国产一级a片免费看高清,亚洲熟女中文字幕在线视频,黄三级高清在线播放,免费黄色视频在线看

Audit Trails

審計(jì)追蹤

An audit trail is a chronology of the “who, what, when, and why” of a record. It ensures a secure, computer-generated, time-stamped electronic record is available that allows for reconstruction of the course of events relating to the creation, modification, or deletion of an electronic record. For example, the audit trail for an HPLC run could include the user name, date and time of the run, integration parameters used, and details of reprocessing, if any, including the change justification. In addition, as part of reconciliation, the injection log can be included, but this injection log does not include audit trail injection information (blank/system suitability/Lot#) (2).

審計(jì)跟蹤是記錄“誰、做什么、何時(shí)、為什么”的表，能確保安全受控計(jì)算機(jī)所生成的，時(shí)間戳的電子記錄是能夠用于重建與電子記錄的創(chuàng)建、修改或刪除有關(guān)的事件過程。例如，HPLC運(yùn)行的審計(jì)追蹤可以包括，用戶名，運(yùn)行日期以及時(shí)間，使用的完整的參數(shù)記錄，再處理過程細(xì)節(jié)，或，修改理由。此外，進(jìn)針日志也可囊括在內(nèi)，但是這個(gè)進(jìn)針日志不包括審計(jì)跟蹤進(jìn)樣信息（空白/系統(tǒng)適用性/批號）（2）。

The audit trail feature (or function) should be enabled at all times, with strict access controls in place; equipment with data processing capability but lacking audit trail capability should be upgraded to CGMP standards. In those instances where the equipment lacks such capability, appropriate controls (e.g., paper-based) should be implemented to ensure all data and information generated, along with the history of all activities performed, is available for review.

審計(jì)跟蹤功能應(yīng)始終啟用，并應(yīng)有嚴(yán)格的訪問控制，具有數(shù)據(jù)處理能力但缺乏審計(jì)追蹤功能的設(shè)備   應(yīng)升級為 cGMP標(biāo)準(zhǔn)。在設(shè)備缺乏該功能的情況下，應(yīng)實(shí)施適當(dāng)?shù)目刂疲ɡ纾ㄟ^紙質(zhì)記錄） 應(yīng)該被實(shí)施以確保所有數(shù)據(jù)和信息的產(chǎn)生，以及所有活動的歷史可以回顧 。

The audit trail should include all possible data changes; then, the reviewer can decide whether any data change represents a compromised or regulated event.

審計(jì)跟蹤應(yīng)包括所有可能的數(shù)據(jù)更改；據(jù)此跟蹤記錄，審閱者可以判別是否數(shù)據(jù)更改是否是一個(gè)異常事件。

Different types of audit trails supply data on different functions; each should be assessed individu-ally and, then, all audit trails should be assessed collectively to determine the integrity of the data. Instrument-specific software provides several fields for configuring audit trails, and templates from which to choose for presentation. Figure 6.3.9-1 illustrates one approach to audit trail classification.

不同類型的審計(jì)跟蹤提供不同功能的數(shù)據(jù)，每個(gè)都應(yīng)該單獨(dú)評估。然后，所有的審計(jì)跟蹤應(yīng)進(jìn)行匯總評估，以確定數(shù)據(jù)的完整性。特定儀器的軟件提供了用于配置審計(jì)跟蹤和模板的若干字段。選擇哪一個(gè)進(jìn)行顯示。圖6.3.9.1 闡述了審計(jì)跟蹤的一個(gè)分類方法

Figure 6.3.9-1 Example of an Audit Trail Summary

圖6.3.9-1 審計(jì)追蹤示例

The Quality Unit is responsible for enabling fully functional audit trails, assessing the different kinds of metadata captured, and choosing which fields are required to verify and ensure data reliability and compliance. This approach should be carefully selected with a view to design the most appropriate pro-cedures for batch release as well as a sound periodic review. The following list reflects one recommended approach to the various classifications of audits, each of which are discussed in the sections below:

