| Index | | | Articles and information | | | Services | | | Case Studies | | | Clients | | | Classes | | | Siri H. Segalstad | | | Site map |
 |
21 CFR Part 11 Cases studiesSegalstad Consulting AS has been involved in 21 CFR Part 11 projects. These have been planned, carried out and handled in very different ways. Two of them are used as examples here, and a discussion of pro and con for each project is included at the end. Both companies are approximately the same size pharmaceutical companies with R&D facilities as well as production facilities. Both companies are located in the same geographical area, and one exports products to the US, while the other plans to do so in the future. Both projects were done in 2000-2002, before the FDA issued their guidance of a risk-based approach. Project 1Checklist approachThis project started with writing a draft checklist. This was done in cooperation between the QA and Segalstad. The draft checklist was sent for further discussions in the organization, and a final checklist was created. Discussion items in the processAt the same time all top-level SOPs for computer systems validation were revised to include the same baseline for all systems. As this company did not export anything to the US, the big discussion was which systems need to be compliant with Part 11. The company knew that sooner or later the EU regulations would include something equivalent to Part 11, and that the EU GMP Annex 11 also contains requirements along the same lines, but that these are not so explicit. The conclusion after very heated discussions was in essence that it was up to the system manager to decide, and no requirements were given. System Part 11 assessmentThere was no formal system assessment project, as it was up to the system managers to decide wtherther they wanted to check their system for compliance with Part 11 or not. Most decided not to do so. Project 2Checklist approachThis project started with creating a Part 11 task force of about 12 persons. A rough draft checklist had been created earlier. The task force was given a one-week Part 11 class, starting with lectures, and continuing with supervised Part 11 audits, and finally Part 11 audits. After each audit the group got together to discuss problems they had encountered. The checklist was revised the last day. The conclusion after this week was that all participants had a common platform of understanding what Part 11 was all about. Discussion items in the processThere were discussions during the week of training, but at the end of the week these were all over. The company knew it had to comply with Part 11, so the question was mainly which systems were GMP/GLP/GCP systems and which were not. System Part 11 assessmentEach manager in the company was asked to fill in a form for each of the computer systems they used in their part of the organization. The group of trained people, now to become assessors, compiled a complete list of the company's systems, and divided the systems between them for assessment. Two assessors worked together on each system, and they booked time with the system manager for the assessment. The teams changed, and almost all assessors worked with everybody. The checklists were completed and signed off by the assessors and the system manager, and included a suggestion for following up the non-compliance findings. Acomplete Part 11 report was created when all systems were done, and it was up to the upper management to decide the priority of which system need to receive remedial actions first and which could wait. Discussion of the projects approach and resultsDifferences in checklistsThere were differences in the checklists created. A few examples are here, but there were also other differences. Date and time format: One specified this as "local time in the format DD-MM-YYYY HH-MM-SS", and the other specified this as "unambigeous + requirements for definition of time zone". Versions: One did not mentioned versions at all, and the other specified this as "Distinguished as status or version number". Audit trail associated with record One specified this as "Shall be directly associated", and the other specified this as "Should be associated, as this is easier to maintain" Project 1 had a great disadvantage by not selling to the US market, so it was perceived by some persons that it was an option to be Part 11 compliant. The others in the project thought this was an quick-and-easy way out of additional work. The SOPs have been created so that all systems need to do a few things like validation of computer systems, and depending on decisions on the need for Part 11 compliance, the rest of the SOPs shall be followed. Only one SOP needs to be changed to include all relevant systems in Part 11, and that is the SOP that says the it compliance may be opted out. Project 2's task force was a major contributor to the success, as the training formed a baseline or benchmark for treating all systems in the same way. It was also an advantage to have two assessors on the teams, as even the last systems assessed gave internal discussions of whether this was OK or not. Assessing systems for Part 11 is not easy! This project did cost a lot of money as 12 persons were involved for a week during training, and some 150 systems were assessed, each for about 1/2 day with two assessors. But the result was that within 2-3 months all GxP systems had been assessed, and the rest of the systems had documentation to say why they were exempt. |
Sub menu Case Studies: |
Segalstad Consulting AS
PO Box 15 Kjelsås, 0411 Oslo, Norway * Tel: +47 2223 8005 * Fax: +47 2223 8581 * Email: Siri@Segalstad.com *