Overview:

Keeping current with the latest regulatory requirements and industry guidance can be a challenge when you have a hundred and one tasks to complete.

Over the first two days of the 3-day GAMP® 5 and Regulatory Records Requirements Training course, an overview is provided of the latest version of GAMP® 5: A Risk-Based Approach to Compliant GxP Computerised Systems.

The following day provides an insight into the American regulation for Electronic Records and Signatures 21CFR Part 11, and an important update on the now effective revised EU Annex 11 guidance. During a review of the regulation and guidance, links are discussed to GAMP® 5 and its corresponding good practice guide on electronic records and signatures.

Taking the opportunity to attend this course is useful for people working in healthcare manufacturing and related IT departments. Suppliers can also benefit. National Blood Service employees and other industries such as bank ATM manufacturers have also attended similar courses.

So if you want a full working understanding of current regulatory thinking on computerised systems in industry, for IT, process control systems and manufacturing/packaging equipment, why not attend our course?

Content:

Day 1

• Investigate the reasons for the GAMP® 5 version update

  • Industry developments

  • Regulatory drive including Quality Risk Management, ICH Guidance and integration into QMS

  • Latest terminology and common themes including relationship between Qualification Terminology and GAMP® 5 activities

• Compare the differences between GAMP® 4 and GAMP® 5

  • Cross referenced table of differences

  • Look at key concepts

  • Main article and contents

  • Appendices

• Review the life cycle approach and phases, including: life cycle concepts; concept, project and retirement

  • Project

    • planning

    • specification

    • configuration and coding

    • verification

    • reporting and release

    • support

  • To include practical examples based upon GAMP® categories of software

  • Operational phases including

    • Handover

    • CAPA

    • Change management

    • Security and system administration

• Introducing Quality Risk Management

  • An overview of Quality Risk Management including:

    • Integration to the QMS

    • The process itself and links to ICH Q9

• Describe regulated company activities to assure computerised system compliance

  • Elements to achieve compliance

    • Policies and procedures, roles and responsibilities

    • Training, managing supplier relationships, system inventories and specific activities

• Develop understanding of guidance on supplier activities

  • View help for suppliers; non configured product, configured product and custom package

  • Investigate supplier best practices

Day 2

• Consider guidance on efficiency improvements

  • Specific points in determining objective user requirements

  • Utilise risk assessment practice to determine life cycle activities

  • Influence supplier input and maximise use of own documentation

  • Effective testing and system handover

  • Operational activities

• Review main article topic 4, Life Cycle Phases, related Management Appendices

  • M1 Validation Planning

  • M2 Supplier Assessment

  • M4 Categories of Software and Hardware

  • M5 Design Review and Traceability

  • M7 Validation Reporting

  • Investigate changes to appendices and also new management appendix M10

• View appendix M3 Science Based Quality Risk Management relative to article 4 and 5 in the main contents of the guide

  • Roles and responsibilities

  • Guidance and examples for different categories of systems

Day 3

• Understand the regulation 21 CFR Part 11

  • What the requirements are

  • Why is the regulation necessary?

  • The difference between guidance and regulation

• Identify key terminology used in the regulation

  • Terms and definitions

• Lifecycle of a document

  • Electronic

  • Hard copy

  • Records

• What is in and out of scope?

  • Validation requirements for computer systems

  • Predicate regulations - what are they, where to look and why?

  • A focus on risk to records and the 'Hybrid' approach

• Links to validation

  • Validation requirements for computer systems

• Training

  • Requirements

  • Qualifications and experience

• Management of systems

  • For open and closed systems

  • Physical and logical controls

• Signatures

  • Signature/record linking

  • Their uniqueness

  • Biometrics

• Controls

  • Password ageing

  • Procedures

  • Management responsibilities

• Understand FDA Part 11 Guidance for Industry

  • Latest thinking and guidance

  • Why the FDA is now assessing whether companies are using its revised guidance

• Recall problems encountered by companies applying the rule

  • Potential problem areas

  • Case studies

  • Differing scenarios/FDA warning letter reviews

  • Comparison between how the FDA used to audit and report compliance issues and how it is now

• Identify and review EU GMP Annex 11 revised guidance on Computerised Systems focusing on records and signatures

  • Review includes:

    • Corresponding GMP Volume 4 Guide, revision of Chapter 4 Documentation

    • Updates from previous revision of Annex 11

    • Cross reference to Part 11

• Describe the GAMP® approach to 21 CFR Part 11 compliance

  • Links with GAMP® and risk assessment

  • Review examples from the guide

  • Use GAMP® risk assessment to assess a potential real scenario