EU GMP Annex 11: What It Requires for Computerised Systems in Pharma

EU GMP Annex 11 governs computerised systems in EU pharma. Its data integrity, validation, and access control duties apply directly to AI/ML systems.

EU GMP Annex 11: What It Requires for Computerised Systems in Pharma
Written by TechnoLynx Published on 07 May 2026

Annex 11 is about data integrity, not software testing

EU GMP Annex 11 — part of EudraLex Volume 4, the EU guidelines for good manufacturing practice — governs the use of computerised systems in pharmaceutical manufacturing. It applies to any system that creates, modifies, maintains, archives, retrieves, or transmits data required under GMP. Its core concern is not whether software functions correctly (that is a validation question). Its core concern is whether the data produced and managed by computerised systems is attributable, legible, contemporaneous, original, and accurate — the ALCOA principles.

The annex was last revised in 2011 but remains the primary EU regulatory reference for computerised systems in GMP environments. A draft revision circulated in 2025 explicitly addresses AI/ML-driven systems for the first time, but the 2011 text remains in force until adoption. Annex 11 operates alongside the PIC/S guidance on data integrity (PI 041) and the MHRA’s data integrity expectations, all of which reinforce the same principles with varying levels of prescriptive detail.

Key requirements by Annex 11 section

Annex 11 Section Requirement Practical implication
1. Risk management Risk assessment throughout the system lifecycle Document risk to data integrity and product quality at each system phase
3. Suppliers and service providers Formal agreements with IT suppliers Supplier audits, quality agreements, access to audit trails
4. Validation Documented evidence of fitness for intended use Validation proportionate to system risk; lifecycle approach required
5. Data Built-in checks for correct and secure data entry Input validation, range checks, data verification controls
7. Data storage Protection against damage, accessibility, readability Backup, disaster recovery, data migration validation, format longevity
9. Audit trails Recording of all GMP-relevant changes Who changed what, when, and why — immutable, reviewable
10. Change and configuration management Controlled process for system changes Impact assessment, change approval, re-validation scope determination
11. Periodic evaluation Regular assessment of validated state Periodic reviews confirming system remains fit for purpose
12. Security Physical and logical access controls Role-based access, unique user IDs, session management, access logs

The table is the spine of the regulation. Each row corresponds to an inspector’s checklist item, and each one expands into its own documentation set in a real validation package.

The audit trail requirement is non-negotiable

Section 9 of Annex 11 states that consideration should be given to building audit trails for all GMP-relevant changes and deletions into the system. In practice, EU inspectors treat audit trail capability as mandatory for any system processing GxP data. The audit trail must record the original value, the new value, who made the change, when the change was made, and why.

Critically, the audit trail must be immutable. A system that allows administrators to modify or delete audit trail entries fails this requirement regardless of how thoroughly the rest of the system was validated. This has direct implications for AI systems built on PyTorch, TensorFlow, or ONNX runtime: if a machine learning model is retrained and the previous model version’s decisions are overwritten without preserving the original predictions, the system violates Annex 11’s data integrity requirements. The remedy is straightforward in principle — version every model artefact, persist every inference with its model hash, and keep both in an append-only store — but it requires designing the MLOps pipeline around audit-trail durability from the start, not as a retrofit.

Where does Annex 11 apply to AI/ML systems?

Annex 11 does not explicitly mention artificial intelligence or machine learning — the 2011 text predates the current generation of pharmaceutical AI applications. However, its principles apply directly:

  • An AI model making GMP-relevant decisions (batch disposition, deviation classification, environmental monitoring alerts) is a computerised system under Annex 11 scope.
  • Its training data, model versions, and prediction outputs constitute GMP data requiring audit trail coverage.
  • Any model update (retraining, fine-tuning, hyperparameter changes) constitutes a system change requiring change control and impact assessment under Section 10.
  • Periodic evaluation (Section 11) must include model performance review — not just software version checks. Drift monitoring, recalibration evidence, and change-control records for each retraining cycle are the practical artefacts inspectors look for.

The gap between Annex 11’s deterministic assumptions and AI’s non-deterministic behaviour is where most pharmaceutical companies encounter implementation friction. Addressing this gap requires the risk-based validation approaches described in the GAMP 5 Second Edition guidance for AI validation rather than attempting to force AI systems into the traditional IQ/OQ/PQ framework.

How does Annex 11 differ from 21 CFR Part 11 in practice?

While both Annex 11 and 21 CFR Part 11 address computerised systems in pharmaceutical manufacturing, they differ in scope, specificity, and enforcement approach. Understanding these differences is essential for companies operating in both EU and US markets, and it is one of the recurring questions that surfaces during a GxP regulatory scope analysis.

Annex 11 takes a broader scope than Part 11. Annex 11 covers the entire lifecycle of computerised systems (from selection through retirement), while Part 11 focuses specifically on electronic records and electronic signatures. A system may comply with Part 11’s electronic records requirements but lack the lifecycle documentation (validation plan, periodic review, retirement plan) that Annex 11 requires.

