Type a search term to find related articles by LIMS subject matter experts gathered from the most trusted and dynamic collaboration tools in the laboratory informatics industry.
Good Automated Manufacturing Practice (GAMP) is both a technical subcommittee of the International Society for Pharmaceutical Engineering (ISPE) and a set of guidelines for manufacturers and users of automated systems in the pharmaceutical industry.[1] One of the core principles of GAMP is that quality cannot be tested into a batch of product but must be built into each stage of the manufacturing process. As a result, GAMP covers all aspects of production, from the raw materials, facility, and equipment, to the training and hygiene of staff.
GAMP is largely about automated system validation. In October 2014, Irish tech company Dataworks Ltd. described it as such[2]:
It is a formal process of thorough documentation, testing, and logical process steps that validate clients' required specifications. The process begins with a user requirements specification for the machine, from which a functional requirement and a design specification are created. These documents then form the basis for the traceability matrix and for the formal testing of internal acceptance, factory acceptance, and site acceptance. Categorising software is used to support the approach to validation based on the difficulty and individuality of the computerised system.
GAMP's origins can be traced to the United Kingdom in 1988, when software developers David Forrest and Colin Jones, through their company FJ Systems, developed real-time control and production information management control systems for pharmaceutical manufacturers. They worked with ICI Pharmaceuticals' Tony Margetts on the problem of validating systems that were increasingly becoming more software-based than mechanical- and electrical-based. This culminated in a five-page document called VMAN I, mapping the older installation qualification (IQ), operational qualification (OQ), and performance qualification (PQ) phases of equipment validation to a more modern software validation lifecycle. A second version was created upon additional feedback.[3]
GAMP itself was eventually founded in 1991 (with the previously mentioned Margetts as chairman of the editorial board) to deal with the evolving U.S. Food and Drug Administration expectations for Good Manufacturing Practice (GMP) compliance of manufacturing and related systems.[4] GAMP published its first draft guidance in February 1994, with version 1.0 of it arriving in March 1995. Soon afterwards the organization entered into a partnership with ISPE, formally becoming part of ISPE in 2000. GAMP 4 was released a year later, followed by GAMP 5 in 2008.[5] GAMP has enjoyed the support of numerous regulatory authorities over the years spanning the United States, Europe, and Japan and is now a recognized good practice worldwide.[6]
In 2017, the leadership of the ISPE GAMP Community of Practice (CoP) began formal review of the GAMP 5 standard, whether its objectives were being met, and what more needs to be done to improve it. "For each GAMP 5 section and appendix, the team examined the effects of technical and regulatory updates since the original publication, focusing on substantive topics and guidance rather than background, historical, or supporting information."[7] That review revealed that while GAMP 5 was still relevant in the changing regulatory atmosphere, improvement was suggested in[7]:
ISPE has published a series of good practice guides for the industry on several topics involved in drug manufacturing. The most well-known is The Good Automated Manufacturing Practice (GAMP) Guide for Validation of Automated Systems in Pharmaceutical Manufacture. The last major revision (GAMP 5) was released in February 2008.[8]
The guidance generally states that pharmaceutical computer systems should be built with several key ideas in mind[9]:
1. Make product and process understanding clear.
2. Approach the life cycle from the standpoint of a quality management system.
3. Make life cycle activities scalable.
4. Ensure quality risk management is science-based.
5. Leverage supplier involvement into the system.
Software systems borne from these principles can be categorized into one of four GAMP 5 categories. (Note: "Category 2: Firmware" was removed from GAMP with revision five.) These classifications act as built-in risk and difficulty assessments that support different validation approaches[2][9][10]:
Category 1: Infrastructure software - This includes "established or commercially available layered software" and "infrastructure software tools" that are themselves validated from within rather than from the infrastructure.
Category 3: Non-configured products - This includes "software that is used as installed" and potentially "software that is configurable (category 4) but is used either unconfigured or with the standard defaults provided by the software supplier."
Category 4: Configured products - This includes products where "the user has the means and knowledge to change the functionality of the device in a way that changes the results outputted by the device. As a direct consequence, this triggers increased validation effort."
Category 5: Custom applications - This includes any "application, module, user-defined program, or macro" that has been written in-house or by a third party that "needs to be specified, version controlled, built, and tested (including integration testing with the commercial application, as applicable) as a minimum to ensure the quality of the software."
As of April 2020, the ISPE has 13 guides, the latest published in May 2019, titled Data Integrity - Manufacturing Records.[11]