A brief on GAMP 5 Categories, V Model and 21 CFR Part 11, EU Annex 11
What is GAMP 5?
- Good Automated Manufacturing Practice, Founded in 1991. International Society for Pharmaceutical Engineering (ISPE) sets the guidelines for manufacturers and the current Version is GAMP 5.
- GAMP describes a set of principles and procedures that help ensure that pharmaceutical Software have required quality.
- Computer system validation (CSV) following GAMP guidelines require users and suppliers to work together so that responsibilities regarding the validation process are understood.
- For users: GAMP provides a documented assurance that a system is appropriate for the intended use before it goes “live.”
- Suppliers can use GAMP to test for avoidable defects in the supplied system to ensure quality products are produced.
Why GAMP 5?
- Facilitates the interpretation of regulatory requirements.
- Establishes a common language and terminology.
- Promotes a system life cycle approach based on good practice.
- Clarifies roles and responsibilities.
- Focus attention on those computerised systems with most impact on patient safety, product quality, and data integrity
- Avoid duplication of activities
GAMP 5 Categories
Difference between Category 4 and Category 5 in GAMP 5
- Configuration and customisation of software are terms that are poorly defined in the validation world and frequently used interchangeably, especially in a vendor’s marketing literature.
- It is important to understand the difference between these two terms as they mean entirely different things and consequently can have a dramatic impact on the amount of validation work that you could undertake.
Configuration: The modification of the function of a software product to meet business process or user requirements using tools supplied by the supplier. These tools can include input of user-defined text strings for drop-down menus, turning software functions on or off, graphical dragging and dropping of information elements, and creation of specific reports using the standard functionality of the package.
Customisation: The writing of software modules, scripts, procedures, or applications to meet business requirements. This can be achieved using an external programming language (such as C++ or .NET or PL*SQL for database procedures), macro instructions, or an internal scripting language specific for a commercial application.
Depending on the user requirements the same implementation can be Category 4 or 5
What is SDLC Model? and What model GAMP 5 Suggests?
•The software development life cycle (SDLC) is a framework defining tasks performed at each step in the software development process.
- SDLC is a structure followed by a development team within the software organization.
- IIt consists of a detailed plan describing how to develop, maintain and replace specific software.
- The life cycle defines a methodology to deliver the quality of software and the overall development process.
What is 21 CFR Part 11 and EU Annex 11?
- 21 CFR (Code of Federal Regulations) Part 11 has defined by the US FDA regulations that set forth the criteria applies to electronic records and electronic signatures that persons create, modify, maintain, archive, retrieve, or transmit under any records or signature requirement set forth in the Federal Food, Drug, and Cosmetic Act, the Public Health Service Act, or any FDA regulation
- Annex 11 is part of the European GMP Guidelines and defines the terms of reference for computerised systems used by organisations in the pharmaceutical industry.
Queries?
- Any relation between GAMP 5 or v Model with 21 CFR Part 11 ?
- Both are the set of guidelines which are used to validate a computer based software used in a pharma manufacturing companies.
- The guidelines are predefined and a software should comply with the guidelines.
- GAMP talks about “the How” and the 21 CFR talks “the What” during the Validation of computer based software for Pharma companies.
- GAMP is a methodology and 21 CFR is a regulation.
- 21 CFR Part 11 is US FDA and Annex 11 is EU guidelines.
2. A Company is delivering a software to banking sector they never heard of part 11 but when the Pharma customer wants them to map Part 11 requirements will the solution comply with them?
- Even if a company is delivering a software to banking sector, the solution will generally comply with part 11 requirements.
- In banking software’s there may not be the reference of Part 11 but the requirements of Part 11 will be definitely met by the banking software’s
3. A software company is following SDLC models from the past 8 year. For the first time they are delivering a Pharma solution. When the customer team comes for an audit what software development methodologies they need to demonstrate to win the auditor.
- Whenever there is an audit of the customer need to explain the detailed procedure followed to develop a software right from the beginning of User requirement gathering to the maintenance and support.
- Even if the company does not know the standard guidelines, we can map the existing followed procedure with the guidelines and standards to comply with client requirements.
- The company which comes to audit have a set of guidelines or criteria which the supplier should comply in order to pass the audit.
- The pharma companies look into whether the software follows GAMP, or Part 11 or EU annexure 11.
- To win the auditor the company must have followed an SDLC Methodology with Proper Reviews and Tracking.
4. A software company don’t want to follow V model, still wanted to deliver Pharma software’s. Will this be acceptable to Pharma Company?
- Acceptable as long as Software Company follow standard SDLC models and follow the Standards for developing and managing the code
SDLC V Model
Subject Matter Expert - Pharmacovigilance