GAMP-5 principles MCQs With Answer

GAMP-5 principles MCQs With Answer is a focused learning resource tailored for M.Pharm students preparing for regulatory, quality, and validation roles in pharmaceutical industry. This blog delivers a concise introduction to the GAMP-5 framework and presents a set of targeted multiple-choice questions to reinforce understanding of risk-based approaches, lifecycle thinking, supplier management, validation strategies, and documentation expectations. Each question is designed to deepen conceptual knowledge and application, not just recall, helping students link regulatory expectations to practical system lifecycle activities. Use these MCQs to test readiness for exams, interviews, and real-world responsibilities in computerized system validation and Good Regulatory Practices.

Q1. Which fundamental approach is central to GAMP-5 for ensuring compliance of computerized systems?

• Document-heavy universal validation for all systems
• Risk-based approach focused on patient safety and product quality
• Vendor certification of all software
• Ad hoc testing only for critical systems

Correct Answer: Risk-based approach focused on patient safety and product quality

Q2. GAMP-5 emphasizes a lifecycle model for computerized systems. Which phase is primarily concerned with defining what the system must do?

• Operation and Maintenance
• Specification (User Requirements Specification / URS)
• Installation Qualification (IQ)
• Retirement

Correct Answer: Specification (User Requirements Specification / URS)

Q3. In GAMP-5, how are software systems typically categorized to scale validation effort appropriately?

• By developer reputation
• By system criticality and complexity (e.g., categories like infrastructure, configurable, custom)
• By the software language used
• By the number of users

Correct Answer: By system criticality and complexity (e.g., categories like infrastructure, configurable, custom)

Q4. Which document provides traceability from user requirements through design and testing in a GAMP-5 compliant project?

• Change control log
• Traceability matrix
• Training matrix
• Vendor contract

Correct Answer: Traceability matrix

Q5. What is the primary purpose of performing a supplier assessment in the context of GAMP-5?

• To negotiate price reductions
• To confirm supplier capability to deliver systems that meet intended use and regulatory expectations
• To transfer validation responsibility entirely to the supplier
• To determine the preferred programming language

Correct Answer: To confirm supplier capability to deliver systems that meet intended use and regulatory expectations

Q6. Which testing phase verifies that a system is installed according to specifications and environmental requirements?

• Performance Qualification (PQ)
• Operational Qualification (OQ)
• Installation Qualification (IQ)
• User Acceptance Testing (UAT)

Correct Answer: Installation Qualification (IQ)

Q7. GAMP-5 recommends distinguishing between configuration and customization. Which statement best reflects that guidance?

• Customization is preferred because it ensures unique functionality
• Configuration (using built-in settings) is preferred to minimize validation and maintenance burden
• All systems should be fully customized for compliance
• Configuration should be avoided as it cannot be validated

Correct Answer: Configuration (using built-in settings) is preferred to minimize validation and maintenance burden

Q8. Which activity is essential during the operation phase to maintain GAMP-5 compliance?

• Ignoring change control for minor issues
• Periodic review, monitoring, and change control
• Rewriting the URS annually without risk review
• Uncontrolled software updates

Correct Answer: Periodic review, monitoring, and change control

Q9. The “fit-for-purpose” concept in GAMP-5 implies that:

• Only the most advanced systems are acceptable
• Systems must be appropriate for their intended use and level of risk
• All systems require identical validation documentation
• Regulatory bodies must approve every system design

Correct Answer: Systems must be appropriate for their intended use and level of risk

Q10. Which of the following is a GAMP-5 recommended approach to testing to ensure effective coverage?

• Test only happy-path scenarios
• Risk-based testing focusing on critical functions and error conditions
• Only automated tests developed by the supplier
• No requirement for documented tests if the system is stable

Correct Answer: Risk-based testing focusing on critical functions and error conditions

Q11. What role does a User Requirements Specification (URS) play in GAMP-5 validation?

• It describes the supplier’s internal development procedures
• It defines the user needs and acceptance criteria for the system
• It is optional for off-the-shelf software
• It documents the maintenance schedule only

Correct Answer: It defines the user needs and acceptance criteria for the system

Q12. Which document typically demonstrates that system functional requirements have been met through testing?

• Validation Plan
• Test Summary Report with executed test scripts and results
• Purchase Order
• Supplier brochure

Correct Answer: Test Summary Report with executed test scripts and results

Q13. How does GAMP-5 suggest handling legacy systems with limited documentation?

• Replace immediately regardless of risk
• Perform a risk assessment, reconstruct critical documentation, and introduce compensating controls as needed
• Assume compliance because they are in use
• Outsource responsibility to a third party without assessment

Correct Answer: Perform a risk assessment, reconstruct critical documentation, and introduce compensating controls as needed

Q14. Which GAMP-5 principle emphasizes the need for clear roles and responsibilities during validation?

• Technology-first principle
• Defined lifecycle approach with clearly assigned responsibilities
• Supplier absolution principle
• Documentation minimization

Correct Answer: Defined lifecycle approach with clearly assigned responsibilities

Q15. What is the purpose of a Configuration Management plan in a GAMP-5 project?

• To describe financial aspects of the project
• To control and document changes to system configuration and software versions
• To list all software vendors
• To provide user training schedules only

Correct Answer: To control and document changes to system configuration and software versions

Q16. Which GAMP-5 output helps to prioritize validation effort by identifying potential impact on patient safety, product quality, and data integrity?

• Risk assessment (e.g., FMEA)
• Marketing plan
• Supplier invoice
• Training completion certificates

Correct Answer: Risk assessment (e.g., FMEA)

Q17. During qualification, what is the main difference between Operational Qualification (OQ) and Performance Qualification (PQ)?

• OQ tests system operation against specifications; PQ verifies performance in the real operational environment using actual users and data
• OQ verifies human training; PQ tests supplier support
• OQ is only documentation review; PQ is only software installation
• There is no difference; they are identical

Correct Answer: OQ tests system operation against specifications; PQ verifies performance in the real operational environment using actual users and data

Q18. Which aspect is critical for data integrity in computerized systems as guided by GAMP-5?

• Only manual backups are required
• Controls ensuring accuracy, completeness, consistency, and traceability of records
• Allowing unrestricted user access to simplify workflows
• Removing audit trails to improve performance

Correct Answer: Controls ensuring accuracy, completeness, consistency, and traceability of records

Q19. Which practice aligns with the GAMP-5 recommendation for documentation?

• Create extensive generic documents unrelated to system risk
• Produce scalable, fit-for-purpose documentation based on system criticality and complexity
• Keep all documents informal and undocumented
• Document only supplier activity, not user requirements

Correct Answer: Produce scalable, fit-for-purpose documentation based on system criticality and complexity

Q20. What is an appropriate first step when a change is proposed to a validated computerized system under GAMP-5?

• Apply the change immediately and document later
• Perform a change impact assessment to evaluate risk and determine validation needs
• Ignore the change if it seems minor
• Re-validate the entire system regardless of scope

Correct Answer: Perform a change impact assessment to evaluate risk and determine validation needs

Download