質(zhì)量部門負(fù)責(zé)啟用全面功能的審計(jì)跟蹤，評估所捕獲的不同類型的元數(shù)據(jù)，并選擇哪些字段需要確認(rèn)以確保數(shù)據(jù)的可靠性和完整性。應(yīng)仔細(xì)選擇此方法, 以設(shè)計(jì)最適合批放行和定期審核的程序。對不同等級的審計(jì)追蹤的推薦方法如下所列，后續(xù)章節(jié)將詳細(xì)闡述每個(gè)方法：

• System-level audit trail  系統(tǒng)層面審計(jì)追蹤

• Application-level audit trail  應(yīng)用層面審計(jì)追蹤

• Method audit trail 方法審計(jì)追蹤

• Results audit trail (or injection audit trail) 結(jié)果審計(jì)追蹤（或進(jìn)針追蹤）

• Sequence audit trail 序列審計(jì)追蹤

• Transaction log/system error log 色譜事件日志/系統(tǒng)錯(cuò)誤日志

System-Level Audit Trail

系統(tǒng)層面追蹤

If a system-level audit capability exists, the audit trail should capture, at a minimum: any attempt to log in, successful or unsuccessful; ID, date, and time of each login attempt; date and time of each log-off; device used; and function(s) performed while logged in, i.e., applications that the user attempted, successfully or unsuccessfully, to perform, as shown in Figure 6.3.9.1-1 (2).

如果存在系統(tǒng)層面的審計(jì)能力，審計(jì)追蹤最少應(yīng)捕捉：任何登錄嘗試、成功或不成功；每次登錄嘗試的ID、日期和時(shí)間；每次注銷的日期和時(shí)間；使用的設(shè)備；以及登錄時(shí)執(zhí)行的功能，例如用戶嘗試的應(yīng)用程序；成功或失敗。

System audit trails cover the activities related to system policy changes, user activities (login, logoff, unauthorized logins and user privileges changes), changes to projects (creating, deleting, modifying and restoring), verification of project integrity and changes to systems. The Quality Unit should review system audit trails on a periodic basis established by the firm for any type of deletions.

系統(tǒng)審核跟蹤覆蓋了系統(tǒng)策略更改、用戶活動相關(guān)的活動（登錄、注銷、未經(jīng)授權(quán)的登錄和用戶權(quán)限更改，對項(xiàng)目的更改（創(chuàng)建、刪除、修改和恢復(fù)），證明項(xiàng)目的完整性和對系統(tǒng)的變更。質(zhì)量系統(tǒng)應(yīng)定期審核系統(tǒng)審計(jì)追蹤以確定任何類型的刪除。

Figure 6.3.9.1-2 displays a typical system audit trail for project deletion. System audit trails are re-viewed in investigations to check the login and logoff times as well as any system-based information that is not captured on application-level audit trails (2).

圖6.3.9.1-2展示了一個(gè)典型的系統(tǒng)層面項(xiàng)目刪除的審計(jì)跟蹤。系統(tǒng)審核追蹤可以在調(diào)查過程查看以檢查登錄和注銷時(shí)間, 以及在應(yīng)用級別審核跟蹤 (2) 中未能捕獲的任何基于系統(tǒng)的信息。

Figure 6.3.9.1-1 System Audit Trail (Default) 

圖6.2.9.1-1系統(tǒng)審計(jì)追蹤

Figure 6.3.9.1-2 System Audit Trail for Project Deletion

圖6.3.9.1-2項(xiàng)目刪除的系統(tǒng)審計(jì)追蹤

Application-Level Audit Trail

應(yīng)用層面審計(jì)追蹤

Application-level audit trails monitor and log user activities, including which data files were opened and closed, and what specific actions have been taken, such as reading, editing, processing, and delet-ing records or fields, and publishing reports. This could also be called a project-level audit trail. Some applications may be sensitive enough to create an audit trail that captures “before” and “after” informa-tion for each modified record or the data changed within a record (54).

