GAMP 5 Category 4: MasterControl Product Positioning
Introduction
Ever since 1991, GAMP has worked to help the life sciences validate their computerized systems as fit for intended use and compliant with regulatory requirements. GAMP good practices vary depending on the type of software in question and the amount of risk associated with it. Category 1 is infrastructure software and Category 2 is no longer used. The remaining three are outlined below.
Category 3 — Non-Configured Products
These products cannot be configured and include off-the-shelf products. As such, Category 3 products present the least amount of risk and GAMP good practices suggest a simplified approach. This includes one level of specification and verification, a single test environment, and a single risk assessment.
Category 4 — Configured Products
These products have standard interfaces and functions but can be configured for user-specific business processes. The code of a configured product is not altered from user to user. Verification is focused on the configured business processes and requires documented testing against predetermined acceptance criteria.
Category 5 — Custom Applications
These systems are developed specifically for a single regulated company with custom code. This is the highest risk category because there is no information about the system already available. As a result, it requires the most extensive testing.