What is GAMP 5
GAMP®5 stands for Good Automated Manufacturing Practices issue 5. The GAMP 5 Guide is meant to assist pharmaceutical manufacturing companies in managing GxP Regulated systems. The GAMP guideline is purely advisory and has no legal obligation. Yet, the guideline is referenced by many regulatory agencies worldwide.
What is the Purpose of GAMP 5
The purpose of GAMP 5 is to achieve compliant computerized systems that are fit for intended use in an efficient and effective manner to meet current regulatory requirements.
It facilitates the interpretation of regulatory requirements. This also aims to safeguard patient safety, product quality, and data integrity, while also delivering business benefit.
Scope
The GAMP 5 Guide is intended for use by regulated companies, suppliers, and regulators. Suppliers include providers of software, hardware, equipment, system integration services, and IT support services, both internal and external to the regulated company.
GAMP 5 History
A few UK based pharmaceutical experts initiated the work on the GAMP guideline for better management of GxP compliance. Eventually, they joined forces with the International Society for Pharmaceutical Engineering (ISPE) and published the first GAMP guideline in 1995.
Many revisions in the guideline were published after the first issue. The last two revisions are GAMP4 (published in 2001) and GAMP5 (published in 2008).
Concept
The most recent revision is conceptually grounded on the science-based risk management strategy mentioned in 21st Century regulatory GxP compliances and the ICH Q8, Q9 & Q10. GAMP also designed GAMP 5 to be compatible with IEEE standards, ISO 9000 and 12207, IT Infrastructure Library (ITIL), and other international standards such as PIC/S Guidance Practice for Computerized Systems in Regulated GxP Environments. The following figure inspired from GAMP documentation summarizes the structure of the document.
This graphic is GAMP®5 inspired
Key Principles
The Five Key Principles of the guideline are as below:
Key Principle 1: Product and Process Knowledge
Starting with the product and process knowledge helps in critical and non-critical aspects. It is essential to determine system requirements and to make decisions based on risk assessment, to ensure that the system is “suitable for use”. While determining this suitability, attention should be focused more specifically on “those aspects crucial to patient safety, product quality and data integrity”.
Key Principle 2: Lifecycle approach
According to GAMP5, the life cycle of a computerised system should be defined within the quality management system (QMS). It allows for a consistent approach across all systems. There are four major phases defined for any system:
This graphic is GAMP®5 inspired
-
- Concept:
This stage is out of the GAMP scope. At this stage manufacturers are considering possible automation opportunities, listing out the initial requirements and searching for suitable computerised system suppliers. - Project:
This is the stage at which organizations release a computerized system based on the GxP compliance assessment. The Project phase consists of five important process steps as depicted in V-Model given below.
- Concept:
This graphic is GAMP®5 inspired
-
- Operations:
This is a stage at which a computerised system is used in day to day operations. This is the longest phase in the lifecycle of a product. The main objective in this case is maintenance of the product in the validated state. The examples of essential process at this stage are change control and disaster recovery. - Retirement:
This is the stage at which a computerized system is retired, decommissioned or migrated. The retirement phase is not officially defined in GAMP, but the operations needed for retirement are described in the operation stage.These activities may include the retirement plan, data management after the retirement.
- Operations:
Key Principle 3: Scalable
GAMP-5 advises to look for scalable approaches while developing a computerised system. Scalability can be achieved with the help of a “V” model, which can be extended or even reduced based on the scale or scope of the system that is being validated. The GAMP 5 guideline elaborates three practical examples of the “V” model.
Key Principle 4: Quality Risk Management
The risk based prioritization is helpful to spend more time and effort on critical aspects to the quality. GAMP 5 advises to do more rigorous testing on critical to quality aspects. It enables companies to focus on critical aspects of the information system and to develop controls to mitigate the associated risks. It is where a clear comprehension of the product and the process is crucial to determine the potential risks to the patient safety, product quality and data integrity.
This graphic is GAMP®5 inspired
Key Principle 5: Leverage Supplier Activity
The guideline also proposes to leverage supplier expertise and activity support for smarter and faster adoption of the computerised system.It applies more specifically in assisting the manufacturer with : maintenance, testing and technical support, collection of requirements and configuration of the information system.
GAMP 5 Categories
The GAMP 5 guidance provides a risk based approach for classifying softwares according to risk involved in GxP and Functional compliance. The category 2 that was associated with firmwares in the GAMP 4 is removed from GAMP 5. The classification system is as follows:
Category |
Software Type |
Activity Level |
1 |
Infrastructure |
|
3 |
Non-configurable Software |
|
4 |
Configurable Software |
Testing comprises:
|
5 |
Customizable Software |
Testing comprises:
|
As per this classification system the risk associated with each category type increases from sequentially from Category 1 to Category 5. The more the risk associated with the category, a more rigorous Computer System Validation (CSV) approach is needed for the system. Higher the GAMP5 category higher activity is needed to be performed at specification and validation steps of the project phase V-model.This is how the guideline enables manufacturers to make more rational decisions.
Conclusion
GAMP 5 is the most comprehensive guideline for validating the computerised systems to meet GxP requirements. It is coherent with the current GxP requirements defined by the EU & US regulatory agencies. The GAMP 5 revisions account for constantly changing developments and requirements.
The correct GAMP 5 application allows the manufacturers to reduce significantly on the time and costs necessary for the validation as well as the maintenance of their (compliant) systems. Most importantly it prepares the manufacturers to overcome government audits and inspections more easily.