PL
PL
| Pitfall | Fix | |---------|-----| | | Use vendor docs, templates, reduce non-value add tests. | | Ignoring supplier assessment | Perform vendor audit or use questionnaire (GAMP 5 Good Practice Guide: Supplier). | | Testing everything | Use risk-based testing – don't test dropdown menus, test critical data flows. | | No audit trail review | Add an SOP for periodic audit trail review. | | Treating Excel like a category 5 system | Use GAMP 5 "Appendix D3 – End-User Computing" for spreadsheets. |
– What can go wrong? (e.g., data deletion, wrong batch release) Step 2: Assess – Severity × Probability × Detectability (high/med/low) Step 3: Control – Add controls (e.g., audit trails, password policies, electronic signatures) Step 4: Verify – Test that controls work Step 5: Review residual risk – Accept or remediate ispe gamp 5
| Category | Description | Example | Validation Approach | |----------|-------------|---------|----------------------| | | Infrastructure software | Windows, Linux, network drivers | Document version & configuration; no functional validation. | | 3 | Non-configurable software | Off-the-shelf lab analyzer firmware | Risk-based testing against URS. | | 4 | Configurable software | ERP (SAP), LIMS, CDS, MES | Focus on configuration testing, business process risk. | | 5 | Custom/bespoke software | In-house C++ control script | Full lifecycle; code reviews; unit/integration testing. | | Pitfall | Fix | |---------|-----| | |