计算机化系统验证要点分析ppt课件.pptx

上传人:牧羊曲112 文档编号:1438689 上传时间:2022-11-24 格式:PPTX 页数:89 大小:3.25MB
返回 下载 相关 举报
计算机化系统验证要点分析ppt课件.pptx_第1页
第1页 / 共89页
计算机化系统验证要点分析ppt课件.pptx_第2页
第2页 / 共89页
计算机化系统验证要点分析ppt课件.pptx_第3页
第3页 / 共89页
计算机化系统验证要点分析ppt课件.pptx_第4页
第4页 / 共89页
计算机化系统验证要点分析ppt课件.pptx_第5页
第5页 / 共89页
点击查看更多>>
资源描述

《计算机化系统验证要点分析ppt课件.pptx》由会员分享,可在线阅读,更多相关《计算机化系统验证要点分析ppt课件.pptx(89页珍藏版)》请在三一办公上搜索。

1、目录 Table of Contents,3.新建及遗留计算机化系统验证示例分析 Case Study for Validation of New and Legacy Computerized Systems,2.新建计算机化系统验证流程介绍 Introduction to Validation Process of New Computerized System,目录Table of Contents,1.计算机化系统相关法规 Computerized System Related Regulations,计算机化系统验证要点分析Key-Point Analysis of Computer

2、ized System Validation,Anwar奥星设备与工艺系统事业部 验证总监,计算机化系统相关法规 Computerized System Related Regulations,第一部分 Part 1,相关法规和指南总览 Relevant Regulations and Guidelines,(US FDA) 21CFR Part11 美国联邦法规21篇第11部分电子记录与电子签名 (US FDA) 21CFR Part11: Electronic record and electronic signature (US FDA)工业指南 11部分 电子记录与电子签名-范围和应用

3、 (US FDA) Guidance for Industry, Part11 Electronic record and electronic signature scope and application (US FDA) 联邦法规第21篇第210 211部分,成品药的现行生产质量管理规范 (US FDA) 21CFR Part 210 and 211, cGMP for finished pharmaceuticals (ISPE) 良好自动化生产实践指南,遵从GxP计算机化系统监管的风险管理方法 (ISPE) GAMP, A risk-based approach to a GxP c

4、ompliant Computerized system (ISPE)GAMP GPG 良好实践指南,GAMP架构下的系列良好实践指南 (ISPE)GAMP GPG , GPG under the framework of GAMP (EU)欧盟药事法规第4卷GMP,附录11计算机化系统 EU Guidelines to Good Manufacturing Practice: (Volume 4), annex 11 Computerized System (PIC/S)GMP指南,药用产品良好生产实践指南 (TGA)GMP,药用产品良好生产实践指南(PIC/S)在“GxP”监管环境下的计算

5、机化系统良好实践(检查官指南) PIC/S Computerized system good practices under GxP regulation( Inspector guideline) (WHO) GMP 2003, Annex 4 (WHO Technical Report Series, No. 908) (CFDA) 2010年版GMP 及征求意见稿计算机化系统 CFDA GMP-2010 and “ Computerized System”(draft for comment)(CFDA) GSP附录二附录三药品经营企业计算机系统温湿度自动监测 (CFDA) GSP An

6、nex 2 and Annex 3 “ Computerized System of Pharmaceutical Trading Enterprises” and “Automatic Temperature and Humidity Monitoring”,CFDA GMP及附录 CFDA GMP and Annexes,第一百六十三条使用电子数据处理系统的,只有经授权的人员方可输入或更改数据,更改和删除情况应当有记录;应当使用密码或其他方式来控制系统的登录;关键数据输入后,应当由他人独立进行复核。用电子方法保存的批记录,应当采用磁带、缩微胶卷、纸质副本或其他方法进行备份,以确保记录的安全

7、,且数据资料在保存期内便于查阅。Article 163If an electronic data processing system is used, only authorized persons can input or change data, the change and deletion records shall be kept, the systems logging in shall be controlled by the way of inputting a password or other methods; after inputting key data, it sh

