NEWS DETAILS

Some questions about the audit trail

日期:2024-12-04 03:02
浏览次数:472
摘要:1. Question: Is the analysis data generated during the verification of the analysis method considered critical data? Answer: No. Because these data are released after the verification process is completed, they can only represent the basis for future analysis. Therefore, this is only an indirect criticality and does not require an audit trail review. 2. Question: Equipment calibration will affect the correctness of the data. Does this mean that correction is critical? ..
1. Question: Is the analysis data generated during the verification of the analysis method considered critical data?

 

Answer: No. Because these data are released after the verification process is completed, they can only represent the basis for future analysis. Therefore, this is only an indirect criticality and does not require an audit trail review.

 

2. Question: Equipment calibration will affect the correctness of the data. Does this mean that correction is critical?

 

Answer: Since the correction will only indirectly affect patient safety, there is no need for audit trail review.

 

3a. Question: Example: What happens if there is no user management for the production control of the reactor, and no password or audit trail, etc.? Is it allowed to continue to use such controls?

 

Answer: It is recommended to plan to replace this. The replacement time depends on the medicine produced in the reactor. This is critical.

 

3b. Question: Example: What happens if there is no user management for the production control of the reactor, no password or audit trail, etc.? (The controlled reactor you are involved in is used for intermediate and API production, but not for formulation production). Can these controls continue to be used, or should they be discontinued?

 

Answer: If the reactor is used for the production of intermediates, it is not necessary to replace the reactor control immediately. Recommendation: Evaluate all systems and equipment and arrange them according to priority (for example, use a relatively simple FMEA). Use this method to define when different priority levels need to be processed, for example, first priority = end of 2017, second priority = end of 2018, etc...

 

4. Question: Are there any regulations requiring an audit trail review before each batch of products is released, or is it just a recommendation so far?

 

Answer: Appendix 11 requires an audit trail review. Inspectors believe that batch release is a key process in all content.

 

5. Question: Hybrid system: Audit trail cannot be retrofitted. What should I do?

 

Answer: First, all other criteria (login, user/management profile, security) should be clarified. How critical are these data? If the data is critical, the replacement is planned based on the criticality (= priority).

 

6. Question: Role concept: Is a user allowed to perform reintegration? (GC system)

 

Answer: The answer is "not allowed." This requires authorization from the laboratory leader and an explanation.

 

7. Question: It is difficult to separate managers and users in CDS. Is it possible to grant managers and users to the same person?

 

Answer: Yes, but it needs to be described in the SOP.

 

8. Question: Process verification data is type 3 data --- therefore, there is no need for audit trail review. But is it necessary to review the generation of verification measurement data?

 

Answer: You are right, the key category of verification data is 3. Since there is no reason for fraud, users are unlikely to modify it-this is the opposite of batch release.

 

9. Question: Is the "Windows Event Viewer" useful for GXP device audit?

 

A: Answer: This may not be realistic, because too many incidents will be reported here. This method is considered worth considering only when the data is saved on this machine.

 

10. Question: Should the audit trail audit report be generated by the system itself? Or is it possible to use another more appropriate system to perform the analysis?

 

Answer: Strictly speaking, the audit trail must be generated by the system itself (the system generates the audit trail). What other systems do you think?