RAMP (Risk Assessment and Management Process): An Approach to Risk-Based Computer System Validation and Part 11 Complian
- PDF / 12,233,800 Bytes
- 11 Pages / 612 x 792 pts (letter) Page_size
- 84 Downloads / 200 Views
69
RAMP (Risk Assessment and Management Process): An Approach to Risk-Based Computer System Validation and Part 11 Compliance Ricbard M. Siconolfi, MS Computer System Validation and System Lifecycle Management, Information 6. Decision Solutions, Research 6.Development. Procter 6. Gamble Pharmaceuticals, Inc., Mason. Ohio Suzanne Bisbop, MA Pharmaceutical Computer Applications Consultant, Lebanon. New Jersey
Key Words Risk assessment: Risk Management, Part 11; ERES; System validation Correspondence Address Richard M. Siconolfi, The Procter 6.Gamble Company, 8700 Mason-Montgomery Road, Mason. OH 45040-9462 {e-mail: [email protected]).
Risk-based computer system validation is a process many companies developed long before the August 2003 Guidance for Industry document on Part II Scope and Application was issued ly the US Food and Drug Administration. The main differences between priorexisting risk models and this guidance is the emphasis on patient and product safety, product quality, and record integrity, as required in the Part II Scope and Application Guidance.
INTRODUCTION The Food and Drug Administration's (FDA's) 21 CFR Part 11 Guidance on Scope and Application (1)allowed the regulated industry a chance to reduce the extent that we validate computerized systems, manage audit trails, and retain our records by using a justifiable risk assessmentbased approach. This approach must provide proof that it is adequately assessing risk of the computerized system and adequately addressing risk reduction through system validation, record audit trails, and record retention. However, the FDA did not relax any predicate rules. First, the regulated industry is still required to follow and obey the regulations FDA promulgates and approves. This article outlines a consistent, painless, and justifiable method for determining the risk of a computerized system. While it is based on industry-accepted models, the main differences between prior-existing risk models and this methodology is the emphasis on patient and product safety, product quality, and record integrity as required in the Part 11 Scope and Application Guidance. By using this method, one is guided through the regulations and led to a consistent and justifiable conclusion regarding the potential level of risk posed by this comput-
When computerized systems are used to collect data on which decisions are made on drug efficacy and patient safety or are used to control the quality of drug during a manufacturing process, the point of focus has to change. This article outlines a consistent and justifiable method for determining the risk of a computerized system with the emphasis on patient and product safety, product quality, and record integrity.
erized application and the steps required to mitigate this risk. When a person knowledgeable with a computerized system performs this risk assessment and management process (RAMP),it will take from 15 to 45 minutes to complete. This methodology can reduce the time spent analyzing system risk and focus system development and
Data Loading...
