No. Question Answer IT Qualification Statement 1 SITE CONTACT
|
|
- Penelope Sanders
- 5 years ago
- Views:
Transcription
1 SITE: Alfred Health Clinical Information System Summary of Key Questions in regards to Electronic Medical Records and Clinical Trials 1 SITE CONTACT 1.1 Name of Systems Administrator/ Security Contact/ Coordinator 2 PHYSICAL SECURITY 2.1 Is the system located in a secure area? 2.2 Are there procedures and controls for physical security, ensuring a controlled environment? 3 ACCESS SECURITY 3.1 Is access limited to authorised staff only? 3.2 Is the system passwordprotected? 3.3 Does each authorised individual have their own unique password? 3.4 Are there procedures and controls for user access security? 3.5 Is there a list of individuals authorised to access each function? Anne Mwagiru Chris Liew Manager, Application Development & Support (tel: a.mwagiru@alfred.org.au), responsible to meet with CernerWorks weekly to discuss operational performance. Information Technology Services (ITS) manages the system, and for the purpose of this audit, is represented by the Manager, Technology Risk & Information Security (tel: c.liew@alfred.org.au) The clinical information system that houses the patient data is remote-hosted in an offsite robust and secure data centre facilities. Physical access is managed by the remote host organisation, CernerWorks. See response to Q 2.1 above. Only authorised users are allowed into the system. Authorisation is via written request approved by department managers. The type of access commensurate with job duties. Access is also granted to honorary appointees authorised by the organisation. Only authorised users can access the system with their unique user name and password. Limited use of generic accounts is only to areas with compensating controls in place, after a risk assessment and special approval is provided. Each user is provided with an individual unique user name and password. The first time one logs in, the system prompts the user to change their password. See response to Q 3.1 to 3.3 above. The system also retains an audit trail of access to system components. A reporting tool can generate the list of individuals authorised for each position type. Date: Version 4.0 (28 Nov 2013) Page 1 of 6
2 3.6 Will the sponsor CRA (clinical research associate) be able to access the data for monitoring? A unique account can be created for the CRA to gain access to the data. Only consenting patients data can be accessed by the CRA. The process is managed by the clinical research coordinator, with a formal request form 3.7 Is the system capable of restricting the CRA s access to ONLY those patient records of sponsor trial participants? 4 BACKUPS & RECOVERY accompanied by an ethics certificate. The assignment of records to the CRA is carried out by the sponsoring department representative (clinical research coordinator). 4.1 Is the system backed up at regular intervals? 4.2 Are there adequate backup, recovery and contingency procedures for data and metadata? 4.3 Is the data in the system backed up (either via a network connection or external hard drive, for example) in case of system failure or loss of data at an appropriate frequency? 4.4 Are the backups kept in a separate, secure location? 4.5 Has the retrieval system been tested and is satisfactory? 4.6 Can this backup data be restored? 4.7 Has the restoration of backup data been tested? 4.8 How often are backups made? How long are they retained by the site? 5 AUDIT TRAIL 5.1 Does the computer system capture changes made to the data? Does an audit trail exist? na System backups including offsite storage to a secured environment. A standby database is synchronized to the production database approximately every 15 minutes. Recovery: Restore Computing System data as required. Testing: Test Cerner Technology Centre recovery procedures. Backups are also stored off-site. A DRP test was carried out in Dec-2012 as part of the Cerner Upgrade completion phase. Testing is part of the Testing: Test Cerner Technology Centre recovery procedures. See response to Q 4.6 above. To date, no clinical records have been purged from the system. All activities to the clinical information system including viewing and modifying records are logged. Reports are available to interrogate user access to specific patient information and system configuration changes. Old audit trail logs can be recovered from backup but requires a longer period to do so. Date: Version 4.0 (28 Nov 2013) Page 2 of 6
3 5.2 Is there a system-generated See response to Q 5.1 above. audit trail? 5.3 Is there an audit trail for See response to Q 5.1 above. capturing changes to information in the system? 5.4 Is the original information as well as the new information still available after the change is made? (Attach example if appropriate) 5.5 Are the audit trail entries date and time-stamped? See response to Q 5.1 above. (sample available) Clinical documentation into Powerforms retains a complete history of old and new data. All audit trail entries are logged based on activity with date and time stamp. 5.6 Does the audit trail indicate who made a change? 5.7 Is the audit trail protected from modification by users? 5.8 Are the audit trail and other security settings protected from being turned off? 5.9 Does the system contain complete records (data, metadata, audit trail, and, as applicable, e-signatures)? 5.10 Can the audit trail be easily viewed and copied? 5.11 If the software version changes, how will historical data be read? 5.12 Can data be modified once saved in the system? 5.13 Can anyone modify data after it is saved in the system? 