Professional Documents
Culture Documents
Use of Building Management Systems and Environmental Monitoring Systems in Regulated Environments
Use of Building Management Systems and Environmental Monitoring Systems in Regulated Environments
practical risk-
based advice
regarding the Position Paper:
implementation
and Use of Building Management Systems
management of
computerized and Environmental Monitoring
Systems in Regulated Environments
aspecis of a
Building
Management
System. by the ISPE GAMP® Forum, Special Interest Group
B
uilding Management Systems (BMS) • effective control of building related processes
have evolved over many years, along and equipment
side the development of Heating, Ven- • real time visibility of building management
tilation, and Air Conditioning (HVAC) system performance
and other building system technologies. In- • early warning of process deviations
creasingly, BMS technology has adopted con- • predictive maintenance planning
trol system architectures and philosophies to • centralized and/or remote control of facili-
satisfy the need for advanced automation. The ties and equipment
consequence has been that BMS is widely de- • optimization of utility costs
ployed throughout healthcare companies with • secure management and storage of process
modern day solutions being based on standard and equipment performance data
software and hardware design. Further, a BMS • implementation of standardized building
provides standard inbuilt functionality, based management strategies
on many years of building automation solu- • availability of state of the art and expand-
tions. As such, a BMS is often an effective able technologies
solution to cost conscious building manage- • effective system management and support
ment strategies. The implementation of a mod-
ern day BMS brings several benefits to organi- The requirements pertaining to the use of BMS
zations including, but not limited to: within regulated environments has been de-
bated within the healthcare indus-
Figure 1. BMS functional
model. try for many years with differing
views remaining today. Several rea-
sons are cited for this discussion,
the commonly recurring themes
being:
(i) the need to validate BMS controls when validated/cali- BMS Scope and Definition
brated independent monitoring is in place BMS may be used as a collective noun for a range of comput-
(ii) relationship between BMS risk and process/product risk erized systems including Programmable Logic Controllers
(iii) good design practices for new BMS (PLC), Supervisory Control and Data Acquisition Systems
(iv) good Engineering Practice (SCADA), Distributed Control Systems (DCS), Outstations/
(v) mitigation options for existing BMS Controllers and Instrumentation.
(vi) electronic record implications BMS may be deployed and managed centrally as a large
network of systems that may comprise different vendor
The ISPE GAMP® Forum has developed this position paper to products, or as a low complexity standalone system.
provide practical risk based advice regarding the implementa- The type of computerized system deployed and the scope,
tion and management of a BMS within regulated healthcare size, and complexity of the system will determine the level of
industries. In drawing its conclusions, this position paper difficulty in demonstrating that the system is fit for purpose.
Figure 2. Adaptation of the ISPE Commissioning and Qualification Baseline® Guide Impact Spectrum.
Figure 5. GEP vs. qualification/validation. Validation of process endpoints must be considered, such as
Ability to synchronize security settings across the BMS Changes to one Workstation reflected across all
infrastructure. workstations in order to ensure consistency of access
from different points.
Instrument Failure Detection Detection of instrument failure, isolation, manual Enables validation of data input/output and ensuring
override. integrity of process control and monitoring.
Communication Failure Detection of data transfer failure Ensures integrity of process control and historical data
capture. Ensures integrity of data timestamping.
Detection of data overload following communications Ensures that critical events and data are recorded in
Data storage failure accordance with design.
failure or similar events
Planned Enhancement Capability Built in expansion to allow for easy addition of control Easier validation/GEP of upgrades. Reduces pressure to
and monitoring points combine GMP and non GMP functionality.
Backwards compatibility to enable controlled upgrade Easier to maintain validated/GEP status following
upgrade.
Testing Simulation Tools Enable setting of I/O and status conditions to facilitate
controlled testing (note these features can also be
detrimental to validation if not provided under appropriate
access control).
Documentation Tools Software tools to enable documentation to be created Enables ease of documentation and record creation and
(also part of baseline of the system. Auditing of future verification of differences between current and new
differences against change control records) versions of BMS.
Table D. BMS requirements/design/operational considerations.