Checklist When Reviewing the Integrity of Remote Access
While many firms understand the importance of configuring their systems to ensure inspect trails are adequate and meet regulators expectations, many others still struggle to maintain electronic records with a complete and compliant audit trail. Validated reckoner systems with enabled audit trails are necessary, but non sufficient, to run across global regulatory good documentation practice requirements for electronic records. Electronic records must be supported by adequate audit trails and associated controls that ensure the '…ability to discern invalid or altered records.' That means your quality unit must review electronic records and their associated audit trails to ensure that all information are considered in batch release decisions. Costless white paper: Ensuring Enterprise-Wide Data Integrity in FDA-Regulated Industries Nosotros've highlighted eight key questions to ask when configuring audit trails for your laboratory musical instrument software to help ensure that the data generation and processing activities can be reconstructed and that all data are bachelor for review. While this not an exhaustive listing, it should provide a helpful guide to protect you from making the kinds of errors that ordinarily show up in inspection reports. The process for granting, irresolute, and removing access should exist governed by a detached procedure. Access to sure systems should exist governed according to job function. This is crucial for ensuring that the activity performed can be attributed to an individual. Never share whatsoever login credentials or passwords. Activities within the system should be governed by job part and those who create records should have very limited or no ability to modify or delete them. Make sure to maintain and update lists showing who has item access privileges for each system. When individuals are able to change date and time stamps, information technology'due south non possible to ensure that activities were conducted at the date and times indicated – compromising the integrity of the data. These features should be controlled at the network level. This requires unique login credentials and ensures firms and regulatory investigators know who, in particular, performed an action. Logging in, acquiring data, processing data, modifying data, deleting data, reporting results or reviewing data are all activities that crave inspect trails capture individual performers. Selecting from a pre-written list of possible justifications can get out out important details needed when explaining why a particular action was taken. To ensure completeness and specificity, brand this field a free text field for users to write their own justifications. Be sure all users are trained on how to provide a clear and complete justification. Sometimes this can happen and non be immediately apparent. When samples are retested, for example, the original results should always remain available to ensure everything tin can be reviewed and that your quality unit is considering all data when making lot disposition decisions. If information is overwritten, erased, or obscured, records associated with an activity cannot be fully reviewed. Most musical instrument information is reviewed in an electronic format and supplement by log books and other sources. GMP decisions should never be based on printouts of chromatograms or other documents that are used for convenience. When these documents are used, they should include the path to the original electronic data. 
Information integrity has become a major priority amidst regulatory investigators and audit trail deficiencies in particular accept been cited in a growing number of enforcement actions. 1. Do you accept policies and procedures that specify how staff are given access to figurer systems?
2. Are individual login and passwords required to access figurer systems?
3. Does your software command actions through admission privilege levels?
iv. Are date and time featured secured so they cannot be changed by those who perform, supervise, or review records?
5. Is the identity of the person performing an activity captured by the inspect trail?
6. Are your audit trails capable of documenting why an action was performed?
seven. Tin information be obscured or deleted when sure operations are performed?
8. Is the data being reviewed in the same format in which is was generated?
Learn how to ensure information integrity throughout your entire organization. Grab our free white newspaper, a 24-page guide filled with solutions to mutual compliance problems and a stride-by-step process for integrating an effective control framework for information integrity. 
Source: https://www.thefdagroup.com/blog/audit-trail-checklist-8-questions-to-ask-when-configuring-gmp-qc-laboratory-audit-trails
0 Response to "Checklist When Reviewing the Integrity of Remote Access"
Post a Comment