5.14 Does the audit trail contain? o Old data value o New data value o Name of person making the change o Date & time of change 5.15 Are all changes retained by the system? No All transactions recorded in the audit trail have at least a user name, date/ time stamp and action. Only authorised personnel are allowed to access/ read the audit trail. It is a system function that is built by the software and protected even from the system administrators. This question is partially answered in A 5.1 above. As for e-signatures, the system log records the individual user name, date, and purpose for the signature. Some audit trails are viewable to end-users but only authorised personnel have access to the backend audit trail. Patient-specific audit tools are available to Health Information Services as they are responsible for the patient records. Software version changes do not impact the historical data. Historical data is still accessible. This requirement is important, as we keep all patient information from the commencement of the system (1999). An audit trail is maintained for all activity including modifications and a copy of the original data value is retained. See response to Q 5.12 above A sample can be provided on request. Date: Version 4.0 (28 Nov 2013) Page 3 of 6
4 6 DOCUMENTATION & TRAINING 6.1 If applicable, are operating instructions in place? 6.2 Is there documentation maintained on installation and training? 6.3 Is there documented training for persons that use and maintain the system? 6.4 Is the system documentation maintained appropriately? 6.5 If applicable, has validation been performed and documented. 6.6 Do you have system validation documentation? 6.7 Is there documentation maintained on system maintenance and upgrades? 7 RECORD COLLECTION, STORAGE & RETENTION Usage instructions and training material for end-users (documents and video format) are available in the intranet. Support instructions are available to the IT support staff in the internal department folders and wiki and on the vendor s website. The system also has an online Help Menu for end-users. Classroom training and one-on-one training sessions are scheduled regularly for end-users. Staff can book their training by phone or online. See response to Q 6.1 above. See response to Q 6.1 above. See response to Q 6.1 above. System testing is normally carried out in the development environment prior to implementation in the production environment. Change management is used to control changes made to production overseen by the Change Advisory Board (CAB). Data validation (eg, range checks, etc) is carried out during entry by end-users for data integrity. Validation is also conducted by Health Information Services as part of the batch scanning workflow. Regular reviews are conducted to ensure that end user access accounts are cleaned up and risk assessments are conducted. There are test plans and documentation for validation and user acceptance tests carried out for new systems and major system upgrades. This is to ensure the systems meet the required functional objectives. See response to Q above. 7.1 Is there a process to copy records for regulatory agency inspections? 7.2 What are your electronic record collection and retention practices? 7.3 Is there a policy for addressing the availability of data for a defined retention period? There is a process to allow auditor access to specific patients records. External Auditor access is managed by Health Information Services. As per Alfred Health Records Management and Archiving Policy (compliant with various Public Record Office Victoria VERS and Health Records Act). All patient records have been retained since See response to Q 7.2 above. Date: Version 4.0 (28 Nov 2013) Page 4 of 6
5 8 SYSTEMS & OPERATIONS SECURITY 8.1 Are the computer [system] date and time-controlled? 8.2 Are there procedures to manage and document changes to the system? 8.3 Is there protection from viruses, hackers, etc.? 8.4 Are there Device and/ or Operational Checks as appropriate? 9 ELECTRONIC SIGNATURE 9.1 Are electronic signatures used in the system? 9.2 Does the system allow signing of documents electronically? 9.3 If yes, how is the signing done? (eg, ID & password, electronic pen, fingerprint, ID card swipe, etc) 9.4 When a signature is applied to a record, is it protected from cutting and pasting to other records? 9.5 If e-signatures are used, are there written procedures to hold people accountable for their signature? 9.6 If e-signatures are used, do e-signatures include individual's name, date, and meaning of signature? 9.7 Are there unique identifiers and passwords to access the system? 9.8 Are there measures in place to keep passwords confidential (not shared)? See comments Time synchronisation exists across all integrated systems to ensure time-stamps are correct, and database records are sequenced correctly. This is also required for correct timestamp in the audit trail. There is a formal change management system that receives, manages, rejects or approves changes. Operational practices include version control and documentation within the codes. A robust industry-grade solution is in place with Intrusion Detection/ Protection System, and layered anti-malware security infrastructure. Operational checks, monitors and alerts are on-going to ensure the system is operational 24x7. We have a maintenance window once a month for two to four hours. Electronic signatures are required for electronic order management, referrals, point-of-care scanning and clinical documentation. Users are prompted to validate these actions by entering their password. See response to Q 9.1 above. User name & password See response to Q 9.1 above. This is deemed to be encapsulated in their employment contract, professional ethics and their acceptance of IT Acceptable Use Policy screen which places responsibility in the use of their individual User ID and password. The system logs records the individual's name, date, and meaning of signature. Each user is provided with an individual unique user name and password. The first time one logs in, the system prompts the user to change their password. The IT Security Policy mandates that passwords must not be shared. Password management policy and controls are enforced, eg, regular password change, lock-out on a number of unsuccessful attempts, etc. Date: Version 4.0 (28 Nov 2013) Page 5 of 6
