StartseiteLeistungenSchulungsdatenbankLebenslaufUsefull LinksCleaning ValidationNew EU GMP Annex 11

New EU GMP Annex 11:


Project Phase

Operational Phase

Table 1: Risk based Approach

Table 2: Suppliers and Service Providers

Table 3: Comparison of Annex 11 versions

Check Your Knowledge






Table: Risk based Approach of EU Annex 11 Chapter
Current annex 11:  
Consideration should be given to the RISK of losing aspects of the previous system which could result from reducing the involvement of operators.

Annex 11-01-2011:  
There should be no increase in the overall RISK of the process.

1 Risk Management should be applied throughout the lifecycle of the computerised system taking into account patient safety, data integrity and product quality. As part of a RISK MANAGEMENT SYSTEM, decisions on the extent of validation and data integrity controls should be based on a JUSTIFIED AND DOCUMENTED RISK ASSESSMENT OF THE COMPUTERISED SYSTEM.

3.2 The competence and reliability of a supplier are key factors when selecting a product or service provider. The need for an audit should be based on a RISK ASSESSMENT.

General Suppliers and Service Providers
4.1 The validation documentation and reports should cover the relevant steps of the life cycle. Manufacturers should be able to justify their standards, protocols, acceptance criteria, procedures and records based on their RISK ASSESSMENT

Project Phase:
4.4 User Requirements Specifications should describe the required functions of the computerised system and be based on documented RISK ASSESSMENT and GMP impact. User requirements should be traceable throughout the life-cycle.

Project Phase:
5. Data

Computerised systems exchanging data electronically with other systems should include appropriate built-in checks for the correct and secure entry and processing of data, in order to minimize the RISKS.

Operational Phase:
6. Accuracy Checks

For critical data entered manually, there should be an additional check on the accuracy of the data. This check may be done by a second operator or by validated electronic means. The criticality and the potential consequences of erroneous or incorrectly entered data to a system should be covered by RISK MANAGEMENT.

Operational Phase:
Accuracy Checks
9. Audit Trails

Consideration should be given, BASED ON A RISK ASSESSMENT, to building into the system the creation of a record of all GMP-relevant changes and deletions (a system generated "audit trail").

Operational Phase:
Audit Trails
16. Business Continuity

For the availability of computerised systems supporting critical processes, provisions should be made to ensure continuity of support for those processes in the event of a system breakdown (e.g. a manual or alternative system). The time required to bring the alternative arrangements into use should be BASED ON RISK and appropriate for a particular system and the business process it supports. These arrangements should be adequately documented and tested.

Operational Phase:
Business Continuity
Public Health and RISK ASSESSMENT

Document Header