應(yīng)用層面審計(jì)跟蹤監(jiān)視和記錄用戶活動，包括打開關(guān)閉哪些數(shù)據(jù)文件，以及采取了什么具體行動，例如查看、編輯、處理和刪除記錄或文件，和發(fā)布報(bào)告。這也可以稱為項(xiàng)目級別審計(jì)跟蹤。某些應(yīng)用程序可能足夠敏感, 可以創(chuàng)建一個(gè)審核跟蹤, 用于捕獲每個(gè)修改記錄的 '之前' 和 '之后' 信息, 或記錄中更改的數(shù)據(jù) (54)。

Method Audit Trail

方法審計(jì)追蹤

Method audit trails track the changes made to the method and typically contain the following information:

方法審計(jì)追蹤追蹤方法所做的更改，通常包含以下信息：

• Method modification history 方法修改歷史

• Method used for all injections所有進(jìn)樣的方法

• Method modified between the sequences 不同序列之間的方法修改

Results Audit Trail 

結(jié)果審計(jì)追蹤

Chromatograms or reports can serve as a results audit trail. Figure 6.3.9.4-1 is a model results audit trail report that presents integration type, date acquired, date processed and by whom, and if the chro-matogram was altered after generating data. Typically, chromatograms should contain:

色譜圖或報(bào)告提供結(jié)果審計(jì)追蹤。圖6.3.9.4.1是一個(gè)結(jié)果審計(jì)跟蹤報(bào)告模板，它顯示了積分類型、獲取的日期、處理的日期以及由誰處理的日期，以及在生成數(shù)據(jù)之后色譜圖是否被改變。色譜圖通常應(yīng)包含：

• Sample description 樣品描述

• Date and time of sample acquisition 樣品采集的日期和時(shí)間

• Date and time of results processed, if possible 處理結(jié)果的日期和時(shí)間（如有）

• Minimum method parameters, i.e., wave length, injection volume, and method name/ID方法參數(shù)，比如波長、進(jìn)樣量、方法名稱/ID

• Integration type 積分類型

• Retention time (any other system suit parameters) 保留時(shí)間

• Time printed, published, or saved 打印、發(fā)布或保存時(shí)間

• Integration events 積分事件

• Sample name change after execution 執(zhí)行后樣品名稱變更

Filters can also be used to search the requirement from huge amounts of data. Figure 6.3.9.4-2 rep-resents a filter to search whether the sample has been injected in multiple projects. For older systems with limited functionality, the reviewer should sign and stamp results printed on paper and review the electronic data according to the Quality Unit policy. If the results are published electronically, the re-viewer should e-sign the results after reviewing and lock the signed file. If it will be used for any inves-tigational purpose, the Quality Unit must review the electronic data per the firm’s policy, as electronic data is deemed to be final. Once the printed data is audited, original electronic data should be available for reference and should not be altered. Any modification to the approved data needs to be justified.

篩選器還可以用于從大量數(shù)據(jù)中搜索所需信息。圖6.3.9.4-2代表篩選器搜索在多個(gè)項(xiàng)目中的樣品進(jìn)樣。對于舊系統(tǒng)在功能有限的情況下，復(fù)核人應(yīng)在打印結(jié)果上簽名并按照質(zhì)量部門SOP復(fù)核電子數(shù)據(jù)。如果結(jié)果是以電子形式發(fā)布的，復(fù)核人在審核后對結(jié)果進(jìn)行電子簽名并鎖定名文件。如果它將被用于任何調(diào)查目的，當(dāng)電子數(shù)據(jù)被認(rèn)為是最終的數(shù)據(jù)，質(zhì)量部門必須按照公司的政策審查電子數(shù)據(jù)。一旦打印的數(shù)據(jù)被審核過，原始電子數(shù)據(jù)應(yīng)該僅用于參考，不可更改。對批準(zhǔn)的數(shù)據(jù)的任何修改都應(yīng)進(jìn)行論證。

