operational Qualification
of Computer/PLC)
System Acceptance Testing(Operational Qualification
of Computer/PLC)
Hardware Acceptance Testing(Installation Qualification
of Computer/PLC)
Hardware Acceptance Testing(Installation Qualification
of Computer/PLC)
FunctionalSpecification
Hardware DesignSpecification
Testing of the URS
Testing of the Functional Specification
Testing of theHardware Specification
User RequirementsSpecification
PerformanceQualification
UserUser
User
and
Supplier
User
and
Supplier
Software DesignSpecification
Software DesignSpecification
Code ModulesCode Modules
Software ModuleSpecification
Software ModuleSpecification Software Module TestingSoftware Module Testing
Software IntegrationTesting
Software IntegrationTesting
Supplier
Supplier
Review and TestModules
10/7/2004 [email protected]
Validation Strategy
Based on:Risk AssessmentAssessment and Categorization of System ComponentsSupplier Assessment
10/7/2004 [email protected]
Risk and Impact Assessment
Identify ProcessesAnalyze:
Risk scenariosEffects for each eventLikelihood of eventsSeverity of ImpactLikelihood of Detection
Plan for Risk Management
10/7/2004 [email protected]
Validation ActivitiesPlanning Prepare written Validation Plan.
Specification Specify and agree what is required. Perform Design Reviews
Prepare document to describe how the equipment or system is to be tested.
Test PlanningIQ, OQ, PQ
TestingIQ, OQ, PQ
Perform tests and collect results.
..Review results to show that the systemperforms as specified, report conclusions
plus any reservationsReview
10/7/2004 [email protected]
Validation Approach
Category 1: Operating SystemRecord version (incl. Service pack)Challenge OS indirectly by the functional
10/7/2004 [email protected]
Validation Approach
Category 2: Firmware (Off-the-Shelf)
IQ: Verify name, version, configuration, and calibrationOQ: Test functionalityChange Control for firmware and configuration
parametersSupplier Audit for complex or critical
applications
10/7/2004 [email protected]
Validation Approach
Category 3: Standard Software PackagesConfiguration limited to the environment and
parametersIQ verifies name and version
OQ tests user requirements
Supplier Audit for critical applications
10/7/2004 [email protected]
Validation Approach
Category 4: Configurable Software PackagesTreat like Category 5 if platform and package not mature
and well-known
10/7/2004 [email protected]
Validation Approach
Category 5: Custom SoftwareExecute complete Validation Life Cycle
10/7/2004 [email protected]
Qualification Approach
Category 1: Standard Hardware ComponentRecord Model, Version, Serial number of pre-assembled hardwareVerify installation and ConnectionsUse hardware data sheet or other specifications for information on sealed unitsApply change control and configuration management
10/7/2004 [email protected]
Qualification Approach
Category 2: Custom Built HardwareSame as Category 1, plus:
Design Specifications with configurationAcceptance TestingSupplier Audit of development processVerification of Compatibility for components from different SourcesVerification at IQ
10/7/2004 [email protected]
System DevelopmentBuild System and Achieve Validated State
User Requirement SpecificationFunctional SpecificationHardware Design SpecificationSoftware Design SpecificationProduction, Control, and Review of SoftwareTesting of Automated System
10/7/2004 [email protected]
System Specifications
Define the SystemAllow further Specifications to be developedAllow the System to be developedAllow Maintenance of the System
10/7/2004 [email protected]
Design Review (1)
Evaluate Deliverables against Standards and requirementsIdentify problems and propose corrective actions
10/7/2004 [email protected]
Design Review (2)
Are all Requirements addressed?Is functionality appropriate and consistent?Will the system meet predefined standards?Is system appropriately tested?
10/7/2004 [email protected]
Requirements Traceability
Forward and backward traceability:
System Requirements Design Test
10/7/2004 [email protected]
Traceability Matrix
NNText…2.2YNText…2.1
SATEST39.6
DS_DOC16.2
FS02 4.2.5NYText…2.0
SATEST37.8
DS_DOC14.5
FS02 3.1.4YYText…..1.0
Test Ref (IQ, OQ, PQ, FAT, SAT)
DS Ref FS RefOther?GxP?DescriptionURSRef
10/7/2004 [email protected]
Software Control
Module Traceability and IdentificationDesign and Documentation PrinciplesGood Programming PracticeSource Code Review
10/7/2004 [email protected]
Testing of Systems
Test Planning, Specification, Execution, DocumentationScope of TestingTest SpecificationsTest DeliverablesGood Practices for Testing
10/7/2004 [email protected]
System OperationMaintain Validated State
Periodic ReviewService Level AgreementAutomated System SecurityOperational Change ControlPerformance Monitoring
Record Retention, Archive, and RetrievalBackup and Recovery of Software and DataBusiness Continuity Planning
10/7/2004 [email protected]
GAMP4 Recap
GxP Computer Compliance SolutionsIntegration of Quality Standards (ISO9000) and Industry Standards (IEEE)Consensus of Regulators, Life Science Industry, and Consultants
10/7/2004 [email protected]
Acknowledgments
Dr. David Selby, Selby Hope International
Sion Wyn, Conformity
Arthur Perez, PhD, Novartis