|
Regulation, Specification, or Guidance
|
Requirement
|
7 CFR Part 331.17
9 CFR Part 121.17
21 CFR Part 11.10 (e)
21 CFR Part 11.70
21 CFR Part 58.130 (e)
42 CFR Part 73.17
42 CFR Part 493.1251 (d)
ASTM E1578-18 C-4-7
ASTM E1578-18 E-2-1
EPA ERLN Laboratory Requirements 4.9.1 and 4.9.7
E.U. Annex 11-9
E.U. Annex 11-14
OECD GLP Principles 8.3.5
USDA Data and Instrumentation for PDP 8.1.3
|
9.1 The system shall accurately and consistently capture and add a time and date to created electronic records, as well as any modifications made to them. The system shall also prompt the user to enter a mandatory reason for any change made to a record.
|
21 CFR Part 11.10 (e)
21 CFR Part 11.70
21 CFR Part 58.130 (e)
21 CFR Part 211.68
21 CFR Part 211.100
21 CFR Part 211.160 (a)
21 CFR Part 211.188
21 CFR Part 211.194
45 CFR Part 170.315 (d)
ASTM E1578-18 E-2-2
CJIS Security Policy 5.4.1.1
CJIS Security Policy Appendix G.5
EPA ERLN Laboratory Requirements 4.9.1 and 4.9.7
E.U. Annex 11-9
E.U. Annex 11-12.4
E.U. Annex 11-14
E.U. Commission Directive 2003/94/EC Article 9.2
NIST 800-53, Rev. 4, AC-2(4) and AC-6(9)
NIST 800-53, Rev. 4, AU-2 and AU-3
OECD GLP Principles 8.3.5
WHO Technical Report Series, #986, Annex 2, 15.7 and 15.9
|
9.2 The system shall document in the audit trail any event—including administrative and privileged functions—that creates, modifies, and deletes data, including user accounts, passwords, files, directories, logs, and other system resources.
|
21 CFR Part 11.10 (e)
21 CFR Part 11.70
21 CFR Part 58.130 (e)
21 CFR Part 211.68
21 CFR Part 211.100
21 CFR Part 211.160 (a)
21 CFR Part 211.188
21 CFR Part 211.194
42 CFR Part 493.1274
45 CFR Part 170.315 (d)
ASTM E1578-18 E-2-3
CJIS Security Policy 5.4.1.1
E.U. Annex 11-12.4
E.U. Annex 11-14
E.U. Commission Directive 2003/94/EC Article 9.2
NIST 800-53, Rev. 4, AU-3 and AU-8
OECD GLP Principles 8.3.5
USDA Data and Instrumentation for PDP 8.1.4
WHO Technical Report Series, #986, Annex 2, 15.7 and 15.9
|
9.3 The system's audit trail shall document the date, time, and user associated with a given event, as well as whether the event succeeded or failed.
|
21 CFR Part 11.10 (e)
21 CFR Part 11.70
21 CFR Part 58.130 (e)
21 CFR Part 211.68
21 CFR Part 211.100
21 CFR Part 211.160 (a)
21 CFR Part 211.188
21 CFR Part 211.194
45 CFR Part 170.315 (d)
ASTM E1578-18 E-2-4
EPA ERLN Laboratory Requirements 4.8.6
E.U. Annex 11-14
E.U. Commission Directive 2003/94/EC Article 9.2
NIST 800-53, Rev. 4, AU-3
OECD GLP Principles 8.3.5
WHO Technical Report Series, #986, Annex 2, 15.7 and 15.9
|
9.4 The system's audit trail shall document the previous and current value of a modified field.
|
21 CFR Part 11.10 (e)
21 CFR Part 11.70
21 CFR Part 58.130 (e)
21 CFR Part 211.194
42 CFR Part 493.1251 (d)
45 CFR Part 164.310
ASTM E1578-18 E-2-5
EPA ERLN Laboratory Requirements 4.8.6
E.U. Annex 11-14
OECD GLP Principles 8.3.5
|
9.5 The system shall provide electronic signature support to users who require the review, approval, rejection, modification, or disposition of a record.
|
21 CFR Part 11.70 E.U. Annex 11-14
|
9.6 The system shall prevent a user from copying and pasting the electronic signature of another user.
|
21 CFR Part 11.10 (e)
21 CFR Part 58.130 (e)
42 CFR Part 493.1274 (d)
E.U. Annex 11-9
NIST 800-53, Rev. 4, AU-6 and AU-12
OECD GLP Principles 8.3.5
|
9.7 The system shall be able to generate a complete and accurate copy of the audit trail in a human-readable and printable format.
|