8、all be double checked by another person independently. The batch record stored electronically shall be backed up with a magnetic tape, a microfilm, a paper duplicate or other methods, to ensure the safety of the record and the convenience to review during the preservation period.附录1第七十条 采用自控和监测系统的,应

9、当经过验证,保证符合关键工艺的要求。 Article 70, Annex 1 Where automation and monitoring systems are used for these applications they should be validated to ensure that critical process requirements are met.,CFDA GMP征求意见稿计算机化系统CFDA Draft for comment “Computerized system”,第四条 应使用科学的风险评估方法来决定计算机化系统验证的范围与程度。应当将验证看作计算机化系

10、统“生命周期”的一个组成部分。Article 4 Science based risk assessment approaches shall be used to determine the scope and extent of computerized system validation. The validation shall be considered as a part of the “ lifecycle” of a computerized system. 第七条 软件是计算机化系统的重要组成部分。软件的使用者应当根据风险评估的结果,对于所采用软件进行分级管理(如针对软件供应

11、商的审计),保证软件的编制过程符合质量保证系统的要求。Article 7 Software is an important part of a computerized system. Users of software shall perform differentiated management (such as for audits to software suppliers) to the software used based on the risk assessment results, to ensure the programming process of software c

12、onforms to the requirements of the quality assurance system.第十条数据的输入或修改只能由经许可的人员进行。杜绝未经许可的人员输入数据的手段有:使用钥匙、密码卡、个人密码和限制对计算机终端的访问。Article 10 Only an authorized person is allowed to input or change data. Means to prevent unauthorized personnel from inputting data includes: key, cipher card, personal pas

13、sword and restriction to access to computer terminals.,EU GMP Annex11计算机化系统,4.6定制计算机系统的验证,应有一个适当的过程保证在系统所有生命周期的阶段进行正式的评估和质量和性能测试的报告。4.6 For the validation of customized computerized systems there should be a step in place that ensures the formal assessment and reporting of quality and performance me

14、asures for all the life-cycle stages of the system9.审计跟踪 Audit Trails9. 应该基于风险评估来考虑给系统加入一种可以生成记录的功能,来记录所有与GMP相关的变更和删除(系统生成的“审计跟踪”)。Consideration should be given, based on risk assessment, to building into the system a function for the creation of a record of all GMP-relevant changes and deletions (a

15、n audit trail generated by the system).12.1应该使用物理和/或逻辑控制来严格控制计算机系统的权限,其权限只给经过授权的人。12.1 Physical and/or logical controls should be in place to restrict the access to a computerized system only to authorized persons.,US 21 CFR Part211,21168自动化设备、机械化设备和电子设备应对计算机或有关系统采取适当控制,以确保生产及控制主记录或其它记录由授权人员制定变更内容。配

16、方、其它记录或数据在计算机或有关系统输入和输出时,应核查其准确性。21168 Automation equipment, mechanical equipment and electronic equipmentAppropriate controls shall be used for a computer or the related systems to assure that changes in the master production and control records or other records are instituted only by authorized pe

17、rsonnel. Input to and output from the computer or the related system of formulas or other records or data shall be checked for accuracy.,US 21 CFR Part11,Sub B/11.10/a 系统的验证以保证准确、可靠、稳定地预期性能,有能力识别无效的和被改变的记录。 Sub B/11.10/a Validation of systems to ensure accuracy, reliability, consistent intended perf

18、ormance, and the ability to discern invalid or altered records.Sub B/11.10/e使用安全的、计算机产生的、时间印记的审计跟踪以便独立地记录操作者登录和建立、修改、或删除电子记录的行为的日期和时间。 ) Sub B/11.10/e Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, m

19、odify, or delete electronic records. Record changes shall not obscure previously recorded information.Sub B/11.10/g使用验证检查以保证只有被授权用户才可以使用系统,以电子方式签署记录,使用操作或计算机系统的输入输出设备,改变记录或手工执行操作。Sub B/11.10/g Use of authority checks to ensure that only authorized individuals can use the system, electronically sign

