欧盟GMP附录11-计算机系统(中英文对照)

EUROPEANCOMMISSION欧盟委员会HEALTHANDCONSUMERSDIRECTORATE-GENERAL卫生与消费者协会PublicHealthandRiskAssessment公共卫生与风险评估Pharmaceuticals药品Brussels,SANCO/C8/AM/sl/ares(2010)1064599EudraLexTheRulesGoverningMedicinalProductsintheEuropeanUnion欧盟药品生产规范Volume4卷4GoodManufacturingPracticeMedicinalProductsforHumanandVeterinaryUse人用与兽用药品良好生产管理规范Annex11:ComputerisedSystems附件11：计算机系统Legalbasisforpublishingthedetailedguidelines:Article47ofDirective2001/83/EContheCommunitycoderelatingtomedicinalproductsforhumanuseandArticle51ofDirective2001/82/EContheCommunitycoderelatingtoveterinarymedicinalproducts.Thisdocumentprovidesguidancefortheinterpretationoftheprinciplesandguidelinesofgoodmanufacturingpractice(GMP)formedicinalproductsaslaiddowninDirective2003/94/ECformedicinalproductsforhumanuseandDirective91/412/EECforveterinaryuse.依法发布的具体指导方针：

2001/83/EC

第

47条人用药品规范和

2001/82/EC

第

51

条兽用药品规范。此文件为

2003/94/EC

人用药品和

91/412/EEC

兽用药品

GMP

法规、指导方针的解释提供了指导。Statusofthedocument:

revision1文件版本：修订本

1Reasonsforchanges: theAnnexhasbeenrevisedinresponsetotheincreaseduseof computerised systems and the increased complexity of these systems.ConsequentialamendmentsarealsoproposedforChapter4oftheGMPGuide.修订原因：为增强计算机系统的功能和复杂性而修订此附件。

