The details of documentation requirements are described in chapter 15 Documentation. Depending on the risk classification, in this case the whole set of validation activities must be executed. Whenever an application is programed for an individual application, it belongs to this class. 9.D.1.5 Class 5 - Customer-specific software In validation, particular attention should be paid to the configuration. Validation should be executed as described in chapter 9.E Validation of computerised systems and all details must be recorded as described above for class 1-3. Specific functions may often be realised using programs or macros these should then be treated as class 5. The complete functionality can be changed by configuration. Typical members of this class are: MES (Manufacturing Execution Systems), ERP (Enterprise Resource Planning), control systems (SCADA - Supervisory Control And Data Acquisition) and DCS (Distributed Control Systems) such as room temperature controllers. These are usually more complex applications that are available with a wide variety of standard interfaces. 9.D.1.4 Class 4 - Configurable standard software packages For standard software packages used in highly-sensitive GMP areas with a high risk for product quality, it may necessary to execute a supplier assessment or even a supplier audit. In addition, all calculation methods, algorithms, alarm messages and warning messages used must be checked and documented during qualification, normally operational qualification. ![]() The procedure for class 3 is the same as class 2. This class also includes all off-the-shelf software: COTS (commercial off the shelf), such as office programs. This typically includes analysis software in spectrophotometers, HPLC systems, gas chromatographs (GC), near infrared spectrophotometers (NIRA) and other laboratory instruments, as well as statistical evaluation packages. 9.D.1.3 Class 3 - Standard software packagesĬommercially available software normally falls into class 3. A detailed procedure for qualification is provided in chapter 6 Qualification.īefore start-up, it must be ensured that the necessary operating instructions (SOPs - Standard Operating Procedures) are available and that users are trained in these. It is important that all changes in the firmware, as well as any changes to the configuration parameters, are subject to change control. The configuration parameters must be verified and documented during qualification. The correct functioning of the software is tested and documented as a part of the installation qualification (IQ) and operational qualification (OQ). Examples in this class include washing machines, drying ovens, balances, barcode scanners, etc. In this case, it is pragmatic to record the equipment using design and serial number, since only externally accessible information is easy to verify and to test. This name and the version may not be visible from externally. ![]() ISPE) proposes recording of the name and version for firmware. Firmware may also belong class 5, if it has been specifically programmed for an installation. Firmware can require that certain parameters are entered and configured, such as the date format, current date, time, etc. 9.D.1.2 Class 2 - Firmwareįirmware is typically used in controls and instruments. The operating system is implicitly tested and hence covers the validation of the application, since all higher functions rely on this functioning flawlessly. In this class, only the name and the version are documented. ![]() The complexity and validation requirements increase from class 1 to class 5. The classes are divided according to the validation requirement and deliverables. In the annexes of the GAMP ‚ 4 Guide, software is divided into five classes and hardware into two classes, depending on their complexity. This chapter is therefore only intended to cover the practice-related, specific aspects of risk management for computerised systems. Which measures should be taken depending risk class?Ĭhapter 10 of the GMP Guide (see chapter 10 Risk Management) provides an excellent description of risk management in general. Which criteria can be used to classify computer systems into risk classes? Here you will find answers to the following questions:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |