Recent incidents of drug contamination in the global supply chain have highlighted the importance of international quality
standards. Information technology (IT) plays a role in ensuring drugs' quality, and common IT standards can be valuable tools.
International IT Regulations and Compliance is a muchneeded addition to the literature about quality management and releated IT systems. The book covers topics ranging
from quality standards and management systems, regulatory requirements, organization, audits, validation, laboratory systems,
laboratory-information management systems (LIMS), and building-management systems.
International IT Regulations and Compliance, Siri H. Segalstad, Wiley, Hoboken, NJ, 2008, 338 pp., ISBN: 978-0-470-75882-3
The first chapter describes quality standards and draws links between IT, quality, and best practices such as good manufacturing
practice (GMP), good laboratory practice, and good clinical practice. Because these best practices require good process control,
the IT systems that direct the processes also must be understood and controlled. The regulatory requirements for IT systems
(e.g., 21 CFR Part 11 and EU GMP Part 11) are described in Chapter 2.
The book's discussion of electronic records and signatures helps guide readers in developing these systems in the organization.
Another chapter shows how IT security policy (e.g., the basic measures to protect data storage and transmission) helps mitigate
threats. Although the discussion is informative, an appendix offering a general template for security policy could have been
Quality management systems (QMS) can help document processes, rather than having the knowledge stored in employees minds.
Chapter 4 provides valuable information about creating QMS levels and assigning roles and responsibilities. The author explains
QMS clearly in terms of a quality policy, manual, and standard operating procedures (SOPs), which helps the reader understand
the big picture. SOPs are the basis for integrating an IT system with QMS, and Chapter 5 examines the details of generic and
Another chapter describes how the suppliers of a computerized system (e.g., software) must track their system-development
life cycle within their quality system. The book clearly explains that pharmaceutical companies' IT departments are responsible
for keeping the infrastructure, servers, clients, and hardware working. These departments must bear in mind the legal implications
of IT systems for pharmaceutical, financial, patent, and human-resources applications.
An organization's most important IT systems tend to be audited, and Chapter 10 examines audit types and procedures. Table
10.1 provides a useful audit checklist that compares ISO 90003:2004 with Good Automated Manufacturing Practice (GAMP) 4 standards.
Critical IT systems must be validated, and GAMP 4 is the only guideline that explains how to validate computerized systems.
Table 11.2 is particularly useful because it summarizes common problems and explains how to handle errors during qualifications.
Chapters 13–16 provide an excellent explanation of the qualification of IT systems. The process starts with the user requirement
specification, which is the organization's view of the functions the new system should have. The IT department is responsible
for operational and performance qualification, while end users are responsible for performance qualification alone.
Chapters 17 and 18 deal with laboratory instrument and recording systems. It is vital to secure electronic laboratory notebooks
for patent protection, among other reasons. The author offers practical information about securing LIMS and describes topics
such as evaluating whether to build or buy a LIMS.
Overall, this book is a good reference for everyone dealing with IT systems in a regulated environment. The style and content
are targeted to entry- and middle-level professionals. The author provides readers with a broad picture and strong overall
understanding of IT systems.
Sanjay Garg is an associate professor and deputy head of the School of Pharmacy at the University of Auckland, New Zealand, and a member
of Pharmaceutical Technology's Editorial Advisory Board, tel. +64 9 373 7599 ext. 82836, email@example.com