Watch the ERP systems compliance and validation webinar!

Go to Webinar
(312) 207-5800

How to Prepare for an FDA Audit by Using a 21 CFR Part 11 Assessment

The FDA regulation in 21 CFR Part 11, effective since August 20th 1997, describes how companies in FDA-administrated industries need to organize their electronic signatures and electronic records. The records and signatures are not required by the regulation, however,  it does outline the “requirements that must be met by medical device, drug, and biologic manufacturers that do choose to use them, within the context and enforcement parameters of the regulation.” The regulation applies to all types of research, clinical studies, maintenance, manufacturing, and distribution of medical products. 

21 CFR Part 11 assessments focus on six critical areas:

  • Impact of 21 CFR Part 11 on the client's computer systems
  • Identification of the client's computer systems and operating environment
  • Hosting and interpretation of user interviews
  • Review and consideration of client procedures
  • Analysis of procedural documentation, validation and audit data
  • Regulatory significance of the computer systems

The documentation that would be reviewed during the Assessment process would include:

  1. Procedures:
    1. SDLC (Software Development Life cycle) Procedures
    2. Operating Standard Operating Procedures (SOPs), i.e., procedures for using specific software solutions
    3. Data Security Procedures
  • Backup & Recovery
  • Security Administration
  • Operations & Maintenance
  • Change Control
  • Data Archival & Record Retention
  • Disaster Recovery
    1. Training Records
  1. Infrastructure Qualification
    1. Equipment, e.g., server, storage area networks (SANs), etc.
    2. Software, e.g., virtualization
  2. Validation Documentation
    1. Plan, Risk, Requirements
    2. Test Cases (IQ, OQ, PQ)
    3. Trace Matrix
    4. Test Results/Summary Report
  1. Vendor Audits
    1. Vendor Assessments
    2. Auditing software vendors based upon relative risk

Arbour Group 21 CFR Part 11 assessment and remediation services are designed to help clients ensure that electronic records and electronic signatures are trustworthy, reliable, generally equivalent substitutes for paper records and traditional handwritten signatures, and that those functions are in conformance with the requirements of 21 CFR Part 11 compliance.

Let Arbour Group help you prepare for an FDA audit in order to avoid costly and time consuming regulatory mistakes.