20、a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand.,WHO GMP,15.9使用电子数据处理系统的,只有经授权的人员方可输入或更改数据,更改和删除情况应当有记录;应当使用密码或其他方式来控制系统的登录;关键数据输入后,应当由他人独立进行复核。用电子方法保存的批记录,应当采用磁带、缩微胶卷、纸质副本或其他方法进行备份,以确保记录的安全,且数据资料在保存期内便于查阅。15.9 If electric da

21、ta processing system is used, only authorized person could input or change data, the change and deletion records shall be kept; the systems logging in shall be controlled by the way of inputting password or other methods; after inputting key data, it shall be double examined by other person independ

22、ently. The batch record stored in electronic method shall be backed up with magnetic tape, microfilm, paper duplicate or other methods, to ensure the safety of the record and it is convenient to review data during the preservation period.,ISPE GAMP,GAMP5( Good Automated Manufacturing Practice -Rev5)

23、GAMP是由国际制药工程协会主编的针对计算机化系统合规的实践指南。旨在提供一套基于现有行业规范的行之有效的方法,使计算机化系统符合预定用途并满足现有法规的要求。自90年代以来,不断改版的良好自动化生产实践指南已被广泛使用并得到国际监管部门的公认。它是计算机化系统验证的指导方针。GAMP5是目前的最新版本,于2008年2月发布。GAMP is practice guideline edited by ISPE aiming to regulatory compliance of computerized system. GAMP guidance aims to achieve computer

24、ized systems that are fit for intended use and meet current regulatory requirements, by building upon existing industry good practice in an efficient and effective manner. Since 1990s, constantly revised GMAP has been widely used and recognized by international regulatory authorities. It is the guid

25、eline to computerized system validation. Since its issuance in February 2008, GMAP 5 is the latest version up to now.,五个关键概念 Five key concepts :基于质量管理体系的生命周期方法 Life cycle approach within a QMS可增减的生命周期活动 Scaleable life cycle activities流程和产品的理解. Product and process understanding基于科学的质量风险管理 Science bas

26、ed quality risk management充分利用供应商活动. Leveraging supplier involvement,法规、GMP、验证相关术语 Regulations, GMP , Validation related glossary,计算机化系统验证常见术语1 Common Glossary for Computerized System Validation 1,计算机化系统验证常见术语 2Common Glossary for Computerized System Validation 12,新建计算机化系统验证流程介绍Introduction to Valid

27、ation Process of New Computerized System,第二部分 Part 2,CSV经典V-Model图及其总流程 CSV classic V-Model and general flow chart 流程逐一步骤的良好实践 Good practices of process steps,计算机化系统验证生命周期V-Model V-Model of computerized system validation lifecycle,验证生命周期文件架构 Lifecycle documentation framework,计算机化系统验证总流程General flow

28、of computerized system validation,流程良好实践 1-1 Process Good Practices,通过网络结构图,找到接口界面 “云图”的方式划分界定系统 Define systems through network structure chart, and interface “cloud picture,确认计算机化系统Computerized system definition,流程良好实践 1-2 Process Good Practices 1-2,确认计算机化系统Computerized system definition,When netwo

29、rk architecturediagram is not available for no supplier performs secondary development at the initial stage , the computerized system summary list is considered as the basis for defining systems.项目初期没有供应商二次开发无法得到网络架构图时,可考虑采用计算机化系统清单汇总作为界定划分系统的依据,流程良好实践 2 Process Good Practices 2,Select GxP critical

30、systems through GxP risk assessment questions 通过GxP评估问题筛选出GxP关键系统,Perform initial risk assessment and determine GxP critical systems初步风险评估判定GxP关键系统,Critical systems are subject to validation, and non-critical systems are subject to GEP commissioning only. 关键系统做验证,非关键系统GEP调试即可,流程良好实践 3,供应商评估确定其能力及参与平

