Risk Based EBRS Implementation using GAMP 5

Similar documents
Sparta Systems TrackWise Digital Solution

Sparta Systems Stratas Solution

Sparta Systems TrackWise Solution

Industry Guidelines for Computerized Systems Validation (GAMP, PDA Technical Reports)

Validation of a CMS Software

Development of Requirement Specifications for Computer Systems

Alexion Pharma International Trading

MHRA GMP Data Integrity Definitions and Guidance for Industry January Initial Review and Critique March 2015

GxP Compliant Laboratory Computerized Systems (2 nd edition)

This Document is licensed to

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

OMCL Network of the Council of Europe QUALITY ASSURANCE DOCUMENT

MHRA GMP Data Integrity Definitions and Guidance for Industry March Introduction:

Introduction. So what is 21 CFR Part 11? Who Should Comply with 21CFR Part 11?

Touchstone Technologies, Inc. Course Catalog February 2017

Rotronic Monitoring System Technical paper Version 1.0. Rotronic Monitoring System - Technical paper - Understanding RMS from an IT perspective

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

SDA COMPLIANCE SOFTWARE For Agilent ICP-MS MassHunter Software

GAMP Good Practice Guide: The Validation of Legacy Systems

EU Annex 11 Compliance Regulatory Conformity of eve

Standard Development Timeline

21 CFR PART 11 FREQUENTLY ASKED QUESTIONS (FAQS)

DATA INTEGRITY (EMA AUGUST 2016)

21 CFR Part 11 FAQ (Frequently Asked Questions)

Jointly Organised by: Presenter: Certificates endorsed by the National. Training Grant is available under HRDF SBL Scheme

Validation Summary SOP

Summary of PIC/S Guidance Good Practices for Data Management and Integrity in Regulated GMP/GDP Environments

Data Integrity and Worldwide Regulatory Guidance

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

How to implement NIST Cybersecurity Framework using ISO WHITE PAPER. Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved.

CIP Cyber Security Configuration Change Management and Vulnerability AssessmentsManagement

Good Laboratory Practice GUIDELINES FOR THE DEVELOPMENT AND VALIDATION OF SPREADSHEETS. Release Date:

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Leveraging ALCOA+ Principles to Establish a Data Lifecycle Approach for the Validation and Remediation of Data Integrity. Bradford Allen Genentech

System Assessment Report Relating to Electronic Records and Electronic Signatures; 21 CFR Part 11. System: tiamo (Software Version 2.

Vaccine data collection tool Oct Functions, Indicators & Sub-Indicators

Process Safety Management Training

Maintenance Qualification: Improving Compliance and Performance in Pharmaceutical Manufacturing

UK EPR GDA PROJECT. Name/Initials Date 30/06/2011 Name/Initials Date 30/06/2011. Resolution Plan Revision History

This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.

System Assessment Report Relating to Electronic Records and Electronic Signatures; Final Rule, 21 CFR Part 11

System Assessment Report Relating to Electronic Records and Electronic Signatures; 21 CFR Part 11. System: StabNet (Software Version 1.

NB Appendix CIP NB-0 - Cyber Security Recovery Plans for BES Cyber Systems

AUDITOR / LEAD AUDITOR PHARMACEUTICAL AND MEDICAL DEVICE INDUSTRY

± ± ± ± ± ± ± ± ± ± ± ± ± ñ ± ± ƒ

Frequently Asked Questions UNIFI v1.9 Service Release 4 Upgrade

The Role of the QP in MA Compliance

Data Integrity in Clinical Trials

KENYA ACCREDITATION SERVICE

FINAL Design Control Inspectional Strategy Revised February, 1998 All Previous Editions Are Obsolete Effective through May 31, 1998

TOP-010-1(i) Real-time Reliability Monitoring and Analysis Capabilities

1. STRATEGIC PLANNING

CIP Cyber Security Physical Security of BES Cyber Systems

ISPE Thailand 3 rd Seminar 2018

NERC CIP: Fundamental Security Requirements of an Electronic Access Control and Monitoring System (EACMS) Requirements Mapping to ConsoleWorks

Standard Operating Procedure Clinical Data Management

CIP Cyber Security Personnel & Training

October p. 01. GCP Update Data Integrity

Current Expectations and Guidance, including Data Integrity and Compliance With CGMP

By Cornelia Wawretchek. The Drug Manufacturer s Guide to Site Master Files

QP Current Practices, Challenges and Mysteries. Caitriona Lenagh 16 March 2012

ISSUE N 1 MAJOR MODIFICATIONS. Version Changes Related Release No. PREVIOUS VERSIONS HISTORY. Version Date History Related Release No.

BENEFITS OF EXCIPACT CERTIFICATION TO SUPPLIERS, USERS AND PATIENTS The role in Supplier Qualification. March 2011

Example of QbD Application in Japan Yoshihiro Matsuda, Ph.D.