Figure 6.3.9.4-1 Results Audit Trail Report

圖6.3.9.4-1結(jié)果審計(jì)追蹤報(bào)告

Figure 6.3.9.4-2 Filter to Search Sample in Multiple Projects

圖6.3.9.4-2使用篩選器在多個(gè)項(xiàng)目中尋找樣品

Sequence Audit Trail

序列審計(jì)追蹤

Sequence audit trails, or sample set audit trails, track the changes made to the sample sequence or batch. Figure 6.3.9.5-1 represents a typical sequence audit trail report, which generally contains the following information:

序列審計(jì)跟蹤或樣品集審計(jì)跟蹤，跟蹤對樣品序列或批所做的更改。圖6.3.9.5-1表示典型的序列審計(jì)跟蹤報(bào)告，一般包含以下信息：

• Name correction for sample set or injections after injection acquisition 樣品采集或進(jìn)樣名稱改變

• Sample set alteration 樣品集改變

• Sample name alteration during sequence execution 在序列執(zhí)行過程中更改樣品名稱

• Method used for all injections 用于所有進(jìn)樣的方法

• Aborted sequences 取消序列

Project-Level Audit Trail

項(xiàng)目審計(jì)追蹤

By enabling the audit trails option while creating it, a project will capture all the activities performed with respect to sample set, injections, channels, results, calibration curves, and peaks. Figure 6.3.9.6-1 represents a project audit trail record for deleted injection as a poor example to show fraudulent data.

通過啟用審計(jì)跟蹤選項(xiàng)時(shí)可以激活，項(xiàng)目將捕獲關(guān)于樣本集、進(jìn)樣、通道、結(jié)果、校準(zhǔn)曲線和峰執(zhí)行的所有活動。圖6.3.9.6-1顯示了項(xiàng)目審計(jì)跟蹤記錄一個(gè)刪除的事件，來展現(xiàn)欺詐性數(shù)據(jù)的示例。

Figure 6.3.9.5-1 Sample Set Audit Trail Report

圖6.3.9.5-1 樣品設(shè)置審計(jì)追蹤報(bào)告

Figure 6.3.9.6-1 Project Audit Trail – Deleted Injection

圖6.3.9.6-1 項(xiàng)目審計(jì)追蹤-刪除進(jìn)樣

Injection Log

進(jìn)樣日志

Chromatographic data acquisition software typically has the ability to maintain a log of injections. In addition to the date and time, the software may include additional information associated with the injection such as lot number, blank or system suitability, reference, or sample. An audit trail ensures the integrity of the data and, if the audit trail is enabled, review of the injection log is not necessary. Injection log reports are typically built in by the software developer, though with limited ability to customize without expert programming capability. The type, ease of log retrieval, and ease of printing/ publishing are also built-in functionalities of the software; however, their inclusion will vary among software suppliers. An injection log is separate and distinct from an audit trail; while it is a good tool to have, it is not essential to ensuring data integrity (2).

色譜數(shù)據(jù)采集軟件通常具有保存進(jìn)樣日志的功能。除日期和時(shí)間外, 軟件還可能包括與進(jìn)樣相關(guān)的附加信息, 如批號、空白或系統(tǒng)適用性、對照或樣品。審計(jì)跟蹤可確保數(shù)據(jù)的完整性, 如果啟用了審核最終, 則不需要檢查進(jìn)樣日志。進(jìn)樣日志報(bào)告通常由軟件開發(fā)人員構(gòu)建, 因此沒有專家編程能力，自定義能力有限。軟件還內(nèi)置功能, 便于日志檢索, 易于打印/發(fā)布;但是,不同軟件供應(yīng)商的內(nèi)容會有所不同。進(jìn)樣日志是獨(dú)立的, 有別于審計(jì)跟蹤;盡管這是一個(gè)很好的工具, 但對確保數(shù)據(jù)完整性 (2)來說并不重要。

Transactional Log/System Errors

事件日志/系統(tǒng)錯(cuò)誤

Chromatography

色譜儀

The transactional log (which may be referred to by other terms depending on the equipment vendor) and system error logs are online, instantaneous features that display pop-up messages about system functionality, user activity, and hardware-related issues or errors. Figure 6.3.10.1-1 shows the types of errors generated by the software or transactional log and a typical representation of a software transac-tional log. Figure 6.3.10.1-2 represents a typical transactional error log.