31、衡点,对每一受GxP监管的计算机化系统和服务的供应商进行正式的评估,来确认计算机系统能够以高标准满足他们的技术、商业及法规要求,同时确认能够充分利用供应商的知识、经验和文件。通过供应商审计来识别供应商QMS以及其能力水平方面的风险,被监管公司对计算机系统和服务供应商的质量和可靠性进行确认,要求有文件化的证据来证明该计算机系统能够如所预期的持续运行,并确保软件结构和功能的完整性。,Process Good Practices 3,Perform supplier assessment and determine their capacity and involvement balance poi

32、nt,Formal assessment is performed to each supplier of computerized system and service under the regulation of GxP, to verify that the computerized system can meet their technical, commercial and regulatory requirements, and at the same time make the best use of suppliers knowledge, experience and do

33、cuments. Risks of suppliers QMS and capacity are identified through a supplier audit. The company under the regulation verify the quality and reliability of supplier of computerized system and services, and documented evidence is required to prove the computerized system can run continuously as inte

34、nded, and ensure the integrity of software structure and function.,流程良好实践 4-1,软硬件分类评估确定其复杂性和新颖性,硬件分2类 软件分4类通过识别软硬件类别来识别复杂性和新颖性带来的风险,从而确定出适宜的可增减周期策略,Process Good Practices 4-1,Perform hardware and software categorization assessment and determine their complexity and novelty .,Hardware is divided into

35、 two categories. Software is divided into four categories. Identify risks from complexity and novelty through identifying hardware and software categories, to determine proper extendable life cycle strategy.,流程良好实践 4-2 硬件类别,Process Good Practices 4-2 Hardware Categories,流程良好实践 4-3 硬件类别,Process Good

36、Practices 4-3 Hardware Categories,流程良好实践 4-4 软件类别,Process Good Practices 4-4 Software Categories,流程良好实践 4-5 软件类别,Process Good Practices 4-5 Software Categories,流程良好实践 4-6 软件类别,Process Good Practices 4-6 Software Categories,流程良好实践 5,GxP评估患者安全、产品质量、数据完整性做与不做验证定范围软硬件分类评估复杂性和新颖性可增减的策略1定深度或程度供应商评估供应商能力水平

37、带来的风险可增减的策略2定工作参与平衡点,结合供应商能力、系统复杂性新颖性、GxP影响制定适宜V-Model,Process Good Practices 5,GxP assessment Patient Safety, Product Quality and Data Integrity Validation required or notdefine scope Software and hardware classification assessmentcomplexity and noveltyexpandable strategy 1 define depth or extentSu

38、pplier assessmentrisks from supplier capacity levelexpandable strategy 2define work involvement balance point,Make an appropriate V-Model in conjunction with supplier capacity, system complexity and novelty and GxP impact,流程良好实践 6,按照既定的V-Model实施确认验证,Process Good Practices 6,Perform verification base

39、d on the established V-Model,新建及遗留计算机化系统验证示例分析Case Study of New and Legacy Computerized System Validation,第三部分Part 3,示例分析1-确定系统(参考),接口界面面的选择取决于供应商施工接口及科学的经验,Case Study 1-System definition (reference),Interface selection depends on suppliers construction interface and scientific experience.,示例分析2-确定G

40、xP系统(参考),Y,N,N,N,Y,Y,or,N,Y/N判定结果取决于其真实用途是否涉及GxP相关功能,Case Study 2-Determine GxP systems(reference),Y,N,N,N,Y,Y,or,N,Y/N depends on whether its real use involves any GxP related functions.,示例分析3-确定软硬件类别(参考),软件分类需要结合供应商的经验以及系统的定制程度,Case Study 3- Software and hardware categorization (reference),Softwar

41、e is categorized in conjunction with suppliers experience and system customization degree.,示例分析4-确定供应商的能力(参考),通过审计打分的方法,甄别合适的供应商,同时找到关注重点及工作参与平衡点,Case Study 4- determine supplier capacity (reference),通过审计打分的方法,甄别合适的供应商,同时找到关注重点及工作参与平衡点 Identify appropriate supplier by means of auditing and scoring,

