GxP System Periodic Review Services


Periodic Review of GMP Applications – FDA Compliance Requirement

    The IT Application periodic review process is critical to ensure that computerized systems used in GxP related activities are compliant with current regulatory requirements, meet the company’s policies and procedures, as well as ensuring it remains in a validated and controlled state. 

    The periodic review process includes a comprehensive assessment of the system’s functionality, performance, and security to ensure that it continues to meet the intended use and business needs of the organization. It also involves reviewing documentation such as system requirements, user manuals, and architecture diagrams to ensure that they are up-to-date and accurate.


Why Perform Periodic Review?

Life sciences companies operate in highly regulated industries where regulatory compliance is essential. Therefore, performing periodic reviews is critical to staying compliant for the following reasons:

  1. Regulatory Compliance: The FDA and EMA require periodic review of GMP systems to maintain range of functionality, review deviations, provide an upgrade history, verify performance and reliability, as well as demonstrate security and data integrity requirements. 
  2. Risk mitigation: Periodic reviews help identify potential areas of non-compliance or risk associated with a company’s products or services, allowing for necessary updates or corrective actions to be taken to mitigate those risks.
  3. Quality assurance: Regular reviews help maintain product quality and safety, ensuring that products meet regulatory requirements and are safe for patient use.
  4. Access Security: Periodic review ensures that IT systems prevent unauthorized users from accessing the system and that controls and procedures are working to safeguard the system and data stored.
  5. Patient Safety: Compliance issues can be identified which may have resulted in adverse affects on the safety and well being of patients. Early detection of issues means that corrective actions can be taken before any adverse impact on patient safety occurs.

Following regulatory guidelines for conducting periodic reviews, ensure organizations identify potential risks, problems, or areas of improvement.  It is not only required but ensures the business has reliable and secure systems to meet their critical manufacturing objectives.

Who is responsible for Periodic Reviews?

Generally the periodic review is the responsibility of the IT Quality group within the organization but support in meeting the objectives requires input and support from many stakeholders throughout an organization.  Typical stakeholders involved with periodic review are Quality Assurance, Engineering, Operations, Documentation and Training. Periodic reviews are critical to ensuring that all the stakeholders and processes operate efficiently, compliantly, and effectively. 

    Our 9 step process to ensure that your GMP Applications are Current and Compliant

    Lean Biologix follows industry best practices and proven processes to ensure periodic review is comprehensive and performed routinely:

    1. Identify the GMP applications: Determine which IT applications require periodic review based on risk assessment of criticality to product quality and safety.
    2. Define the review scope: Establish the scope of the review, including the review timeframe and specific components and functions of each application that require review.
    3. Review documentation: Review existing documentation such as user SOPs, system requirements, and architecture diagrams to ensure that they are up-to-date and accurate.
    4. Review deviations:  Perform an analysis of the deviations to identify any occurrences where the application or use of the application played a role. 
    5. Review user access: Analyze the users that have access to the application and ensure they are properly trained and access meets job requirements.
    6. Review IT tickets/incidents: Perform an analysis of all tickets against the system to look for trends and systemic issues that might impact proper use or effectiveness of the application.
    7. Review past periodic reviews: Taking a look at past reviews for overall improvements or recurring issues.
    8. Issue an Analysis: Issue an analysis report of the findings, actions to be taken based on risk and a timeline for resolution.
    9. Monitor and follow up: Monitor the IT applications to ensure that actions have been completed to address any issues identified to keep the application secure, and operating efficiently and effectively.

    Automated Computer Software Assurance

    Continuous Computer Software Assurance (CCSA) The modern computer software assurance model champions a computer system validation program with effective risk assessment processes.  Life science companies have streamlined processes and are focused on meaningful testing...

    What is Software Development Lifecycle (SDLC) and how does it relate to Computer System Validation

    The Software Development Lifecycle (SDLC) is a main component of GMP computer system validation (CSV). In the life sciences industry, regulators audit companies using the gamp 5 guidelines for gamp 5 validation alongside FDA 21 CFR part 11 requirements. Maintaining...

    CMMS Parts Forecasting and Kitting

    A Global Fortune 500 life science organization desired to streamline their Cambridge, MA site CMMS parts ordering process allowing managers to level set periodic ordering costs. Lean Biologix developed and implemented an integrated PM parts forecasting and kitting...

    CMMS Transition to Electronic System

    A world leading Biopham manufacturer decided to transition their manufacturing work orders from paper to an electronic process during an upgrade of their global Computerized Maintenance Management system (CMMS). This was a huge undertaking given the amount of assets...

    Process Analytics Technology (PAT) System Implementation

    A Fortune 500 life science organization desired to implement a multi-site, GMP validated Process Analytical Technology (PAT) system. This initiative was part of a parent project to align with its Pharma 4.0 initiative to embed digitalization into the manufacturing...

    Advanced-analytics Platform Implementation

    A Fortune 500 life science organization desired to implement a multi-site, GMP validated TIBCO® Data Science / TIBCO Statistica™ enterprise software solution. The software enables users to solve analytical challenges and to generate knowledge from processes and...

    CMMS Data Migration from Maximo to HxGN EAM

    A Fortune 500 life science organization desired to standardize/streamline asset, work order, and procurement management for a newly acquired facility location and to use one CMMS system. The data migration was required because Maximo was to no longer be serviced or...

    How can we help?