Hi all, I would like some thoughts on having an older GxP system that exposes the passwords to the system administrator. The system does not employ e-sigs....
Hello Paul; Sounds like your risk exposure is rather high from both a general IT Security perspective as well as Part 11. If the password can be seen (even by...
Any use of static (meaning traditional, not one-time or dynamic) passwords confronts this conundrum (which is why use of digital signatures with the private...
Guida, Richard [JJCUS]
RGuida@...
Nov 1, 2007 4:39 pm
17260
Can someone guide me thru the various implementation methods for E-Signatures? We are new to 21 CFR Part11. We are currently building an in-house Task...
So what are your own thoughts? Soren Bogoe ... From: 21cfrpart11@yahoogroups.com [mailto:21cfrpart11@yahoogroups.com] On Behalf Of paulkrason Sent: Wednesday,...
Paul, If the GxP application has passwords that are not secure, then I would suggest using the Windows operating system login to protect the application. Users...
Risk. _Always_ start with risk. What does the system do? What is the risk created by exposure of these passwords? What's the worst that could happen? Could...
First I'd like to thank everyone that contributed to the thread so far. Lots of very good thinking going on. As I suspected, I received a wide range of...
a little off the subject, but an inquisitive question: i may be naive, but i never understood the gamp risk categorizations of 'high' or 'low.' to me it's...
... Hi! Sorry but I don't get your point regarding Excel or Access! Concerning the documentation of Audits and Certrification I use e- doc system to track the...
If an audit is done properly.... thats right! The problem is that most of the times within our company there are no ressources left to plan an audit properly....
One question: how do you define "Assessment"? () If I read something about assessments like scampi it seems to be nearly the same as an audit within my way of ...
Hey Graham! That is exactly the point why I started to work on that issue. If there has to be an audit, then it shall at least generate benefits but nearly...
Hi, I want to start out by saying I've been reading this group but never posted before, and I've learned a lot by just reading the topics and replies, and I'm...
This comes down to do you consider the system an open or closed system. If it is open then you have to follow the rules for that. At this point I don't see...
Laurie, If it's a web app, and it's validated, why would the input device matter? A web site is a web site is a web site and a browser is a browser is a...
To All, I am in desparate need of some help/advice on the above topic. I recently started working at a CRO in Validation. I have learned that one of our sites...
Hi Laurie, As long as the signature is adequately linked to the information (record) and meets the non-repudiation requirement, it should be fine. That sounds...
What challenges/pitfall would there be validating an office network and Adobe for an electronic document/signature system? The correct procedures are in place...
All pharmaceutical companies conduct vendor Due Diligence before signing a contract. The due diligence includes GMP and Regulatory Compliance audits. The ...
Hemant In my experience that is the exception rather than the rule (only looking at it from a GMP perspective). As with all GMP issues, it is a question of how...
Perhaps you could enlighten me, which particular Pharmaceutical GMP regulation is not auditing vendors a violation of?? Auditing suppliers may be good business...
Do your validation protocols include test scripts/test cases? Greg Ventura ... From: 21cfrpart11@yahoogroups.com [mailto:21cfrpart11@yahoogroups.com] On Behalf...
Thanks for your response, Greg. At the moment, no. After you bringing it to my attention and looking at GAMP Good Practice Guide for IT Infrastructure Control...
David, I suggest you review General Principals for Software Validation; Final Guidance for Industry and FDA Staff, Section 6.3. That section states that "The...
I don't bring up test cases with the idea of adding them, but rather wondering how you handle numerous potential signings and/or initials on. It is not really...
Just to clarify.. 820.50 is a Medical Device regulation not Pharmaceutical General Principals for Software Validation; Final Guidance for Industry and FDA...
Regarding 21 CFR 820.50, isn't this a case of your auditing would be based on the "suppliers, contractors, and consultants" product or service affecting...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
