GAMP stands for Good Automated Manufacturing Practice. The number five represents version 5 which is currently the most up-to-date implementation. GAMP5 offers a pragmatic and practical guide for the implementation of a GxP-compliant conputer-based system. It includes various and scalable calidation approaches and strategies. These are always risk-based and summarize many other guidelines and standards in the pharmaceutical industry. GAMP5 is named as an industry standard as it is also referred to in official documents. Thus it has evolved as the standard set of rules for the validation of computer-based systems in the pharmaceutical industry. However, the GAMP5 is not a standard and therefore has no binding character.
The validation efforts according to GAMP in practise depend on the parameters for data security, the complexity and novelty of the IT system used. These affect the perspectives and procedures and deliberate decisions must be made. Initially, a basic risk evaluation is conducted and then the effects of the system are analyzed. Afterwards, the functions are determined which may affect the data security, the product quality and the data integrity. Based on these functions, the functional risk assessment begins and the scope and number of checks for the computer-based system are specified. These must then be implemented and verified accordingly. The resulting monitoring of the entire lifecycle allows the optimization of procedures and processes, such as the avoidance of duplicate activities through the integration of computer system activities.
If an organization in the regulated context wants to empower itself with works of an IT supplier, then the approach of initial verification of adequateness and reliability of the supplier also applies here. The IT company itself has to consistently implement the agreed quality assurance measures and thus moves into the focus of the regulatory authorities. This fact results in some requirements for the supplier. In this context, GAMP5 regards a quality-assured sofware development as adequate that follows a lifecycle model (V model), i.e. a quality-assured and documented adjustment and implementation of the software with the respective quality-assured maintenance and support. The aspects have to be illustrated based on a quality management system.