相应修正案也已被提议作为

GMP

指南的第

4章。Deadlineforcomingintooperation:2011生效时间：2011年6月30日

30JunePrinciple 总则ThisannexappliestoallformsofcomputerisedsystemsusedaspartofaGMPregulatedactivities.Acomputerisedsystemisasetofsoftwareandhardwarecomponentswhichtogetherfulfillcertainfunctionalities.此附件适用于符合 GMP生产要求的所有形式的计算机系统。计算机系统是实现某项特定功能的软件和硬件的组合。Theapplicationshouldbevalidated;ITinfrastructureshouldbequalified.应用程序应验证， IT基础设施应有权限设置。Whereacomputerisedsystemreplacesamanualoperation,thereshouldbenoresultantdecreaseinproductquality,processcontrolorqualityassurance.Thereshouldbenoincreaseintheoverallriskoftheprocess.用计算机系统代替手动操作应不对产品质量、过程控制和质量保证以及过程的整体风险产生影响。General 常规1.RiskManagement 风险管理Riskmanagementshouldbeappliedthroughoutthelifecycleofthecomputerisedsystemtakingintoaccountpatientsafety,dataintegrityandproductquality.Aspartofariskmanagementsystem,decisionsontheextentofvalidationanddataintegritycontrolsshouldbebasedonajustifiedanddocumentedriskassessmentofthecomputerisedsystem.风险管理应贯穿整个计算机系统生命周期，以保证病人安全、数据完整性和产品质量。作为风险管理系统的一部分，由计算机系统风险评估决定验证范围和数据完整性控制。2.Personnel人员ThereshouldbeclosecooperationbetweenallrelevantpersonnelsuchasProcessOwner,SystemOwner,QualifiedPersonsandIT.Allpersonnelshouldhaveappropriatequalifications,levelofaccessanddefinedresponsibilitiestocarryouttheirassignedduties.所有有关人员（如工艺管理员、系统管理员、质检员和 IT人员）应紧密合作。这些人员应具有相应的资格证书、使用权限和定义好的相关工作职责。3.SuppliersandServiceProviders 供应商和服务供应商3.1Whenthirdparties(e.g.suppliers,serviceproviders)areusede.g.toprovide,install,configure,integrate,validate,maintain(e.g.viaremoteaccess),modifyorretainacomputerisedsystemorrelatedserviceorfordataprocessing,formalagreementsmustexistbetweenthemanufacturerandanythirdparties,andtheseagreementsshouldincludeclearstatementsoftheresponsibilitiesofthethirdparty.IT-departmentsshouldbeconsideredanalogous.3.1当第三方(如供应商、服务供应商 )为计算机系统、 相关服务或数据处理提供如供货、安装、配置、整合、验证、维护 (如通过远程访问 )、修改或保持时，厂商和任何第三方之间必须有正式协议， 且在协议中应当明确第三方责任。 IT部门类似。3.2Thecompetenceandreliabilityofasupplierarekeyfactorswhenselectingaproductorserviceprovider.Theneedforanauditshouldbebasedonariskassessment.3.2供应商的实力和可靠性是选择供应商产品或服务的关键因素，所以需要一个以风险评估为基础的审计。3.3Documentationsuppliedwithcommercialoff-the-shelfproductsshouldbereviewedbyregulateduserstocheckthatuserrequirementsarefulfilled.3.3商业性标准文件应通过用户审核并符合用户需求。3.4Qualitysystemandauditinformationrelatingtosuppliersordevelopersofsoftwareandimplementedsystemsshouldbemadeavailabletoinspectorsonrequest.3.4软件和应用系统开发商或供应商的质量体系和审计信息应便于核查人员查询。ProjectPhase 项目阶段4.Validation验证4.1Thevalidationdocumentationandreportsshouldcovertherelevantstepsofthelifecycle.Manufacturersshouldbeabletojustifytheirstandards,protocols,acceptancecriteria,proceduresandrecordsbasedontheirriskassessment.4.1验证文件和报告应包含系统生命周期的相关阶段。厂商应能够证明其标准、协议、验收标准、规程和记录都是基于其内部风险评估的。4.2Validationdocumentationshouldincludechangecontrolrecords(ifapplicable)andreportsonanydeviationsobservedduringthevalidationprocess.4.2验证文件应包含验证过程中的变更控制记录（如适用）和偏差报告。4.3AnuptodatelistingofallrelevantsystemsandtheirGMPfunctionality(inventory)shouldbeavailable.4.3相关系统和其GMP功能（详细目录）的最新清单应有效。Forcriticalsystemsanuptodatesystemdescriptiondetailingthephysicalandlogicalarrangements,dataflowsandinterfaceswithothersystemsorprocesses,anyhardwareandsoftwarepre-requisites,andsecuritymeasuresshouldbeavailable.