GXP, E-RAW DATA AND E-ARCHIVE QA PERSPECTIVE

Rules for Operators. Version 6 / Version 6, 13 May 2011 Page 1/12

Comment sheet for MHRA draft document:

LOUGHBOROUGH UNIVERSITY RESEARCH OFFICE STANDARD OPERATING PROCEDURE. Loughborough University (LU) Research Office SOP 1027 LU

Advent IM Ltd ISO/IEC 27001:2013 vs

Standard Development Timeline

Automated Cloud Compliance. GxP and 21 CFR Part 11 Compliance

Issues that Matter Notification and Escalation

IT CONTINUITY, BACKUP AND RECOVERY POLICY

Electronic Data Processing 21 CFR Part 11

Meeting regulatory compliance guidelines with Agilent ICP-MS MassHunter and OpenLAB Server

CIP Cyber Security Incident Reporting and Response Planning

CIP Cyber Security Security Management Controls. A. Introduction

Good Computer Validation Practices

CONTROL SYSTEMS DESIGN SPECIFICATION

Date yyyy-mm-dd binding declaration GASTEC QA GENERAL REQUIREMENTS

Reliable Environmental Monitoring Systems by Design

FlexAct BT (Bag Tester) Service November, 2015

_isms_27001_fnd_en_sample_set01_v2, Group A

CIP Cyber Security Systems Security Management

Unofficial Comment Form Project Operating Personnel Communications Protocols COM Operating Personnel Communications Protocols

Guidance Solvency II data quality management by insurers

CIP Cyber Security Personnel & Training

TRULY INDEPENDENT CYBER SECURITY SPECIALISTS. Cyber Major

The Role of the American National Standards Institute (ANSI) Irwin Silverstein, Ph.D. IPEA

ILNAS/PSCQ/Pr004 Qualification of technical assessors

API documentation from the perspective of WHO-PQP

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

LNE/G-MED North America, Inc

CIP Cyber Security Physical Security of BES Cyber Systems

Data Integrity. Developments, updates, and deficiencies. Paul Moody, GMP Inspector. GMP Conference. 7 February 2017 Dublin

How AlienVault ICS SIEM Supports Compliance with CFATS

Pharmaceutical Supplier Auditor Certification Scheme The PS Scheme

21 CFR Part 11 LIMS Requirements Electronic signatures and records

Standard Development Timeline

Standard operating procedure

Transcription:

Risk Based EBRS Implementation using GAMP 5 Gilberto Rossi 1 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Risk management - why do we need it? Taking risk managing risk and mismanaging risk 2 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Risk-based EBRS Implementation using GAMP 5 Based on ICH Q9 and GAMP 5 Key Concepts Business model and URS based on production process with interfaces to SAP, LIMS & Trackwise Electronic Batch Record for manufacturing and packaging Scientific risk assessment using HACCP method Risk mitigation for GMP and the business Review by exception and electronic signatures 3 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

5 Key Concept 1. Product & Process Knowledge 2. Integrated Life Cycle Approach in a QMS Environment 3. Flexible & Scalable Life Cycle Activities 4. Quality Risk Management 5. Massimize Supplier Involvment & partecipation 4 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

ICH Q9 EU GMP Annex 20 Risk management tools are chosen according to the needs of the project: FMEA -FTA -HACCP - HAZOP We chose the HACCP tool to build on product and process understanding and support identification of critical control points 5 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

6 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

EBRS Project Life Cycle Overview (GAMP 5 ) Good Practice Business Process GMP Requirements Requirements (URS) Specification, Design & Configuration Verification (IQ & OQ) Acceptance & Release Operation & Continuous Improvement Company QMS Risk Management Design Reviews Change Management 7 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

System Life Cycle Phases 8 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

EBRS Project General Overview CTP SYSTEM New electronic system, integrated with SAP and LIMS Replacement of current paper based system Intended to improve Process Performances & Compliance Batch Review Process, with Review By Exception Management & Storage of Data from production Includes both Manufacturing and Packaging Single site Approx 10.000 batches per year, Approx 10 bulk formulations, Approx 1000 packaging presentations 9 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

EBR used for Manufacturing and Packaging: Key Point Electronic Master Batch Records (EMBR / MBR) Electronic Batch Records (EBR / ER) ( Dispensing, Production and packaging Material Tracking (ER) Shop floor control and equipment management Deviations, Exceptions and Event Management (ER) Electronic Signatures (ES) Review By Exception (RBE) Key Performance Indicators 10 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Example of Business Flow (& indication of Potential CCP) 11 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Interface SAP / EBRS 12 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Scientific Risk Assessment - HACCP CTP SYSTEM 1. Conduct Hazard analysis for each step of the process 2. Determine critical control points (CCP) 3. Establish target levels and critical limits 4. Establish a monitoring system for each CCP 5. Establish corrective actions when monitoring shows that CCP is out of control 6. Establish verification procedures or methods 7. Establish a record-keeping system 13 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

