1 / 26

The New GMP Annex 11 and Chapter 4

The New GMP Annex 11 and Chapter 4. Deadline for coming into operation: 30 June 2011. Why a New Revision?. Increased use of computerised systems with Increased complexity Increased use of electronic documents. Most Significant Aspects of Revision. Risk based approach to Validation

Download Presentation

The New GMP Annex 11 and Chapter 4

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The New GMP Annex 11 and Chapter 4 Deadline for coming into operation: 30 June 2011

  2. Why a New Revision? • Increased use of computerised systems with • Increased complexity • Increased use of electronic documents

  3. Most Significant Aspects of Revision • Risk based approach to • Validation • Operational controls • Harmonization with current industry good practice • Clarification of the acceptability of electronic records and signatures

  4. Contents of Chapter 4 • Principle • Required GMP documentation • Record/Report type • Generation and Control of documentation • Good Documentation Practices • Retention of Documents • Procedures and records • Other

  5. Contents of Annex 11 • Principle • General • Risk Management, Personnel, Suppliers and Service Providers • Project Phase • Validation • Operational Phase • Data, Accuracy checks, Data storage, Printouts, Audit trails, Change and configuration management, Periodic evaluation, Security, Incident management, Electronic signature, Batch release, Business continuity, Archiving • Glossary

  6. Updated Annex 11 and Chapter 4 Equivalent to the FDA’s Part 11 regulation for Electronic Records and Signatures

  7. Annex 11 Changes • Increased Scope • Risk Management • Roles and Responsibilities • Suppliers and Service Providers • Validation • Ensuring Data Integrity • Electronic Signatures • IT Support • Maintaining Validation

  8. Increased Scope of Annex 11 • Applies to all forms of computerised systems used as part of a GMP regulated activities • The application should be validated; IT infrastructure should be qualified. • Where a computerised system replaces a manual process there should be no resultant decrease in product quality, process control or quality assurance

  9. Risk Management • Throughout the System Life Cycle • Dependent on • Patient safety • Product quality • Data integrity • Justified and documented risk assessment • Very much in line with Q9 and GAMP5

  10. New Roles and Responsibilities • Close cooperation between all relevant personnel • New roles defined: • Process owner • Person responsible for the business process • System owner • Person responsible for the availability and maintenance of a computerised system • And the security of the data

  11. Suppliers and Service Providers • Major expansion into four classes: • Formal agreements, including IT-departments • Competence and reliability of supplier • Audit • Review documentation of COTS products • Availability of quality system and audit information to inspectors

  12. Validation • Life cycle approach • Manufacturers justify approach based on Risk assessment • Listing of systems (link with Annex 15 & VMP) • Current system description for critical systems • Requirement for URS and Traceability • Development within QMS • Customised or bespoke systems • Test methods and tools

  13. Controls for Ensuring Data Integrity • Covered by sections: • Data • Accuracy checks • Printouts • Audit trails • Security • Minimize risks of a wrong decision based on wrong data • Data Migration • Data Archiving • Check after Changes to s/w or IT-infrastructure

  14. Electronic Signatures • Same impact as handwritten • Be permanently linked • Include date and time

  15. IT Support of Validated Systems • Backup • To be checked periodically • Security • Incident management • All incidents reported and assessed. RCA of critical incidents resulting in CAPA • Business continuity • Documented and tested

  16. Maintaining Validation • Change and Configuration Management • Procedure defined • Involves Risk Assessment • Documented • Periodic Evaluation (aka periodic review) • Changes made • Compliant with GMP • Deviations and incidents • Upgrades • Security

  17. Chapter 4 - Documentation • Increasing use of electronic documents within the GMP environment • Documentation may exist in a variety of forms, including paper based, electronic or photographic media • For electronic record, read documentation

  18. Definition of Records • Provide evidence of various actions taken to demonstrate compliance with instructions • Records include the raw data which is used to generate other records • Define raw data, including used for quality decisions • Records used for batch release must be made available to the Qualified Person • if there have been any changes made to the record, then these need to be flagged for review

  19. Generation and Control of Documentation • Many documents (instructions and/or records) may exist in hybrid forms • i.e. some elements electronic and others paper based • Relationships and control measures for master documents, official copies, data handling and records need to be stated for both hybrid and homogenous systems. • Appropriate controls for electronic documents such as templates, forms, and master documents should be implemented. • Appropriate controls should be in place to ensure the integrity of the record throughout the retention period

  20. Generation and Control of Documentation (2) • Ensure a Record is True and Accurate • Appropriate Controls: • More Critical Records need More Stringent Controls!

  21. Retention of Documents • Batch Records: • To be defined for each manufacturing activity • Where each record is located • Security Controls implemented • Ensure Record Integrity • Throughout Retention period • Controls have to be Validated

  22. Other Changes • Introduction of EU GMP Vol. 4 Part III • Site Master File (new) • Q9 Quality Risk Management • Former Annex 20, new layout • Q10 Note for guidance on Pharmaceutical Quality System • Link to ICH guidelines

  23. Thanks to • Dr. Bob McDowall • Authors of GAMP CoP Annex 11 interpretation • Winnie Cappucci • Chris Clark • Tim Goossens • Sion Wyn

  24. Discussion Items • How to show there is “no resultant decrease in …, process control or QA”? [0.4] • How to show there is “no increase in overall risk”? [0.5] • Can a Risk Assessment be performed on a Computerised system? Or should this be the Computerised process! [1.2] • Why is [3.3] only applicable to regulated users, as others do not require to validate? • Supplier Audit information made available • What to do with agreed Confidentiality? [3.4]

  25. Discussion Items (2) • What are “the relevant steps of the life cycle.”? [4.1.1] • Is the required “listing of … systems … (inventory)” the same as the “summary of systems to be validated” required by Annex 15? [4.3.1] • What is defined as a Critical System? Examples? [4.3.2] • What are “reasonable steps, te ensure …”? [4.5] • What are considered “appropriate test methods and test scenarios”? [4.7.1] • How to “indicate if any of the data has been changed” on a printout? [8.2]

  26. Discussion Items (3) • Audit Trail [9.3] • How to get relevant information out of an AT? • What is meant by regular review of AT? • How to show an AT is reviewed? • What is the definition of Configuration Management in Annex 11? [10] • What is a sufficient evaluation period to confirm the validated state? [11.1] • What is meant by “Management systems for data and for documents”? [12.4] • What is “permanently linked to … record”? [14.4] • What is meant by “clearly identify … the person”? [15.1]

More Related