为对一个最新的关键系统进行详细的系统描述 （如物理、 逻辑流程、数据流和与其他系统或进程的接口），任何硬件和软件都是必须的，并应有安全措施。4.4UserRequirementsSpecificationsshoulddescribetherequiredfunctionsofthecomputerisedsystemandbebasedondocumentedriskassessmentandGMPimpact.Userrequirementsshouldbetraceablethroughoutthelife-cycle.4.4URS应基于风险评估和GMP影响性文件描述计算机系统的功能需求。用户需求应贯穿整个系统生命周期。4.5Theregulatedusershouldtakeallreasonablesteps,toensurethatthesystemhasbeendevelopedinaccordancewithanappropriatequalitymanagementsystem.Thesuppliershouldbeassessedappropriately.4.5管理者应采取合理措施保证系统更新与最新的质量管理系统一致， 并对供应商作出适当的评估。4.6Forthevalidationofbespokeorcustomisedcomputerisedsystemsthereshouldbeaprocessinplacethatensurestheformalassessmentandreportingofqualityandperformancemeasuresforallthelife-cyclestagesofthesystem.4.6为验证固化或自定义计算机系统，应对系统生命周期的每个阶段都进行验证，以确认正式评估、质量报告和业绩评估报告。4.7Evidenceofappropriatetestmethodsandtestscenariosshouldbedemonstrated.Particularly,system(process)parameterlimits,datalimitsanderrorhandlingshouldbeconsidered.Automatedtestingtoolsandtestenvironmentsshouldhavedocumentedassessmentsfortheiradequacy.4.7应对测试方法和测试环境加以论证，特别是系统(工艺)参数范围、数据范围和错误处理。自动化测试工具和测试环境的合适性应该有书面的评估报告。4.8Ifdataaretransferredtoanotherdataformatorsystem,validationshouldincludechecksthatdataarenotalteredinvalueand/ormeaningduringthismigrationprocess.4.8数据转化成其他格式或传输到其他系统时，验证内容应包括检查其数据值和/或含义在转化或传输过程中没有被改变。OperationalPhase 运行阶段5.Data数据Computerisedsystemsexchangingdataelectronicallywithothersystemsshouldincludeappropriatebuilt-inchecksforthecorrectandsecureentryandprocessingofdata,inordertominimizetherisks.计算机系统和其他系统之间交换数据时， 应有适当的内部校验， 以保证数据输入和数据处理的正确性及安全性，以期让风险降到最低。6.AccuracyChecks 精度检查Forcriticaldataenteredmanually,thereshouldbeanadditionalcheckontheaccuracyofthedata.Thischeckmaybedonebyasecondoperatororbyvalidatedelectronicmeans.Thecriticalityandthepotentialconsequencesoferroneousorincorrectlyentereddatatoasystemshouldbecoveredbyriskmanagement.当手动输入关键数据时， 应当复核数据的准确性。 此复核可以由另外的操作人员执行或通过经验证的电子方式进行。风险管理应考虑系统错误和系统误输入数据所造成的危险或潜在影响。7.DataStorage数据存储7.1Datashouldbesecuredbybothphysicalandelectronicmeansagainstdamage.Storeddatashouldbecheckedforaccessibility,readabilityandaccuracy.Accesstodatashouldbeensuredthroughouttheretentionperiod.7.1数据应以物理和电子两种方式保存，以避免丢失。存储的数据应易查询、可读和准确，并在有效期内。7.2Regularback-upsofallrelevantdatashouldbedone.Integrityandaccuracyofback?updataandtheabilitytorestorethedatashouldbecheckedduringvalidationandmonitoredperiodically.7.2应定期备份相关数据。在定期验证和检测时，应检查备份数据的完整性、准确性和其恢复数据库的能力。8.Printouts打印输出8.1Itshouldbepossibletoobtainclearprintedcopiesofelectronicallystoreddata.8.1储存的电子数据应可被清晰打印。8.2Forrecordssupportingbatchreleaseitshouldbepossibletogenerateprintoutsindicatingifanyofthedatahasbeenchangedsincetheoriginalentry.8.2从最初开始的任何数据变更都应被打印在批放行纪录上。9.AuditTrails审计跟踪Considerationshouldbegiven,basedonariskassessment,tobuildingintothesystemthecreationofarecordofallGMP-relevantchangesanddeletions(asystemgenerated"audittrail").ForchangeordeletionofGMP-relevantdatathereasonshouldbedocumented.Audittrailsneedtobeavailableandconvertibletoagenerallyintelligibleformandregularlyreviewed.基于风险评估，系统中应考虑建立所有与 GMP相关的变更和删除记录 (系统产生的“审计跟踪”)。