事件日志和系統(tǒng)錯(cuò)誤日志（根據(jù)設(shè)備供應(yīng)商的不同，此術(shù)語可以用其他術(shù)語來指代）是實(shí)時(shí)的、即時(shí)的特性，它們顯示關(guān)于系統(tǒng)功能、用戶活動和硬件相關(guān)問題或錯(cuò)誤的彈出消息。圖6.3.10.1-1、6.3.10.1-2 展示常見錯(cuò)誤。

The transactional log is neither an audit trail nor is it intended to be a replacement for or component of other audit trails. A transactional log generally provides some additional information related to soft-ware (e.g., missing vial, lost prime) or hardware malfunctions (e.g., HSS fault, lost connection) and can help in interpreting the audit trail.

事件日志既不是審計(jì)跟蹤，也不作為其他審計(jì)追蹤的替代或組成。事務(wù)日志提供與軟件有關(guān)的額外信息（如，missing vial, lost prime）或硬件功能異常（如HSS錯(cuò)誤，斷開連接）以及可以幫助解釋審計(jì)追蹤。

No one should have access or authority to manually change this log; however, the system can be configured to automatically purge the messages on a periodic basis to ensure efficient operation of the system process-ing memory. If the audit trail is never turned off, any deletion, modification, or copying of messages per-formed by the administrator will be recorded in validated audit trails (e.g., system audit trail). The Quality Unit should verify when a system or run has been interrupted due to a disconnection or power loss.

不應(yīng)有人有權(quán)限修改此日志。然而，可以將系統(tǒng)配置為定期自動清除信息，來保證系統(tǒng)充足的操作記憶內(nèi)存。如果審計(jì)追蹤功能從未關(guān)閉，那么管理員說執(zhí)行的任何有關(guān)信息刪除、修改、和拷貝都會被記錄在經(jīng)驗(yàn)證的審計(jì)追蹤中（例系統(tǒng)審計(jì)追蹤）。質(zhì)量部門應(yīng)確認(rèn)系統(tǒng)或一次運(yùn)行何時(shí)于斷開連接或斷電造成的中斷。

Figure 6.3.10.1-1 Example of a Transactional Log

圖6.3.10.1-1 事件日志示例

Figure 6.3.10.1-2 Example of a System Error Log

圖6.3.10.1-2 系統(tǒng)錯(cuò)誤日志示例

The messages appearing in the log may come from the application software, third-party software, (e.g., Oracle database supporting system for chromatographic software) or other connected instruments (e.g., balance connected to HPLC) or equipment. Some chromatographic software packages offer this function-ality. The transactional logs are system-level messages, temporarily stored and often automatically purged by the system at time-based defined intervals; their utility is therefore time-sensitive. These transactional logs may prove beneficial for trending (e.g., trending of most frequent instrument or processing errors that require attention helps in troubleshooting) or investigational purposes (e.g., describing the cause of the failure) and companies may utilize this information accordingly. During software validation, messages will present as information, warning, or error according to listed categories (e.g., general, security). Critical messages and actions regarding data manipulation or data deletion that may appear in the transactional log must be captured in validated audit trails (e.g., system, result, sequence or sample, or method audit trails).

