GAMP 5 templates, 21 CFR Part 11 / EU GMP Annex 11 control matrices, and the legal pack we ship to procurement. Read the source — every customer starts here.
Six lifecycle templates fork-and-fill: requirements, risk, plan, IQ/OQ/PQ, traceability and final report.
Structured URS template with sections for functional, regulatory, performance and interface requirements.
ICH Q9-style risk assessment template with FMEA scoring, risk priority numbers and mitigation tracking sections.
Phase-gated validation plan with deliverable matrix, role assignments, acceptance criteria and signature blocks.
Three protocols with measurable pass criteria, evidence capture fields and signed-execution blocks.
Cross-reference URS ↔ FRS ↔ Test Cases ↔ Risks. Manual fill — wire-up to your validation package.
Final validation report with deviation summary, risk re-evaluation and acceptance recommendation sections.
21 CFR Part 11, EU GMP Annex 11 and the GAMP 5 lifecycle map — control by control, with platform evidence.
Section-by-section mapping of every Part 11 control we currently implement, with audit-trail evidence pointers.
All seventeen Annex 11 sections mapped to platform controls and the customer responsibilities they leave behind.
GAMP 5 (2nd ed.) categorisation and lifecycle phases as modelled in the platform.
DPA, MSA, SOC 2 sample report, ISO 27001 alignment, EU AI Act statement, security whitepaper, business case template and SLA.
GDPR Art. 28 processor agreement with sub-processor list, EU SCC references and customer instructions schedule.
Standard commercial terms — order form, term, fees, liability, termination — for procurement review.
Sample structure of the Type II report we prepare. Audit in progress; final report shareable under MNDA.
How our ISMS, controls catalogue and risk register align with ISO 27001:2022. Certification audit planned.
High-risk system controls, RAG-grounded generation, human-in-the-loop signing and model documentation.
Encryption, identity, access, monitoring, resilience and AppSec controls in one document for vendor qualification.
Structured business case for procurement and validation leadership: scope, benefits, risks, total cost of ownership.
Generic SLA template — uptime targets, severity definitions, response and restoration commitments.
Customers fork these templates inside their tenant, swap in their SOPs, and ship. The PDFs above are the same source we hand to inspectors.