与GMP相关的数据，其变更或删除的原因应被记录。审计跟踪需转换成一般可理解的形式并定期审核。10.ChangeandConfigurationManagement 变更和配置管理Anychangestoacomputerisedsystemincludingsystemconfigurationsshouldonlybemadeinacontrolledmannerinaccordancewithadefinedprocedure.计算机系统的任何变更 （包括系统配置的更换） 应当有控制地按照规定的程序进行。11.Periodicevaluation 周期性评估ComputerisedsystemsshouldbeperiodicallyevaluatedtoconfirmthattheyremaininavalidstateandarecompliantwithGMP.Suchevaluationsshouldinclude,whereappropriate,thecurrentrangeoffunctionality,deviationrecords,incidents,problems,upgradehistory,performance,reliability,securityandvalidationstatusreports.计算机系统应该定期进行评估以确认其仍有效并符合GMP标准。这样的评估应该包括适应性、功能性、偏差记录、事件、问题、历史追溯、性能、可靠性、安全性和验证状态报告。12.Security安全性12.1Physicaland/orlogicalcontrolsshouldbeinplacetorestrictaccesstocomputerisedsystemtoauthorisedpersons.Suitablemethodsofpreventingunauthorisedentrytothesystemmayincludetheuseofkeys,passcards,personalcodeswithpasswords,biometrics,restrictedaccesstocomputerequipmentanddatastorageareas.12.1物理和/或逻辑控制器应能独自限制进入计算机系统的授权人，并用适当方法防止未经授权的登录 （可能包含密码、 通行卡、个人密码、生物识别的使用） ，以此限制进入电脑设备和数据存储硬盘。12.2Theextentofsecuritycontrolsdependsonthecriticalityofthecomputerisedsystem.12.2安全控制的程度取决于计算机系统的危险等级。12.3Creation,change,andcancellationofaccessauthorisationsshouldberecorded.12.3通行许可的创建、变更和注销都应被记录。12.4Managementsystemsfordataandfordocumentsshouldbedesignedtorecordtheidentityofoperatorsentering,changing,confirmingordeletingdataincludingdateandtime.12.4数据和文件管理体系应记录登录人员的身份、 变更内容以及包括日期和时间的确认或删除。13.IncidentManagement 事件管理Allincidents,notonlysystemfailuresanddataerrors,shouldbereportedandassessed.Therootcauseofacriticalincidentshouldbeidentifiedandshouldformthebasisofcorrectiveandpreventiveactions.所有事件（不仅指系统故障和数据错误）均应被记录及评估。一个关键事件的根本起因也应该被鉴定并形成纠正和预防措施。14.ElectronicSignature 电子签名Electronicrecordsmaybesignedelectronically.Electronicsignaturesareexpectedto:电子文件可用电子签名。电子签名将 :a．havethesameimpactashand-writtensignatureswithintheboundariesofthecompany,在公司范围内电子签名应有与手写签名具有同等的效果，b．bepermanentlylinkedtotheirrespectiverecord, 将永久与其各自的记录相关联，c．includethetimeanddatethattheywereapplied.应包括其使用的时间和日期。15.Batchrelease 批放行Whenacomputerisedsystemisusedforrecordingcertificationandbatchrelease,thesystemshouldallowonlyQualifiedPersonstocertifythereleaseofthebatchesanditshouldclearlyidentifyandrecordthepersonreleasingorcertifyingthebatches.Thisshouldbeperformedusinganelectronicsignature.当一个计算机系统用来记录认证和批放行时， 系统应该只允许质量人员确认批放行，并且要清楚地识别和记录放行人员的批动作或批证明。这才是电子签名应履行的。16.BusinessContinuity 业务连续性Fortheavailabilityofcomputerisedsystemssupportingcriticalprocesses,provisionsshouldbemadetoensurecontinuityofsupportforthoseprocessesintheeventofasystembreakdown(e.g.amanualoralternativesystem).Thetimerequiredtobringthealternativearrangementsintouseshouldbebasedonriskandappropriateforaparticularsystemandthebusinessprocessitsupports.Thesearrangementsshouldbeadequatelydocumentedandtested.计算机系统所提供的关键工艺的有效性应被规定，以确保工艺流程在系统故障(如手动或替代系统 )的情况下持续运行。切换时间应基于风险，并适合特殊系统和其提供的工业流程。这些设置应该有充分的记录和测试。17.Archiving归档Datamaybearchived.Thisdatashouldbecheckedforaccessibility,readabilityandintegrity.Ifrelevantchangesaretobemadetothesystem(puterequipmentorprograms),thentheabilitytoretrievethedatashouldbeensuredandtested.数据应