1. Hazard Analysis List hazards at each step of business flow Description of hazard (what could go wrong?) Cause of hazard (What caused the problem?) Reference hazards to Business flow diagrams with Subject Matter Experts from Production, QA, IT URS and intended use of EBRS GMP regulations from EU, FDA, Part 11 14 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

1. Intrinsic risk of hazards CTP SYSTEM Severity Minor Moderate Major High M H H Probability Medium L M H Low L L M Negligible L L L Low: ACCEPTABLE within the context of the project - managed according with procedures Medium: UNACCEPTABLE CORRECTIVE ACTION REQUIRED - reduce risk according to identified control points High: COMPLETELY UNACCEPTABLE RISK MUST BE ELIMINATED using at least two independent control mechanisms 15 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

1. Examples of hazard analysis GMP Hazards Hazard Severity Probability Risk Measure Contamination of product from damaged containers Calculated IPC results are outside the defined range in the processing or packaging instructions but no alarm is generated or recorded Business Hazards Major Low M Major Medium H System must be designed to require that damage to containers of materials is followed up by production supervisor and the results of the investigation recorded System must be designed to compare the calculated value of the IPC with the predefined limits, and produce an alarm if there is a discrepancy. System must force an authorising signature from a responsible person in Production if the IPC is outside the acceptable range Hazard Major network failure leads to unavailability of system and production stops Product recipes, MBR and other industrial secrets are compromised Severit y Probability Risk Measure Major Medium H Continious network management. Major Low M System must be closed. 16 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

2. Determine critical control points (CCP) Controls to prevent or eliminate a pharmaceutical quality hazard or reduce it to an acceptable level Only for High and Medium risk hazards No CCP for Low risk hazards Controls classified as Critical Control Points (CCP) Good Practice (reference to procedure to be followed) 17 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

3. Examples of CCP & Critical Limits GMP Risk CTP SYSTEM GMP Risk Cause CCP Critical Limit Damaged containers not detected and investigated Out of SPEC - IPC NOT DETECTED Software must force supervisor to document and explain damage to product containers if recorded by operator, on receipt into manufacturing System must generate a warning message when calculated IPC result is equal to or more than the quality limit As defined in SOP for the process; check container status Calculated value compared to upper and lower quality limits from MBR Business Risk Cause CCP Critical Limit Inadequate network planning, management or configuration Unauthorized persons have access to EBR functions Ensure adequacy of network design with redundancy and built-in failsafe operational modes. Ensure rigorous system testing and validation of critical network functions and controls Only authorized persons within the organization have access to critical functions Network manager with defined job responsibilities with problem escalation process for the business Security compared to access control list defined by system owners 18 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

4. Monitoring system for each CCP CTP SYSTEM Measurement of CCP against critical limits Types of monitoring: operator entries compared to limits input value read from a barcode compared to Expected value ALARM ALARM Results of monitoring recorded and included in batch record Alarms are managed as deviations 19 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

5. Corrective actions in case of deviations Determination and correction of the cause of non- compliance Determination of the disposition of the non- compliant product Recording of the corrective actions that have been taken 20 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

6. Verification procedures Monitoring of CCP in software development life cycle traceability to FS done by Supplier document results in IQ verify in OQ verify in PQ, including interfaces Residual control, not included in system of system scope will be monitored and managed under SOP 21 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

7. Documentation and record keeping Deviations Corrective actions CCP monitoring activity log Changes to process steps Changes to associated hazards Changes to critical limits Verification procedures and schedules 22 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Benefits of HACCP Method Close integration with known business process flows Focus on hazards that lead to risk Feed back to URS and system development Prioritize risks in a systematic manner Reduced validation activity Clear Evidence so, Strong acceptance from management 23 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Residual risk CTP SYSTEM 24 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Review by Exception (RBE) CTP SYSTEM Electronic system allows filtering to Include critical exceptions and deviations to the process Exclude normal operational data Verification of RBE functionality is directly linked to scientific risk assessment as part of system design Regulatory guidelines allow QA review of exception reports for batch records 25 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Regulatory Expectations for Review by Exception (RBE) Functionality is clearly defined in Requirements and specification documents Reference data is retained for the appropriate period The computerized means of review is at least as comprehensive and accurate as the manual review Accuracy and reliability is demonstrated through Qualification and ValidationV 26 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Benefits of Review by Exception (RBE) Production resources and QA are focused on issue resolution and investigation Time consuming verification of complete batch record is not needed, as critical control points are monitored and controlled by validated systems 27 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

Tineke Bos Philp Rees +[39] 348 5479178 philip.rees@ctpsystem.com Gilberto Rossi +[39] 348 7216946 gilberto.rossi@ctpsystem.com 28 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback