您当前的位置:检测资讯 > 法规标准

新版 EU GMP附录11《计算机化系统》、附录22《人工智能》、第四章 文件记录 解读!

嘉峪检测网        2025-08-11 17:35

近日,欧盟委员会发布了3份新版 EU GMP的新草案——EU GMP 指南附录 11“计算机化系统”、附录 22“人工智能”和第4 章“文件记录”。这些文件由 EMA GMP/GDP 检查员工作组与PIC/S 共同起草,将于 2026 年作为最终版本发布,解读如下:

 

附录22《人工智能》

The new annex on AI (Annex 22) sets the stage for EMA’s views on the technology. From the opening paragraphs it is very clear the annex applies only to static models of AI to be used in GMP systems that could impact the safety, efficacy, and quality of the end product. That is, it applies to systems employing AI that do not change after construction and learning, in the development stage of the application, we might use machine learning to create the system’s functionality, but after it is complete it does not continue to learn. These, the annex states, can be used in GMP critical applications. Of course, the beauty of AI is that it is possible to develop a system that continues to learn and adjust to new data it experiences. The EMA is clear on these adaptable systems: they “are not covered by this document and should not be used in critical GMP applications.” Further, “the document does not apply to generative AI and large language models (LLM), and such models should not be used in critical applications.”

这份关于人工智能的新附录(附录 22)为EMA阐述对该技术的观点奠定了基础。从开篇段落即可清晰看出,本附录仅适用于在GMP系统中使用、且可能影响最终产品安全性、有效性和质量的人工智能静态模型。也就是说,它适用于这类人工智能系统:在应用开发阶段,我们或许会用机器学习构建系统功能,但系统建成后不会继续学习,即构建和学习完成后不再改变。附录表明,这类系统可用于 GMP 关键应用。当然,人工智能的优势在于,能够开发出持续学习并根据遇到的新数据自我调整的系统。EMA 对这类自适应系统态度明确:“本文件未涵盖此类系统,且不应将其用于关键 GMP 应用”。此外,“本文件不适用于生成式人工智能(generative AI)和大语言模型(LLM),此类模型也不得用于关键应用”。

 

That said, the regulator continues to state that if those latter systems are used, they should only be used in noncritical GMP applications that do not have direct impact on patient safety, product quality, and data integrity. If they are used under these circumstances, the systems should be qualified and under the control of qualified personnel who have the final say on output. The annex uses the phrase human in the loop (HITL) for this requirement. The principles applicable to the static systems should be considered and incorporated as appropriate. I predict that after enough experience is gained in the application of Annex 22 principles, the more dynamic systems will be incorporated in the future, because we are still learning.

话虽如此,监管机构仍强调:若使用上述(自适应、生成式 AI 等)系统,它们只能用于非关键 GMP 应用(即不会对患者安全、产品质量和数据完整性产生直接影响的应用)。若在这类场景中使用,系统应经过确认,且由具备资质、对输出结果拥有最终决策权的人员管控。附录用 “人工参与环节(HITL)” 描述这一要求。适用于静态系统的原则应酌情参考并纳入动态系统管理。在附录 22 原则的应用中积累足够经验后,未来会纳入更动态的系统 —— 毕竟我们仍在持续探索学习。

 

The structure of this annex takes on a predictable form focusing on the underpinning of the security and predictability of the system. People should be skilled in understanding potential ramifications, documentation should be complete, and quality risk management techniques should be used. The central principle in this annex is very similar to the techniques we use to implement computer-based systems. There is a heavy emphasis on unit requirements and establishing that the system meets these requirements. This can be accomplished by subdividing functions and tasks that can be individually assessed and then assessed as a whole. Where we have HITL, the responsibilities of these humans should be defined so their decisions are clear and defensible.

本附录的结构符合可预测的逻辑,聚焦于系统安全性和可预测性的底层支撑。相关人员应具备理解潜在影响的能力,文件记录需完整,且应运用质量风险管理技术。本附录的核心原则与我们实施计算机化系统所用的方法高度相似:着重强调单元需求,并确保系统满足这些需求。可通过细分可单独评估的功能与任务、再从整体层面评估的方式实现这一点。涉及人工参与环节(HITL)时,应明确这些人员的职责,确保其决策清晰、有理有据。

 

Sections on acceptance criteria, test data, and its independency are defined, and key points include the following.

关于接受标准、测试数据及其独立性的章节已明确,要点包括以下内容:

 

Assure that the acceptance criteria and test metrics generate a system as good as the system it is replacing.

 

确保接受标准和测试项目可以使新的系统与被替代系统的质量水平相当。

 

Criteria for ‘accept and reject’ should be clear and defensible.

 

“接受” 与 “拒收” 的判定标准应清晰明确、有理有据。

 

Test data should represent the full spectrum of experience, not a subset.

 

测试数据应覆盖完整的经验场景,而非仅选取部分场景(子集)。

 

Any elements of data ‘manipulation’ (data processing, exclusion, etc.) should be verified to assure no bias.

 

任何数据 “处理” 环节(如数据加工、排除等)均应经过验证,确保无偏差。

 

Data used for the system to learn should be separate and separated from data used to test the system.

 

用于系统 “学习” 的数据,应与用于测试系统的数据相互独立、明确区分。

 

Above all, documentation of what was done should be comprehensive.

 

最重要的是,对所开展工作的文件记录应全面详尽。

 

Sections on test execution, explainability, confidence, and operation assure that the end product is fully justified. As with any validation activity: it is critical to define the plan and control and minimize change in the execution. Test plans should be followed with deviations recorded and justified. The use of modern techniques like SHAP values (SHapley Additive exPlanations), LIME (Local Interpretable Model - agnostic Explanations), and heat maps should be used to describe the interplay of parameters and reliability of the decisions mandating. Of course, good documentation is essential. Confidence in the decisions and, again, modern techniques of confidence scoring and threshold analysis give measure of the validity and robustness of the outputs. During the execution of the scripts and data processing there must be adherence and good change control as well as impact configuration control. Deviations should be documented and investigated thoroughly and their requiring assigned. The system should be monitored to assure it is performing as predicted and that the data is still within the defined parameters, with robust ranges of the defined testing areas as predicted. Any use of the outputs by humans for decisions should be fully documented and defensible.

关于测试执行、可解释性、置信度和操作的章节,确保最终产品具备充分的合理性依据。和任何验证活动一样:明确计划、进行控制并在执行中尽量减少变更,这至关重要。测试计划应严格遵循,偏差需记录并说明理由。应运用 SHAP 值(沙普利加法解释)、LIME(局部可解释与模型无关解释)和热图等现代技术,来描述参数间的相互作用以及所要求决策的可靠性。当然,完善的文件记录必不可少。对决策的置信度(同样,置信度评分和阈值分析等现代技术)可衡量输出结果的有效性和稳健性。在脚本执行和数据处理过程中,必须严格遵循规定,做好变更控制以及影响性配置控制。偏差应记录在案并深入调查,同时明确整改要求。应对系统进行监测,确保其按预期运行,且数据仍处于规定参数范围内(包括规定测试区域的合理波动范围符合预期)。人员利用输出结果进行决策的任何情况,都应完整记录,且决策依据充分可查。

 

附录 11《计算机化系统》

 

The pharmaceutical quality management system mentioned in section 3. clarifies not only the usual topics (deviations, changes, self-inspections) but also the responsibility of senior management to regularly review all elements that influence the proper operation of the system.

第 3 节中提到的药品质量管理体系。不仅阐明了通常的主题(偏差、变更、自查),而且还阐明了高级管理层定期审查影响系统正常运行的所有要素的责任。

The elements of risk management referred to in section 4. reference ICH Q9; there is also an initial reference to the IT security requirements mentioned later in the document.

第 4 节中提到的风险管理要素。参考 ICH Q9;该文件还初步提到了IT 安全要求。

Almost one page is reserved for requirements specifications  (section 6. User Requirements), which are often neglected in practice, and there - as in many other places in the document - reference is made to the      possibility of using modern electronic tools to compile them.

第 6 节 用户需求:几乎有一页内容提到需求规范(URS),他们在实践中经常被忽视,文件还提到了使用现代电子工具编写它们的可能性。

Section 7. deals in detail with the services of external IT companies that are widely employed today and the various requirements for their control (audit, contract, documentation), where the expected contractual regulations are mentioned with nine subsections.

第 7 节:详细处理了当今广泛使用的外部 IT 公司的服务及其控制(审计、合同、文件)的各种要求,其中通过九个小节提到了预期的合同法规。

A new topic is the very detailed specification under 8. for the requirements for alarms and their verification with associated documentation, for example in the batch record. A non-erasable/deactivatable record (log) with a corresponding annotation, similar to an audit trail, is expected here.

第 8 节是一个非常详细的新的主题——报警及其确认的要求,使用相关记录,例如在批记录中。这要求具有相应注释的不可擦除/不可停用的记录(日志),类似于审计追踪。

 

8. Alarms8. 报警
8.1.Reliance on system. Alarms should be implemented in computerised systems where a regulated user is relying on the system to notify about an event. This is required when the user must take a specific action, without which product quality, patient safety or data integrity might otherwise be compromised.8.1. 依赖系统:在受监管用户依赖系统就某一事件进行通知的计算机化系统中,应设置报警功能。当用户必须采取特定行动(若不采取该行动,产品质量、患者安全或数据完整性可能会受到损害 )时,需设置此类报警。
8.2.Settings. Alarm limits, delays, and any early warnings or alerts, should be appropriately justified, and set within approved and validated process and product specifications. Setting, changing or deactivation should only be available to users with appropriate access privileges and should be managed by an approved procedure.8.2. 设置:报警限值、延迟时间以及任何预警或警报,都应经过合理论证,并在已批准且经验证的工艺和产品质量标准范围内进行设置。报警的设置、更改或停用操作,仅应向具备相应访问权限的用户开放,且应通过已批准的程序进行管理。
8.3.Signalling. Alarms should set off visible and/or audible signals when set alarm limits are exceeded and after any defined delay. The signalling should accommodate a timely reaction and should be appropriate to the work environment.8.3. 信号发出:当超出设定的报警限值且经过任何规定的延迟时间后,报警应触发可见和 / 或可听信号。信号的发出应便于及时做出反应,且应与工作环境相适配。
8.4. Acknowledgement. Critical alarms potentially impacting product quality, patient safety or data integrity should only be acknowledged by users with appropriate access privileges. As part of the acknowledgement, i.e. a confirmation that the alarm has been seen and appropriate action will be taken, a comment should be added about why the alarm was acknowledged (see 12 Audit Trails).8.4. 确认:可能影响产品质量、患者安全或数据完整性的关键报警,仅应由具备相应访问权限的用户进行确认。作为确认的一部分(即确认已看到报警并将采取适当行动 ),应添加一条关于为何确认该报警的注释(见 12 审计追踪 )。
8.5.Log. All alarms and acknowledgements should be automatically added to an alarm log. This should contain the name of the alarm, date and time of the alarm, date and time of the acknowledgement, username and role of the user acknowledging the alarm and any comment about why the alarm was acknowledged. It should not be possible for users working according to GMP to deactivate or edit alarm logs.8.5. 记录:所有报警及确认信息都应自动添加到报警日志中。日志应包含报警名称、报警发生的日期和时间、确认的日期和时间、确认报警的用户的用户名和角色,以及关于为何确认该报警的任何注释。遵循药品GMP开展工作的用户不应能够停用或编辑报警日志。
8.6.Searchability and sortability. Alarm logs should be searchable and sortable in the originating system, or it should be possible to export logs to a tool which provides this functionality. Other methods of reviewing alarms may also be used, if they provide the same effectiveness.8.6. 可搜索性和可排序性:报警日志应能在生成系统中进行搜索和排序,或者应能够将日志导出到具备该功能的工具中。若其他查看报警的方法能达到相同效果,也可使用。
8.7.Review. Alarm logs should be subject to appropriate periodic reviews based on approved procedures, in which it should be evaluated whether they have been timely acknowledged by authorised users and whether appropriate action has been taken. Reviews should be documented, and results should be evaluated to identify any trends that could indicate negative performance of a system or process, or impact on the product. The frequency and Page 7 of 19detail of reviews should be based on the risk to product quality, patient safety and data integrity.8.7. 审核:应依据已批准的程序,对报警日志进行适当的定期审核。审核中应评估报警是否已被授权用户及时确认,以及是否已采取适当行动。审核应形成文件记录,且应对结果进行评估,以识别任何可能表明系统或流程存在不良表现或对产品产生影响的趋势。审核的频率和详细程度应基于对产品质量、患者安全和数据完整性的风险。

 

Qualification and validation of the computerized system (Section 9.) correspond to the regulations in the old Annex 11, but reference is made to the possibility of using an application in a limited scope even if validation has not been fully completed, provided that this is explicitly stated in the validation report.

计算机化系统的确认和验证(第9节)与旧版附录11中的规定相对应,但提到即使验证尚未完全完成,也可以在有限范围内使用该系统,但必须在验证报告中明确说明。

 

9.8.Completion prior to use. Qualification and validation activities should be successfully completed and reported prior to approval and taking a system into use. Conditional approval to proceed to taking a system into use may be granted where certain acceptance criteria have not been met, or deviations have not been fully addressed. A condition for this is, that there is a documented assessment, that any deficiencies in the affected system functionality or Page 8 of 19 GMP processes, will not impact product quality, patient safety or data integrity. Where a conditional approval is issued, it should be explicitly stated in the validation report and there should be close follow-up on approval of outstanding actions according to plan.9.8. 使用前完成:确认和验证活动应在批准并启用系统之前成功完成并报告。在某些接受标准未满足或偏差未完全解决的情况下,可有条件批准启用系统。前提是应有书面的评估,证明受影响的系统功能或药品GMP流程中的任何缺陷不会影响产品质量、患者安全或数据完整性。若有条件批准,应在验证报告中明确说明,且应根据计划密切跟进未完成行动的批准情况 。

 

The risk of manual data entry instead of electronic interfaces between systems is pointed out in section 10. This section also contains an initial reference to the encryption of critical data.

第10节指出了系统之间手动输入数据而不是电子接口的风险。本节还包含对关键数据加密的初始引用。

The correct management of access to computerized systems (Section 11.) is discussed in detail in a number of subsections. In 11.3 it is outlined that system access by means of a smart card, which could be used by another person, for example, is not adequate. Requirements for secure passwords can be found in 11.5; the working group limits this to the general requirements, but does not specify a minimum length or a maximum validity period for passwords, nor for the regular verification of user accounts (11.11). The need to separate administrator rights from user rights (Segregation of Duties, SoD) is briefly discussed in 11.10.

对计算机化系统的访问的正确管理(第 11 节)在一些小节中进行了详细讨论。11.3 中概述了通过智能卡(例如,门禁卡)进行系统访问是不够的,例如,智能卡(例如,门禁卡)可以被另一个人使用。安全密码的要求可以在 11.5 中找到;工作组将此限制在一般要求范围内,但没有规定密码的最短长度或最长有效期,也没有规定用户帐户的定期验证(11.11)。11.10 简要讨论了将管理员权限与用户权限(职责分离,SoD)分开的必要性。

11.3.Certain identification. The method of authentication should identify users with a high degree of certainty and provide an effective protection against unauthorised access. Typically, it may involve a unique username and a password, although other methods providing at least the same level of security may be employed (e.g. biometrics). Authentication only by means of a token or a smart card is not sufficient, if this could be used by another user.11.3. 可靠识别:身份验证方法应能高度可靠地识别用户,并有效防止未经授权的访问。通常,这可能涉及唯一用户名和密码,不过也可采用其他至少具备同等安全级别的方法(如生物识别 )。仅通过令牌或智能卡进行身份验证是不够的,如他们可以被其他用户使用。

 

The fact that there was no details on the management of audit trails in the old Annex 11 has been taken into account in section 12: the requirements for the technical setup and an on-time review are clarified in ten neatly structured subsections.

第12节考虑到了旧版附录11中没有关于审计追踪管理的细节这一事实:结构整齐的十个小节澄清了技术设置和及时审查的要求。

Electronic signatures are addressed in Section 13, which also uses some of the definitions listed in 21 CFR Part 11 (e.g. Open Systems) and also discusses hybrid solutions.

第 13 节涉及电子签名,该节还使用了 21 CFR 第 11 部分中列出的一些定义(例如开放系统),并讨论了混合解决方案。

The periodic reviews of the systems (Section 14), which were not included in the old Annex 11, take up a lot of space. The expectations      of the periodic review are listed in twelve subsections.

对旧版附录11中未包括的系统的定期审查(第14节)占用了大量篇幅。定期审查的要求列在十二个小节中。

It is positive that the current topic of IT security (Section 15.) is treated in detail, with clearly defined requirements for the IT infrastructure (firewalls, disaster recovery - RTO/RPO, patches, virus protection, etc.). In this context, the necessity of regular penetration tests for critical systems is also emphasized, which will unfortunately have a considerable impact on costs.

积极的是,当前的 IT 安全主题(第 15 节)得到了详细处理,并明确定义了对 IT 基础设施的要求(防火墙、灾难恢复 - RTO/RPO、补丁、病毒防护等)。在此背景下,还强调了对关键系统进行定期渗透测试的必要性,不幸的是,这将对成本产生相当大的影响。

The topic of back-up can be found in section 16 with a definition of the requirements for physical and logical separation as well as regular restore tests.

备份主题可以在第 16 节中找到,其中定义了物理和逻辑分离以及定期恢复测试的要求。

It is most welcome that - as in the OECD GLP guidelines - the new Annex 11 addresses the archiving of data (Section 17.), as this was previously handled very briefly in the GMP regulations.

与OECD GLP 指南一样,新的附录 11 涉及数据归档(第 17 节),这是非常受欢迎的,因为此前在 GMP 法规中对此仅进行了非常简短的处理。

At the end of the document there is a glossary where a large number of technical terms are explained.

在文件的末尾有一个词汇表,其中解释了大量技术术语。

 

EU GMP 正文 第四章 文件记录

 

With issuance of Annex 22 and revision of Annex 11, Chapter 4 of GMP is in need of revision to reflect the use of electronic systems for documentation. As with Annex 11, new sections are added, as well as revisions made to other sections. However, many sections are unchanged.

随着附录 22 的发布以及附录 11 的修订,GMP的第四章需要进行修订,以体现文件记录中电子系统的应用情况。与附录 11 类似,本章新增了部分内容,同时也对其他章节进行了修订。不过,许多章节仍保持不变。

 

Two new sections on data governance and risk management are included. With data integrity being a significant focus for the industry, data governance describes the interplay of these systems. The principles of ICH Q9² are captured in the risk management section. The section on general requirements for documentation has been expanded to include data integrity principles and AI.

新增了两个关于数据治理和风险管理的章节。鉴于数据完整性是行业重点关注内容,数据治理章节阐述了这些系统之间的相互作用。ICH Q9 的原则在风险管理章节中有所体现。关于文件记录一般要求的章节已扩充,纳入了数据完整性原则和人工智能相关内容。

 

The ALCOA++ principle is also included in this document. ALCOA  was first proposed in the FDA's "Guidance for Industry : Part 11, Electronic Records; Electronic Signatures - Scope and Application" in 1999. In 2011, the FDA's "Guidance for Industry : Questions and Answers on Data Integrity and Compliance for Drug CGMP" added the ALCOA+ principle. In 2016, an international data integrity working group proposed the ALCOA++ principle, and the resulting document was titled "Good Data Management Practices for GMP Regulated Laboratories" and published in the scientific journal Analytical Chemistry. The EMA adopted the ALCOA++ principle in its "Guideline on Information Systems and Data Integrity in Clinical Trials" in March 2023. Now, the European Commission has also added the ALCOA++ principle to the revised draft of Chapter 4 of the new EU GMP.

ALCOA++原则也写入该文件。ALCOA原则首次在1999年FDA《行业指南: Part 11,电子记录;电子签名-范围和应用》中提出。2011 年,FDA发布的《行业指南:药品 CGMP 数据完整性与合规问答》中增加了 ALCOA+ 原则。 2016 年,一个国际数据完整性工作组提出ALCOA++ 原则,由此产生的文件名为《GMP 监管实验室的良好数据管理规范》,并发表在《分析化学》科学期刊上。EMA在2023年3月在其《临床试验中信息系统和数据完整性指南》采纳了ALCOA++原则。现在,欧盟委员会在新版EU GMP章节4的修订稿中也增加了ALCOA++原则。

 

Within good documentation principles, some new sections include data integrity as a major focus. A comprehensive separate section dedicated to data integrity is also included. The definition of signatures includes wet as well as electronic. The use of hybrid systems is included. These are all compatible with the well - established guidance on data integrity issued by EMA in 2016.⁴

在良好文件记录原则框架内,部分新增章节将数据完整性作为主要关注点。还包含一个专门针对数据完整性的完整独立章节。签名的定义既涵盖手写签名,也包括电子签名。同时纳入了混合系统的使用情况。这些内容均与EMA 2016 年发布的成熟数据完整性指南相兼容。

 

All other sections are either the same or the revisions are minor and do not change the philosophy or breadth.

其他所有章节要么保持不变,要么修订内容轻微,并未改变其理念或范围。

 

分享到:

来源:GMP办公室