GAMP 5 Guide 2nd Edition


Member Price
Non-Member Price

Published: July 2022
Pages: 404

GAMP aims to deliver a cost-effective framework of good practice to ensure that computerized systems are effective and of high quality, fit for intended use, and compliant with applicable regulations.

Maintaining the principles and framework of the first edition, ISPE GAMP® 5: A Risk-Based Approach to Compliant GxP Computerized Systems (Second Edition) updates their application in the modern world including the increased importance of service providers, evolving approaches to software development, and expanded use of software tools and automation. It highlights the use of critical thinking by knowledgeable and experienced SMEs to define appropriate approaches.

The ISPE GAMP Community of Practice (CoP) performs regular ongoing assessments and reviews of GAMP knowledge against current practices and regulatory and technology developments. ISPE GAMP 5 Second Edition therefore embraces and reflects:

  • Increased importance of service providers, which includes encouraging regulated companies to maximize supplier involvement to leverage knowledge, experience, and documentation where possible
  • Evolving approaches to software development, emphasizing that the GAMP specification and verification approach is not inherently linear but also fully supports iterative and incremental methods
  • Increased use of software tools and automation to achieve greater control, higher quality, and lower risks throughout the life cycle

Furthermore, this Guide highlights the importance of applying “critical thinking” by knowledgeable and experienced SMEs when defining the appropriate approach for specific circumstances.

GAMP® 5 Guide, 2nd Edition: Top Takeaways

Discussion of current FDA activity on Computer Software Assurance (CSA) approaches and clear links to ISPE/GAMP guidance on Data Integrity (DI) have been added.

The Appendices have been expanded to incorporate new and evolving topics in the life sciences industry such as blockchain, Artificial Intelligence/Machine Learning (AI/ML), cloud computing, and Open-Source Software (OSS).

This Guide is intended for use by regulated companies, suppliers, and regulators. Suppliers include providers of software, hardware, equipment, system integration services, IT service providers, and IT support services, both internal and external to the regulated company.

Guide Core Team

Chris Clark
TenTenTen Consulting Limited
Heather D. Watson
TenTenTen Consulting Ltd
Sion Wyn
Conformity Ltd.
James Canterbury
Principal, Consulting
Ernst & Young LLP
Mark R. Cherry
IT Compliance Director
Frank Henrichmann
Senior Executive Consultant
Q-FINITY Quality Management
Paul J. Irving, BSc Hons
Managing Director
Northern Life Sciences Ltd.
Arthur D. Perez, PhD
Retired Director Information Governance and Management
Novartis Pharmaceuticals (retired)
Christopher J. Reid
Integrity Project Solutions Limited
Michael L. Rutherford
Principal, Computer Systems Quality & Data Integrity
Rutherford Consulting, LLC
Eric J. Staib
Vice President, Corporate Quality
Christopher H. White
Senior Director, Digital Integrity, QA
Formation Bio
Guy Wingate, PhD
Independent Consultant
GlaxoSmithLline PLC (Retired)