1 / 2

What does 21 CFR 11 Require?

What does 21 CFR 11 Require?. The FDA requires corporate compliance on the areas listed below. This document specifically deals with the FDA audit trail . Validation is required for all systems ( “all versions of application software, operating systems, and software development tools.”)

arvid
Download Presentation

What does 21 CFR 11 Require?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. What does 21 CFR 11 Require? • The FDA requires corporate compliance on the areas listed below. This document specifically deals with the FDA audit trail . • Validation is required for all systems (“all versions of application software, operating systems, and software development tools.”) • Accurate reproductions of original records • Access controls on the system • Computer-generated, time-stamped audit trails of electronic record “actions” • Sequence, location, and authority checks • Adequate training for developers • Written discipline policies • Document control & life cycle methodology • The FDA expects, at a minimum, a review of all systems and a plan of action to bring the site into compliance with the regulations. • Simply put, that FDA audit trail requirement is: • “Personnel who create, modify, or delete electronic records should not be able to modify the audit trails.” • As this requirement relates to JDE software, it does not apply to every electronic record, but rather to specific fields within the system (JDE).

  2. Why this is important • FDA only checks a signature (audit trail) when there is doubt in the veracity of a document. • A document can be adulterated for exactly one of two reasons: error or fraud. • The technology’s “integrity check” function makes the probability of an unidentifiable error extremely (i.e., 2exp128) remote. • Therefore, the very action of challenging a signature is the equivalent of an accusation of deliberate fraud. (i.e., a crime) • Senior management needs to develop, deploy, enforce, and document policies and procedures that mitigate this business risk. • The result will be a combination of ongoing effort, internal and external audits, rigor, vigilance, and some INFOSEC technology.

More Related