42、find focus and work involvement balance point.,示例分析 5 质量风险管理五步流程,Case Study 5 Quality Risk Management Process,示例分析 5 功能性风险评估,功能性风险评估确定其GxP关键功能,1.识别系统使用到的功能(或部件)2.通过问题判定的方式识别GxP关键功能(或部件)3.实施FMEA,分析功能(或部件)的优先级RPN14.识别控制措施并实施5.实施FMEA,分析优先级RPN2审查风险是否可接受,RPN 风险优先级,Case Study 5 Functional Risk Assessment,

43、Functional risk assessment is performed to determine GxP critical functions.,1. Identify functions (or components) used in the system 2. Identify GxP critical functions (or components) through a series of standard questions 3.Implement FMEA to analyze RPN1 of functions (or components) 4.Identify and

44、 implement control measures5. Implement FMEA to analyze RPN1 review risk is acceptable or not.,RPN refers to risk priority number,示例分析 6 确定适宜的生命周期,结合示例分析3和4的结果,我们定义如下参考的周期:一个四类系统的模型,假定以分值高低最终选择了DDD供应商,我们需要加强现场施工技术方面的监管及设计审查,文件和合规方面可充分利用供应商的活动,Case Study 6 Determine Appropriate Lifecycle,Combining re

45、sults of Case Study 3 and 4, we define the following lifecycle for reference: a model for a category 4 system.,Suppose the DDD suppler is finally chosen as per scores, we need to enhance the supervision and design review regarding site construction technique, as for document and regulatory complianc

46、e, suppliers activities can be fully used.,示例分析 7 支持流程 Part11符合性,评估系统是否适用Part11 -适用ER,适用ER&ES,还是均不适用?,Case Study 7, Supporting Process Part11 Compliance,Evaluate whether the system applies to Part 11- applies to ER or ER&ES, or neither,ERES相关知识探讨,57/100,“纯”纸质记录,如:手写的报表,人工介入的电子记录,1,2,3,1,2,3,如:打印的电子数

47、据报表,“纯”电子记录,如:存储在电脑中的纯电子报表文件,安全性,完整性,可追溯性,如:访问控制,如:变更控制,如:审计跟踪,ERES均不适用,适用ER,ES不适用,ERES均适用,Discussion on ERES Knowledge,58/100,“Pure”paper record,Such as:handwritten report,E-record with human intervention,1,2,3,1,2,3,Such as:printed electronic data report,“Pure”e-record,Such as:pure electronic repo

48、rts saved in the computer,Safety,Integrity,Traceability,Such as:Access control,Such as:Change control,Such as:audit trace,Neither ER nor ES applies,ER applies(ES not),Both ER and ES apply.,示例分析8 以差距分析为导向的遗留系统验证,以法规指南为依据,以差距分析结果为导向,决策退役替换还是补救验证,遗留系统:未经验证或没有充足的证据证明其能满足现有法规要求的一个受GxP监管的在运行系统,Case Study

49、8 Gap analysis oriented legacy system validation,Decide retirement replacement or remedial validation on the basis of regulations & guidelines and in the orient of gap analysis results.,Legacy system: An ongoing GxP regulated system that is not validated or there is no evidence to prove it could mee

50、t current regulatory requirements .,示例分析 8 遵循GAMP5遗留系统验证总流程,Case Study 8 General process of legacy system validation following GAMP5,示例分析 8-1 差距分析,示例,通过系统升级、文件或(和)测试等活动弥补差距。,差距分析采用现行系统目前状态与既定法规(如:欧盟GMP附录11计算机化系统、TGA GMP1000-1017及FDA21 CFR Part11)的要求进行对比,通过法规要求提取问题进行挑战,由制药企业相关负责人对挑战的问题给出最终的符合实际情况的回复结

展开阅读全文
相关资源
猜你喜欢
相关搜索
资源标签

当前位置:首页 > 生活休闲 > 在线阅读


备案号:宁ICP备20000045号-2

经营许可证:宁B2-20210002

宁公网安备 64010402000987号