Riunione Gruppo GCP Qual il Processo della Computer

Riunione Gruppo GCP Qual è il Processo della Computer System Validation? Dr. D. Marcozzi Head of Clinical and CSV QA dept. of SIGMA-TAU Milano, 31 marzo, 2005

Parleremo di: ü CONVALIDA ü FORNITORI ü Analisi e Gestione del RISCHIO ü Nuova visione delle CONVALIDE

Cos’è la CONVALIDA? Si si …un bel vestito….

Cos’è la CONVALIDA?

Cos’è la CONVALIDA? Mi dicono che avrei fatto una CONVALIDA? ?

Cos’è la CONVALIDA? O meglio………….

Che cos’è la Computerized System Validation (CSV)

Primo: cos’è un Computerized System? Personnel Software Hardware Documentation Instrument Documentation Control System Procedures Infrastructure Operating Environment

Validation is…. “Establishing documented evidence which provides a high degree of assurance that a specific process will consistently produce a product meeting its pre-determined specifications and quality attributes”

Current Validation is the entire procedure of gathering documented evidence that a computer-related process or a system performs according to its intended function reliably and consistently throughout its life.

Le parole “CHIAVE” ü Documented ü Process/system ü Pre-Determined ü Quality Attributes ü Entire Procedure ü Reliably and consistently ü Life

The life cycle concept of Computer Validation is a PROCESS, not an event Validation activities span the entire System Life Cycle: ü Planning ü ü ü ü Requirements Analysis Design Implementation Testing Acceptance On going Retirement

Planning and Implementation A Life cycle approach Requirements Maintenance System Selection User Documentation Operation Specify & Design Qualification Supplier Testing Build

Planning and Implementation A Life cycle approach URS PQ FS OQ DS IQ System Build

Planning and Implementation A Life cycle approach Planning Validation Plan Specifications URS, FS, DS (required) Test Planning (IQ, OQ, PQ) Doc. come testare il sistema Testing Test e risultati Review Validation Report

Validation activity and “life cycle” PROJECT ACTIVITY LIFE CYCLE PHASE VALIDATION ACTIVITY USER REQUIREMENTS FUNCTIONAL SPEC. PLANNING & SPECIFICATION VALIDATION PLAN SUPPLIER AUDITS SPEC. REVIEW HW E SW DES. SPEC. SW MODULE DES. SPEC. MECH. & ELECTRIC SPEC. DESIGN REVIEW HW MANUF. & ASSEMBLY CODE SW MODULES EQUIP. MANUF. & ASSEMBLY CONSTRUCTION COSTRUCTION & CODE REVIEW HW TESTING SW MOD. & INTEGR. TESTING EQUIP TESTING MONITOR SUPPLIER HW, SW, EQUIP. INSTALL. HW ACCEPTANCE TESTING INSTALLATION IQ SYSTEM ACCEPTANCE TESTING OQ PQ VALIDATION REPORT MAINTENANCE CHANGE CONTROL OPERATION ONGOING OPERATION

Validation Scope and Effort should be commensurate with impact and value of data, process, results. . . size and complexity of the system and how critical it is in your routine and non-routine operations

Tanto più un sistema è critico e complesso tanto maggiore sarà lo “sforzo” di convalida…quindi…

Sistemi Be-spoke Sistemi Customizzati Sistemi Standard

Basic Approach to Validation ü Validation is a process, not an event ü Planning activity should be performed as a Team ü Keep the validation process under control

Le finalità…. da GCP Qualora si avvalga di sistemi elettronici di elaborazione dei dati e/o sistemi di inserimento a distanza per la gestione dei dati relativi alla sperimentazione, lo Sponsor…. Garantire e documentare che il sistema elettronico per l’elaborazione dei dati sia conforme ai requisiti di completezza, precisione, affidabilità stabiliti dallo Sponsor e che questi siano conformi alle caratteristiche prefissate (cioè Validazione)

Le finalità ü Validating Data ü Validating the System handling the Data

Nel 1999… l’FDA Pubblica una nuova Guidance for Industry “Computerized System Used in Clinical Trials” Per essere accettabili, i dati debbono soddisfare certi elementi fondamentali di qualità se raccolti e registrati elettronicamente o su carta I dati debbono essere: A ttribuibili (Source & Recorder are Known) L eggibili (Human readable) C ontemporanei (Recorded when observed) O riginali (Honest data/not fraud) A ccurati (Correct, repeatable results)

ALCOA

Ed ora… gli attori… FORNITORE CLIENTE

CLIENTE FORNITORE

CLIENTE IT USER QA

FORNITORE COMMERCIALE e……

QA According to specific rules or guidelines defined for each environment

Il peso del QA…. QA IT

Il peso del QA…. Requisiti Regolatori Requisiti di Processo Requisiti Tecnici IT Pianificazione e Testing Qualifica dei fornitori Qualità della documentazione QA

Il QA… ovunque nella CSV Valutazione Fornitori Risk Assessment Definizione Requisiti Utente Definizione delle politiche di convalida Piani e test di convalida Revisione ed Approvazione dei documenti di convalida

Il QA… ovunque nella CSV Approvazione dei cambiamenti Revisione ed Approvazione delle SOPs di convalida e CSV generali Audit periodici Punto di riferimento normative CSV

E le SOPs? ü ü ü ü Training Vendor Evaluation Gestione Documentazione di Convalida Change Control Configuration Management Problem Reporting Security QA Back-up Restore Archiving Clinical Data Maintenance Disaster Recovery/Business Continuity Periodic Review

FORNITORE COMMERCIALE e……

Planning and Implementation A Life cycle approach URS PQ FS OQ DS IQ System Build

Evaluation should preferably be derived from a reliable audit of the software developer (supplier), performed by the end user’s organization or a trusted and competent third part.

