GAMP 5 Guide 2nd Edition


Member Price
Non-Member Price

Published: July 2022
Pages: 404

GAMP aims to deliver a cost-effective framework of good practice to ensure that computerized systems are effective and of high quality, fit for intended use, and compliant with applicable regulations.

Maintaining the principles and framework of the first edition, ISPE GAMP® 5: A Risk-Based Approach to Compliant GxP Computerized Systems (Second Edition) updates their application in the modern world including the increased importance of service providers, evolving approaches to software development, and expanded use of software tools and automation. It highlights the use of critical thinking by knowledgeable and experienced SMEs to define appropriate approaches.

The ISPE GAMP Community of Practice (CoP) performs regular ongoing assessments and reviews of GAMP knowledge against current practices and regulatory and technology developments. ISPE GAMP 5 Second Edition therefore embraces and reflects:

  • Increased importance of service providers, which includes encouraging regulated companies to maximize supplier involvement to leverage knowledge, experience, and documentation where possible
  • Evolving approaches to software development, emphasizing that the GAMP specification and verification approach is not inherently linear but also fully supports iterative and incremental methods
  • Increased use of software tools and automation to achieve greater control, higher quality, and lower risks throughout the life cycle

Furthermore, this Guide highlights the importance of applying “critical thinking” by knowledgeable and experienced SMEs when defining the appropriate approach for specific circumstances.

GAMP® 5 Guide, 2nd Edition: Top Takeaways

Discussion of current FDA activity on Computer Software Assurance (CSA) approaches and clear links to ISPE/GAMP guidance on Data Integrity (DI) have been added.

The Appendices have been expanded to incorporate new and evolving topics in the life sciences industry such as blockchain, Artificial Intelligence/Machine Learning (AI/ML), cloud computing, and Open-Source Software (OSS).

This Guide is intended for use by regulated companies, suppliers, and regulators. Suppliers include providers of software, hardware, equipment, system integration services, IT service providers, and IT support services, both internal and external to the regulated company.

Guide Core Team

TenTenTen Consulting Limited

TenTenTen Consulting Ltd

Conformity Ltd.

Principal, Consulting
Ernst & Young LLP

IT Compliance Director

Sr. Exec. Consultant

Managing Director
Northern Life Sciences Ltd.

Retired Director Information Governance and Management
Novartis Pharmaceuticals (retired)

Integrity Project Solutions Limited

Retired, Computer Systems Quality & Data Integrity


Head of Quality
Validated Cloud

Head of Quality

Global Head of Quality and Compliance

Senior Director, Digital Quality
National Resilience, Inc.

Independent Consultant
Glaxosmithkline PLC (Retired)