日志中出現(xiàn)的消息可能來自應(yīng)用軟件、第三方軟件，例如支持色譜軟件系統(tǒng)的Oracle數(shù)據(jù)庫或其他連接儀器（例如連接到HPLC的天平）或設(shè)備。一些色譜軟件包提供了這種功能。事件日志是系統(tǒng)層面的信息，臨時(shí)存儲并以指定時(shí)間間隔自動清除；因此它們的實(shí)用性是有時(shí)間限制的。這些日志對于分析趨勢（例如，分析需要關(guān)注幫助排除故障的最頻繁使用的儀器或處理錯(cuò)誤）或調(diào)查原因（描述失敗原因）可能有好處，公司可以相應(yīng)的利用這些信息。在軟件驗(yàn)證期間, 信息將根據(jù)列出的類別 (例如, 常規(guī)、安全性) 顯示為信息、警告或錯(cuò)誤。在事件日志中可能出現(xiàn)的關(guān)于數(shù)據(jù)操作或數(shù)據(jù)刪除的關(guān)鍵消息和操作必須在經(jīng)過驗(yàn)證的審計(jì)追蹤（例如，系統(tǒng)、結(jié)果、序列或示例，或方法審計(jì)跟蹤）中捕獲。

Categorization of error messages having an impact on the software and product ideally would be incor-porated during software development and validation by the vendor. Some errors with titles that sound critical (e.g., cable disconnected, connection lost, communication failure) may not be captured in a validated audit trail but recorded in a transactional log. It may be difficult to confirm that these types of messages are all caused by intentional interruptions or have any impact on product quality data. It is therefore important to have appropriate controls and procedures in place to ensure that true power outages be recorded, especially if a chromatographic run is affected.

理想情況下，對軟件和產(chǎn)品有影響的錯(cuò)誤消息的分類將在軟件開發(fā)和供應(yīng)商驗(yàn)證期間涵蓋。    一些標(biāo)題聽起來很關(guān)鍵的錯(cuò)誤（例如，電纜斷開、連接丟失、通信失敗）可能不會在經(jīng)過驗(yàn)證的審計(jì)追蹤中捕獲，而是記錄在事件日志中?？赡芎茈y確認(rèn)這些類型的消息都是由故意中斷引起的，或?qū)Ξa(chǎn)品質(zhì)量數(shù)據(jù)有任何影響。因此有必要建立適當(dāng)?shù)目刂坪统绦?，以確保真正的停電記錄，特別是如果色譜運(yùn)行受到影響。

The Quality Unit for the lab must establish and validate error messages during equipment installation and qualification. Some error messages are specific to the operating system of the software and are not directly related to data or equipment operation. It is important to work with the software supplier to understand the description of messages that are recorded in the transactional log as they may be subject to evaluation during inspection. Further, it is important to identify those messages that are critical, i.e., related to data and instrument operations. For existing or previously installed equipment (e.g., legacy systems), during installation and qualification, the Quality Unit should assure that all transactional log messages are reviewed and understood, and that critical messages are identified and included in validated audit trails. Transactional log messages that have no impact on analyses or quality attributes of a product and messages that are also recorded in validated audit trails need not be retained.

實(shí)驗(yàn)室的質(zhì)量部門必須在設(shè)備安裝和驗(yàn)證期間建立和驗(yàn)證錯(cuò)誤信息。一些錯(cuò)誤消息是特定于    軟件的操作系統(tǒng)的，與數(shù)據(jù)或設(shè)備操作沒有直接關(guān)系。與軟件供應(yīng)商一起工作以理解記錄在    事件日志中的消息的描述是很重要的，因?yàn)樗鼈兛赡茉跈z查期間受到評估。此外，重要的是    識別那些關(guān)鍵的消息，即與數(shù)據(jù)和儀器操作有關(guān)的消息。對于現(xiàn)有或先前安裝的設(shè)備（例如，遺留系統(tǒng)），在安裝和驗(yàn)證期間，質(zhì)量部門應(yīng)確保審查和理解所有事件性日志消息，并    確保在已驗(yàn)證的審計(jì)跟蹤中識別關(guān)鍵消息。不需要保留不影響產(chǎn)品分析或質(zhì)量屬性的事件日    志消息以及也記錄在已驗(yàn)證的審計(jì)跟蹤中的消息。

For example, if a cable is disconnected from an HPLC to a LAC/E box, then the data will not be captured, and the transactional log will show a message as system interruption due to cable disconnection. Further dia-logue between industry, health authorities, and vendors is needed to resolve how to address this evolving topic.

