63rd AFI Symposium – Gian Paolo Baranzoni’s interview

The new GAMP 5 guidelines bring many significant updates but also important challenges to put into practice


The new GAMP 5 guidelines, introduced 14 years after the previous version, bring many significant updates. They reflect an updated technological context, vastly different from that of 2008, substantially a geological era has passed.

Most notably, they represent a shift in approach, with explicit references to ISO standards as for ISO 9000 and ISO 9001 and the link between them and tha GMP standards demonstrating an approach to the Quality extended to the entire company.

Furthermore, a very important aspect for tha ICT field is the integration of the ITIL framework for more effective IT service governance. Cybersecurity is emphasized, with the adoption of advanced standards such as ISO 27001 and the NIST framework, in response to the new European directive on cybersecurity (NIS2), along with a DevSecOps approach that requires close collaboration between development, security, and operations.

However, practical implementation is not without challenges, starting with the necessary change in perspective: all parties involved in technology must support ICT compliance.

This can be complex, both in terms of involving everyone and fostering collaboration among different parts of the company. Additionally, managing cybersecurity must be seen as a continuous and systemic process, rather than a series of one-time interventions.

These and many other aspects of the new GAMP 5 introduction will be addressed in the XVII session of the AFI Symposium  and have been discussed by Gian Paolo Baranzoni. of the Techonlogical Innovation Study Group of AFI in this interview.