Annex 11 is also more prescriptive about specific controls. It explicitly requires risk assessment as the basis for validation scope, involvement of the quality unit in system lifecycle activities, supplier assessment and management, data migration validation, and business continuity planning. Part 11 implies many of these through general requirements but does not specify them explicitly.

Enforcement differs between the two jurisdictions. FDA inspections in the US have historically focused on data integrity and audit trail compliance within Part 11’s scope. European inspections (by national agencies implementing EU GMP) tend to review the broader lifecycle documentation that Annex 11 specifies, including supplier audit evidence, periodic review records, and change control documentation. The difference is not theoretical — we see it play out in practice when the same AI system passes an FDA audit and then takes a finding from an EU inspector on supplier qualification or periodic review evidence.

For companies operating in both markets, we recommend using Annex 11 as the primary compliance framework (since it is more comprehensive) and mapping Part 11’s specific requirements onto the Annex 11 framework to confirm coverage. In our experience, this approach ensures compliance with both frameworks without maintaining two separate compliance programmes.

What the 2025 draft revision changes for AI

The draft 2025 revision of Annex 11 — circulated for consultation but not yet adopted — addresses AI/ML systems explicitly for the first time. The signals from the draft are consistent: existing Annex 11 principles continue to apply, but the evidence expectations for non-deterministic systems are sharpened. Expect explicit language on training data governance, on documentation of model performance characteristics across the lifecycle, and on the periodic-evaluation cadence for systems whose behaviour can drift between releases. None of this changes the underlying obligation; it codifies the evidence inspectors have already been requesting.

Companies validating AI systems today should not wait for the revised text to settle. The risk-based, lifecycle-oriented approach the draft formalises is the same approach Annex 11 already implies when read against GAMP 5 Second Edition. The compliance work done now under the current text transfers cleanly to the revised one.

FAQ

What does EU GMP Annex 11 actually require for computerised systems in pharmaceutical manufacturing? Annex 11 requires that any computerised system creating, modifying, maintaining, archiving, retrieving, or transmitting GMP data be validated for its intended use, governed by lifecycle documentation, and built around the ALCOA data integrity principles. The nine substantive sections (risk management, suppliers, validation, data, storage, audit trails, change control, periodic evaluation, security) define the minimum control set.

How do Annex 11 requirements differ from 21 CFR Part 11 for the same AI system? Annex 11 covers the full system lifecycle; Part 11 focuses on electronic records and electronic signatures. For the same AI system, Annex 11 adds explicit requirements for supplier qualification, data migration validation, periodic evaluation, and business continuity planning that Part 11 only implies. The most comprehensive approach is to validate against Annex 11 and map Part 11’s specific record/signature controls onto that framework.

Where does Annex 11 apply specifically to AI/ML-based computerised systems? It applies wherever an AI/ML model produces, modifies, or governs GMP-relevant data — batch disposition, deviation classification, environmental monitoring, in-process control, release decisions. Training data, model versions, and inference outputs all fall within the audit trail and change control obligations.

What does an Annex 11–compliant validation package contain? At minimum: a documented risk assessment, validation plan and reports proportionate to risk, supplier qualification evidence, change and configuration management records, an immutable audit trail covering GMP-relevant changes, periodic evaluation reports, business continuity and data migration plans, and access control documentation tied to unique user identities.

How is the draft 2025 Annex 11 revision changing requirements for AI-driven systems? The draft addresses AI/ML systems explicitly for the first time, sharpening evidence expectations around training data governance, model performance documentation across the lifecycle, and periodic evaluation cadence for systems prone to drift. It does not introduce new principles — it codifies the evidence inspectors already request under the current text read alongside GAMP 5 Second Edition.

Which Annex 11 controls demand special evidence when the underlying model is retrained? Section 9 (audit trails — predictions made by previous model versions must remain retrievable), Section 10 (change and configuration management — every retraining cycle is a system change requiring impact assessment and approval), and Section 11 (periodic evaluation — performance review must accompany version changes, not just software-level checks).

EU GMP Annex 1 Guidelines for Sterile Drugs

EU GMP Annex 1 Guidelines for Sterile Drugs

5/09/2025

EU GMP Annex 11 for computerised systems 2026: scope, AI/ML validation, vs 21 CFR Part 11, retraining controls, 2025 revision impact.
GAMP 5 Guidelines: How to Apply Risk-Based Validation to Pharma Software

GAMP 5 Guidelines: How to Apply Risk-Based Validation to Pharma Software

8/05/2026

GAMP 5's risk-based framework scopes pharma software validation by impact, with the Second Edition extending the approach to AI and ML systems.
Computer System Validation in Pharma: What Engineering Teams Need to Implement

Computer System Validation in Pharma: What Engineering Teams Need to Implement

7/05/2026

Computer system validation in pharma: when full CSV applies, when CSA's risk-based path is enough, and what each delivers for AI/ML systems.
Back See Blogs
arrow icon