Skip to content Skip to footer
GxPVigilance
GxPVigilance

About Us

Close

Why GxPVigilance Exists

Vendor oversight is now one of the highest-risk pressure points in GxP operations. External providers run critical activities, yet findings repeat, transparency varies, and internal oversight is stretched—while teams are expected to move faster without compromising compliance or patient safety.

GxPVigilance exists to fix this through independent vendor audits and AI enablement done correctly. We audit how providers actually operate (not just what SOPs claim), testing real-world governance: oversight models, data flows, documentation, training, escalation, CAPA effectiveness, and inspection readiness. In parallel, we help organisations adopt AI to reduce manual burden, improve consistency, and accelerate throughput—but in a controlled way: validated workflows, clear ownership, documented controls, traceable outputs, and defined human approval points.

AI delivers value when it’s governed. Patient safety is non-negotiable. Independence is maintained. AI supports—humans approve. Capability is built, not outsourced.

What We Do

GxPVigilance provides independent GxP (GCP, GLP, GDP, CSV) auditing, pharmacovigilance consulting and AI-enabled transformation services across pharmacovigilance, clinical research, quality systems, regulatory affairs, manufacturing and data management. We serve pharmaceutical sponsors, CROs, investigator sites, and healthcare organisations across Australia, New Zealand, and APAC.

Four Core Services

Core serviceWhat we doOutcome / options
GxP Auditing Services
Independent, risk-based audits across GCP, GVP, GLP, QMS and CSV/data integrity, focused on how work is actually performed—evidence, traceability, data integrity, and oversight in practice.Clear, defensible audit outcomes aligned to inspection expectations. Options: pre-audits, mock inspections, pragmatic CAPA support.
Responsible AI Enablement
Governance-first AI adoption that delivers value safely: defined scope, human accountability, documented controls, auditable evidence capture, and inspection-ready ways of working.Readiness assessments, governance framework design, validation/assurance, implementation support (PV/Reg, Clinical/Pharmacy specialties).
Training & Capability Building
Practitioner-level enablement so teams can run and evolve systems independently—governance, oversight, privacy controls, and audit-ready execution.AI governance, ISO/IEC 42001 (practical), human-in-the-loop oversight, safe AI use, AI-assisted GxP writing, validation thinking.
PV System Design & QMS Integration
Regulator-aligned PV system design and independent audits that strengthen governance, traceability, and sustained compliance—especially where PV–QMS links drift over time.QPPV governance models & metrics, PV–QMS integration (SOP/CC/CAPA), inspection readiness/defence, operational oversight, risk/regulatory support.

 

GxPVigilance’s Values

  • Clarity — Plain-English guidance and clean artefacts so everyone knows what, why, and by when.

  • Control — Traceable, documented workflows with clear ownership so your team runs the system.

  • Confidence — Proof you can present, with reproducible results and full traceability.

  • Integrity — Patient safety first; human-in-the-loop, no shortcuts, no black boxes.

  • Partnership — Co-designed, transparent, with capability transfer so you stay independent

Beliefs

  • Compliance should enable improvement, not fear.

  • AI is a tool for clarity, not a shortcut around responsibility.

  • Teams should own their systems — not rent dependency.

  • Transparency builds trust with regulators and patients.

  • Expertise should be shared and built, not hoarded
  • Patient safety remains non-negotiable

Who We Are

GxPVigilance is an independent consulting practice led by Carl Bufe, a pharmacist, GxP auditor, and AI practitioner with 24+ years of hands-on experience across pharmacovigilance, quality systems, clinical research, pharmaceutical operations, and regulatory affairs.

Location & Scale

Based in Brisbane with a Sydney office, we serve regulated teams across Australia, New Zealand, and APAC. We work with trusted subject-matter partners and use client-approved AI providers (Microsoft 365 Copilot, Azure OpenAI, Anthropic, Google Gemini) to accelerate delivery and consistency—while keeping client data confidential and preserving audit independence.

AI Governance & Transparency

All AI-assisted work is ISO/IEC 9001,  ISO/IEC 42001 and GAMP 5-aligned, with full traceability, human-in-the-loop review, and transparent documentation.

Meet Carl Bufe – Principal Consultant & Founder

Principal Consultant & Founder
Pharmacist | GxP Auditor | AI Practitioner

Career Summary

Carl brings 24+ years of hands-on regulatory, clinical, and operational experience in pharmaceutical organisations, including clinical research organisations (CROs), healthcare systems, and pharmaceutical businesses. His background spans pharmacovigilance, quality assurance, clinical operations, pharmacy practice, and data management—giving him a rare cross-functional perspective on how GxP systems actually work under pressure.

Before founding GxPVigilance, Carl held senior roles in quality, compliance, and pharmacovigilance at major clinical research and pharmaceutical organizations. He’s audited GCP compliance across Australia and internationally, designed and validated pharmacovigilance systems, conducted due diligence assessments for sponsors and CROs, and mentored teams in AI governance and regulatory affairs. His work has directly supported TGA inspection readiness, FDA submissions, and EMA compliance across multiple therapeutic areas.

Expertise & Focus Areas

Pharmacovigilance & Safety Systems
A-PVCP/QPPV model design, ICSR workflows, signal detection and oversight, expedited reporting, safety database management, medical review, sponsor-investigator communication.

GCP Auditing & Vendor Qualification
Sponsor and site audits, vendor due diligence, TGA inspection readiness, ICH E6(R3) transition, GCP systems assessment, research operations quality.

AI Governance & Implementation
ISO/IEC 42001 and GAMP 5-aligned AI lifecycle management, AI-enabled pharmacovigilance and regulatory intelligence workflows, human-in-the-loop safety systems, validation and testing protocols.

Quality Systems & Data Integrity
Quality management systems design, data integrity (ALCOA+), electronic records and audit trails (COTS and custom systems), vendor assessment, compliance strategy.

Clinical Trial Operations
Research operations quality, pharmacy and clinical manufacturing compliance, clinical supply chain oversight, study startup and operations readiness.

Qualifications & Credentials

Professional Qualifications

  • Bachelor of Pharmacy (Honours)
  • Postgraduate Diploma in Quality Systems
  • Bachelor of Commerce (Risk & Finance)
  • Bachelor’s Information Systems

Auditor & Technical Certifications

  • ISO Lead Auditor (ISO 9001, ISO 13485, ISO/IEC 42001)
  • Certificate in Computer System Validation (CSV)
  • GCP Training (ICH E6 R2/R3, TGA/MHRA-aligned)
  • Pharmacovigilance & AI Governance Practitioner



in
View Carl on LinkedIn

 

What Makes Us Different

Dual Mastery – GxP + AI in one practice.

Implementation Focus, Not Assessment-Only

Patient Safety Non-Negotiable

Pharmacist and Builder – not just consultant.

Australian TGA and International Context Expertise

Training-First Approach – we transfer knowledge.

Testimonials / Motivations

GxPVigilance helped us clear a 2-month backlog in 2 weeks.

Australian Biotech

Director of Quality, Australian Biotech