Documente Academic
Documente Profesional
Documente Cultură
INDUSTRY INSIGHTS
Norman A. Goldschmidt
Principal, VP Engineering
www.geieng.com
INDUSTRY INSIGHTS
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 2
Whitepaper
BMS Validation Strategy
Introduction
Whenever room environmental parameters are critical to product quality
Building Management System (BMS) designers face a choice regarding the
control and recording of this GMP critical information... What to validate,
and how?
The ISPE baseline guides have always stressed the need for validated
systems to record critical environmental parameter for GMP use. However,
they have also promoted a diversity of approaches to recording this data.
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 3
The Sterile guide goes further towards separation of control from monitoring:
The approaches to address these issues are as numerous and diverse as the
companies (and even the sites) that produce pharmaceutical products. Each
of the potential approaches has its supporters and detractors, but in our
professional opinion some of these approaches are superior due to their ease
of implementation and robustness in maintaining a state of control.
In the following sections we will describe these approaches and discuss some
of the pros and cons of each.
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 4
Validated BMS Configuration Options
a. BMS Validated
This solution is not preferred due to the level of resources required for
simple maintenance changes, this approach may have been partially
responsible for some noted 483's. This solution was pushed by BMS
vendors in the late 1990's and early 2000's as they developed some
expertise in validation. The vendor driven validations are notoriously
weak in their linkage between critical process parameters and
validation. This approach can choke the site change control system
with unnecessary paperwork for non-critical changes, slow down
maintenance response and increase the cost of ownership. The part
11 compliance is straightforward though voluminous.
This solution has many of the same flaws as the all BMS validated
scenario. This solution has been promoted by Process Automation
vendors in the 2000's as they developed some experience in HVAC
control. The vendor driven validations are generally strong and the
part 11 compliance well understood. Using this approach does
sacrifice some of the base functionality of BMS systems. Process
control vendors generally have less experience in the control of
compressible fluids at low pressure (Airflow and room pressurization)
and are not used to working with HVAC grade equipment. In addition
one generally sacrifices the functionality that comes standard in a
BMS such as: Night setback, optimum start/stop, Temperature Reset,
Static Pressure Reset, Lighting Control, etc.
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 5
2. Partitioned
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 6
3. Separate Control From Monitoring
The third Parallel approach is becoming the most common, with two
systems separating the control of all points from the monitoring of critical
points. This approach has, arguably, the longest history of all approaches
- first coming into use in the late 1980's when PLC's or Data loggers were
used to record critical environmental data because BMS systems could
not be validated.
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 7
Selecting an Approach
The flow chart and table below suggest the GAMP method for determining
appropriate system configuration based on risk (reprinted from
Pharmaceutical Engineering)
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 8
While this method is useful during a project, we believe it can be summarized
when setting an approach for an organization or a site:
1. Are control loops mostly Critical - Validate the whole BMS
2. Are the GMP measurements few and all in one area - Physical Partition
or BMS/EMS
3. Are the GMP measurements many and spread out?
a. Is the quality of BMS system and maintenance high? - Logical
Partition or BMS/EMS
b. Is the quality of BMS system or maintenance standard HVAC
quality? - EMS/BMS
4. Are there many BMS users or users not under owner control? - Physical
Partition or BMS/EMS
5. Is the BMS accessible from outside the site? - BMS/EMS
6. Does the BMS vendor issue frequent updates or patches? - BMS/EMS
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 9
Conclusions
Genesis sees the development of partitioned solutions, especially "Parallel
BMS/EMS Systems" as the most prevalent design solution in our industry,
due to the broad applicability.
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 10
Things to Remember...
• Limit system access to authorized individuals and assure a hierarchy of
authority
• Perform operational system checks
• Perform authority checks
• Perform device checks
• Assure that persons who develop, maintain, or use electronic systems have
the education, training, and experience to perform their assigned tasks
• Assure establishment of, and adherence to, written policies that hold
individuals accountable for actions initiated under their electronic
signatures
• Assure appropriate control over systems documentation
Even though if you print and review the data on a periodic basis, you are not
within the scope of 21 CFR 11:
1. Under the narrow interpretation of the scope of part 11, with respect to
records required to be maintained under predicate rules or submitted to
FDA, when persons choose to use records in electronic format in place of
paper format, part 11 would apply. On the other hand, when persons use
computers to generate paper printouts of electronic records, and those
paper records meet all the requirements of the applicable predicate rules
and persons rely on the paper records to perform their regulated
activities, FDA would generally not consider persons to be "using
electronic records in lieu of paper records" under §§ 11.2(a) and 11.2(b). In
these instances, the use of computer systems in the generation of paper
records would not trigger part 11.
Copyright© Genesis Engineers 2011 - All rights reserved - Do not reproduce without written permission. 11