例如，如果從HPLC到LAC/E BOX的連接斷開，那么數(shù)據(jù)將不被捕獲，并且事件日志將顯示消息為由于連接斷開導(dǎo)致的系統(tǒng)中斷。需要在行業(yè)、衛(wèi)生部門和供應(yīng)商之間進(jìn)一步對話, 以解決如何處理這個(gè)不斷變化的話題。

Other Types of Equipment

其他類型的設(shè)備

Transactional logs are also available from other types of automated analytical equipment such as X-ray diffraction(XRD) or Karl Fisher(KF). Examples are shown in Figure 6.3.10.2-1 and Figure 6.3.10.2-2 below. Figure 6.3.10.2-2 also provides an example of how the log entries can be misleading if an auditor is not fully trained on the system. For example, although one entry reads “Deleted the journal entry” in the XRD log, the actual reason for displaying the message is a job interruption. The Quality Unit should rec-ognize critical messages recorded in transactional logs and ensure they are recorded in validated audit trails.

其他類型的自動化分析設(shè)備也有事件日志，如X射線衍射(XRD)或水分儀(KF)。如圖6.3.10.2-1 和6.3.10.2-2所示.圖6.3.10.2-2還說明如果審核人員沒有對系統(tǒng)進(jìn)行全面培訓(xùn)，則日志條目可能產(chǎn)生誤導(dǎo)。例子在以下圖6.3.10.2.1-6.3.10.2.2展示。例如，雖然一個(gè)條目在 XRD 日志中讀取 '刪除日志條目', 但顯示消息的實(shí)際原因是作業(yè)中斷。質(zhì)量部門應(yīng)該識別記錄在事件日志中的關(guān)鍵消息，并確保它們記錄在已驗(yàn)證的審計(jì)跟蹤中。

Figure 6.3.10.2-1 Example of a Transactional Log for XRD

圖6.3.10.2-1  XRD事件日志示例

Figure 6.3.10.2-2 Example of a Transactional Log for KF

圖6.3.10.2-2  KF事件日志示例

Common Deficiencies 

常見缺陷

The following problems, listed with the respective ALCS components, are often encountered and com-monly found in audits or cited in FDA Warning Letters: (55)

FDA警告信中關(guān)于復(fù)雜計(jì)算機(jī)化系統(tǒng)的數(shù)據(jù)完整性的常見典型缺陷如下：

Computers 計(jì)算機(jī)

• Shared passwords 共享密碼

• No control over data generated  未控制所生成的數(shù)據(jù)

• Data acquisition date-and-time-stamp changes to alter actual date and time of results 修改數(shù)據(jù)采集日期和時(shí)間戳以改變實(shí)際的結(jié)果日期和時(shí)間

• No control of automatic software updates軟件自動更新沒有控制

• Computer systems/software validation errors 計(jì)算機(jī)系統(tǒng)/軟件驗(yàn)證錯(cuò)誤

• Time synchronization across all equipment and computers in the laboratory 實(shí)驗(yàn)室內(nèi)所有設(shè)備和計(jì)算機(jī)的時(shí)間同步

• Inappropriate database protection in computerized systems計(jì)算機(jī)系統(tǒng)中數(shù)據(jù)庫的保護(hù)不恰當(dāng)

• Unauthorized changes made by analysts 分析員未經(jīng)授權(quán)的更改

•  Altering or setting back the computer’s clock or date and time of the chromatographic injection 修改或設(shè)置計(jì)算機(jī)的時(shí)鐘或色譜進(jìn)樣的日期和時(shí)間