Da GMP…. . . Validation should be considered as part of the complete life cycle of a computer system. This cycle includes the stages of planning, specification, programming, testing, commissioning, documentation, operation, monitoring and modifying… (by supplier!). The software is a critical component of a computerized system. The user of such software should take all reasonable steps to ensure that it has been produced in accordance with a System of Quality Assurance.

CS Validation Documents GAMP Client responsibility Supplier responsibility Audit Report Validation Plans Planning Test Plan Validation Master Plan Design Spec. Functional Spec. User Requirement Specifications Quality and Project Plan Testing Factory/Site Acceptance Test SOPs Protocolli DQ, IQ, OQ, PQ Master Index Validation Report IQR, OQR, PQR SOPs Validation Summary On-Going User Manuals

Why do we have to audit the Suppliers? ü The primary purpose of an audit is to assess the controls, procedures, and practices which are in place for the development and maintenance of a product ü Is a form of review that provides confidence concerning the validity and accuracy of a product or process now and in the future ü Audits should be viewed as a learning experience and should be conducted as a cooperative effort

SW Supplier Evaluation Intent “To ensure that the supplier produces a quality product, and to obtain information to plan computer validation activities” “Tools” l l Collection of available information Request for Information (questionnaire) Audit Follow up

Supplier Evaluation Tools RISKS EVALUATION THROUGH REFERENCES EVALUATION THROUGH EXPERIENCES REQUEST FOR INFORMATION 3 RD PARTY AUDIT SPECIFIC FIRM AUDIT COSTS

Supplier Qualification model Telephone Audit Request for Information (RFI) Information from other companies or from market EVALUATION COST SYSTEM RISK CATEGORY Site Audit

Check…Independence of SW Validation activities should be conducted using the basic quality assurance precept of “independence of review”. Self-validation is extremely difficult; an independent review is always better.

Check…Independence of SW Validation Computer system validation should be performed by persons other than those responsible for building the system.

Validation: Client Responsibility ! PLANNING Normative Guidelines Manufacturer has flexibility in choosing how to apply the validation principles, but retains ultimate responsibility for demonstrating that the software has been validated.

Client Responsibility ! Client with regulatory responsibility needs to assess the adequacy of the software developer’s activities and determine what additional efforts are needed to establish that the software is validated.

Supplier selection (and supplier) is important. . . but Validation Responsibility is always on the Client’s side

Validated Packages don’t exist!! Supplier may provide a “Validation Package”, showing that the standard version of the product has been validated “in Factory” Client has to perform an “on-Site” Validation

Quindi…. La validazione è una nostra responsabilità Si deve Validare nel nostro “ambiente” Non è una responsabilità del Fornitore del sistema I sistemi forniti (anche quelli più standard) sono validabili, da validare e non già validati

Quanto più il fornitore è affidabile…di QUALITA’ Prima Dopo. Verificare!!! e sempre Tanto meno. Validare!!! sforzo di convalida dovremo pianificare

Ora parliamo di RISK MANAGEMENT…. RISK ANALYSIS…. . Solo un accenno…. prendiamo spunto dalla realtà!

Da FDA…. Pharmaceutical CGMPs for the 21 st century A Risk-Based Approach Final Report september 2004 In August 2002, FDA announced a significant new initiative, Pharmaceutical Current Manufacturing Practices (CGMPs) for the 21 st Century, to enhance and modernize the regulation of pharmaceutical manufacturing and product quality for veterinary and human drugs…. Objective: Encourage implementation of risk-based approaches that focus both industry and Agency attention on critical areas

Da FDA…. 21 CFR Part 11 Guidance… Whit the issuance in 2003 of the guidance for industry part 11, Electronic Records, Electronic Signature- Scope and Application, many barriers to scientific and technological advances were removed, and the use of risk-based approaches to managing computer systems is encouraged.

Risk Analysis / Computer Validation ü Protect against the risks to patient safety ü Maximize the business benefits ü Help to determine the extent of validation ü Give a rationale to justify Validation approach in case of Inspection ü Concentrate the validation effort

A Good Start Perform Assessment Dove siamo? Da cosa cominciamo? Dove vogliamo andare?

Risk Analysis: the Value The more you know about your computer system The more you focus the validation Test Better you will use your resources…. and money!

Nuovo approccio alle Convalide….

Nel 1990 G Nasce nell’ambiente GMP AMP… Good Automated Manufacturing Practice Scopo della linea-guida è quello di assistere le aziende farmaceutiche, biotecnologiche, medical devices nell’implementazione di sistemi automatizati validati e compliant con i requisiti normativi

…nuove GAMP… 2001 Le nuove GAMP coprono tutti i requirements GMP, GCP, GLP e GDP Si potrebbero chiamare GA “M-C-L-D” Più attenzione al Processo! P

Nuovo approccio alle Convalide….

Da… Performance A…. . Process QUALIFICATION !

FINE…. . Grazie per la PAZIENZA!!