Server 服務(wù)器

• Lack of oversight by Quality Unit 缺乏質(zhì)量部門監(jiān)督

• Validation errors 驗(yàn)證錯(cuò)誤

• Improper network mapping that leads to data transmission losses 不當(dāng)網(wǎng)絡(luò)映射導(dǎo)致數(shù)據(jù)傳輸損失

• Cloud systems not verified for data transmission and data losses 云系統(tǒng)未驗(yàn)證數(shù)據(jù)傳輸和數(shù)據(jù)丟失

Equipment 設(shè)備

• Single injections or sample trial injections of test samples made directly on instrument 直接在儀器上進(jìn)行的測試樣品的單次進(jìn)樣或樣品試驗(yàn)進(jìn)樣

• Stand-alone equipment connected to computer without server lacks controls, routine audit trail re-views, and full data retention capabilities that prevent analysts or other personnel from deleting data

• 連接到計(jì)算機(jī)但沒有服務(wù)器的單機(jī)版設(shè)備缺乏控制、常規(guī)審計(jì)跟蹤檢查以及防止分析員或其他人員刪除數(shù)據(jù)的完整數(shù)據(jù)保留能力

• Features not appropriately selected or engaged, e.g., provision for trial injections without being captured in audit trails (implies lack of understanding or verification by lab personnel)

• 沒有適當(dāng)選擇或啟用功能，例如，沒有在審計(jì)追蹤中捕獲試驗(yàn)進(jìn)樣（意味著實(shí)驗(yàn)室人員缺乏理解或確認(rèn)）

• Improper configuration of computers or storage devices that can lead to duplication or falsification of data (implies lack of training for IT personnel)

• 計(jì)算機(jī)或存儲設(shè)備的配置不當(dāng)，可能導(dǎo)致數(shù)據(jù)的重復(fù)或偽造（意味著缺乏對IT人員的培訓(xùn)）

• Data losses due to power outage without investigation

• 未調(diào)查停電造成的數(shù)據(jù)損失

• Altering system suitability to make it appear as if the sample failure was caused by an equip-ment malfunction

• 改變系統(tǒng)的適應(yīng)性，使其看起來像是由設(shè)備故障引起的樣品失敗

Off-the-Shelf Software 非專門設(shè)計(jì)軟件

• Data processing scenarios not validated 數(shù)據(jù)處理方式未經(jīng)過驗(yàn)證

• Data calculations not validated 數(shù)據(jù)計(jì)算未驗(yàn)證

• Part 11 compliance assumed or not verified不符合Part11或未驗(yàn)證

• Software version changes incompatible with older files 軟件版本變更導(dǎo)致舊的文件不兼容

Data Handling 數(shù)據(jù)處理

• Trial injections of test samples 試驗(yàn)性進(jìn)樣

• Data integration problems and compromises 數(shù)據(jù)完整性問題以及違規(guī)

• Not reviewing/publishing/enabling audit trails 未審核/發(fā)布/啟用審計(jì)跟蹤

• Not reporting incidents 未報(bào)告事件

• Retesting samples, deleting OOS results, and reporting passing results during stability or to release batches 重新測試樣品，刪除OOS結(jié)果，只報(bào)告合格的結(jié)果用于穩(wěn)定性或批放行

• Data deletions 數(shù)據(jù)刪除

• Data manipulations, such as changing integration, date and time, or method parameters 數(shù)據(jù)操縱，例如改變積分、日期和時(shí)間或方法參數(shù)

• Data not archived 數(shù)據(jù)未存檔

• Data archived on unreadable discs 數(shù)據(jù)存檔在不可讀取的磁盤

• Reviewers unable to detect the problems due to lack of understanding fields

• 由于對相關(guān)數(shù)據(jù)完整性領(lǐng)域缺乏理解，審核人無法發(fā)現(xiàn)問題。

• Aborted sequences 終止序列

• Inhibition of peaks/disregarding peaks without proper scientific justification 沒有適當(dāng)?shù)目茖W(xué)論證，抑制峰/忽略峰