6 9.9 Does the system automatically suspend or log off a user after a specified period of inactivity? This function is available in all areas, and is set to longer periods in physically secured locations, eg, ICU and E&TC and ED to facilitate operations Is access to certain functions controlled based upon the user's role (e.g., read, write, change, delete)? 9.11 Are electronic signatures protected from intentional or unintentional misuse? 9.12 Are the name of the signer and the meaning of the signature displayed? 9.13 When a signed record is altered, is the signature made invalid? 9.14 Is the signature printed (with signer s name, date & time when signature was done) on the document when it is printed? 10 OTHERS System access positions are aligned with job roles and a system access matrix is maintained for this purpose Account applications must stipulate the job position and discipline and be authorised by the end-user s department manager. Electronic signatures require the end-user to enter their unique user name and password. The action by the signer is stored in the system (using name and password) as a record of who carried out the action. The altered record must be re-signed. However, the system retains a complete audit trail of all electronic signatures. The system has several printing options including an option to print an audit trail including the author s details What source data is held on a computer for patients likely to participate in the study? na Original record within the clinical system is the source data. No data is extracted to an external computer for the purpose of the study. Consultation: Anne Mwagiru (Manager, Application Development & Support) David Field (Manager, IT Training) Gajan Varatharajan (Manager, Infrastructure) Chrisa Alexiou (Manager, Senior Operations HIS) Review prepared by Name: CHRIS LIEW Date 15/11/13 Designation: Manager, Technology Risk & Information Security Verified as correct based on the IT qualification statements <by > Name: ROSS BUCHANAN Designation: Director HIS <by > Name: EMILIO POZO Designation: Director ITS & CIO 15/11/13 Date 28/11/13 Date Date: Version 4.0 (28 Nov 2013) Page 6 of 6
GOVERNANCE AES 2012 INFORMATION TECHNOLOGY GENERAL COMPUTING CONTROLS (ITGC) CATALOG. Aut. / Man. Control ID # Key SOX Control. Prev. / Det.
GOVERNANCE 8.A.1 - Objective: Information Technology strategies, plans, personnel and budgets are consistent with AES' business and strategic requirements and goals. Objective Risk Statement(s): - IT Projects,
More informationCHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS
5-1 CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION In accordance with Statements on Auditing Standards Numbers 78 and 94, issued by the American Institute of Certified Public Accountants
More informationCUSTOMER AND SUPPLIER ROLES AND RESPONSIBILITIES FOR 21 CFR 11 COMPLIANCE ASSESSMENT. 21 CFR Part 11 FAQ. (Frequently Asked Questions)
21 CFR Part 11 FAQ (Frequently Asked Questions) Customer and Supplier Roles and Responsibilities for Assessment of METTLER TOLEDO STARe Software Version 16.00, including: - 21 CFR 11 Compliance software
More informationCOMPUTERISED SYSTEMS
ANNEX 11 COMPUTERISED SYSTEMS PRINCIPLE This annex applies to all forms of computerised systems used as part of a GMP regulated activities. A computerised system is a set of software and hardware components
More informationGuidance for Industry - Computerized Systems Used in Clinical Trials
Page 1 of 14 Regulatory Information Computerized Systems Used in Clinical Trials Guidance for Industry - Computerized Systems Used in Clinical Trials
More informationComputer System Validation Perform a Gap Analysis of your CSV Processes
Computer System Validation Perform a Gap Analysis of your CSV Processes Chris Wubbolt, QACV Consulting Computer and Software Validation Conference April 27, 2017 www.qacvconsulting.com 1 Objectives Computer
More informationClarity CDS since version 7.2 supportive tools for compliance with Title 21 CFR Part 11, EudraLex Chapter 4, Annex 11 and other similar legislation
Clarity CDS since version 7.2 supportive tools for compliance with Title 21 CFR Part 11, EudraLex Chapter 4, Annex 11 and other similar legislation Datasheet Introduction US Part 11 in Title 21 of Code
More informationSOX 404 & IT Controls
SOX 404 & IT Controls IT Control Recommendations For Small and Mid-size companies by Ike Ugochuku, CIA, CISA TLK Enterprise 2006, www.tlkenterprise.com INTRODUCTION Small, medium, and large businesses
More informationEnsure Data Integrity Compliance Enterprise-Wide
Ensure Data Integrity Compliance Enterprise-Wide PharmaQual 360 º Conference February 24, 2017 Chris Wubbolt QACV Consulting, LLC www.qacvconsulting.com 1 Objectives What is data integrity and the definition
More informationSIMATIC IT. SIMATIC IT R&D SUITE V7.1 Compliance Response ERES. Introduction 1. The Requirements in Short 2
Introduction 1 The Requirements in Short 2 SIMATIC IT Meeting the Requirements with SIMATIC IT R&D Suite V7.1 3 SIMATIC IT R&D SUITE V7.1 Evaluation List for SIMATIC IT R&D Suite V7.1 4 Product Information
More informationEUROPEAN COMMISSION HEALTH AND CONSUMERS DIRECTORATE-GENERAL. EudraLex The Rules Governing Medicinal Products in the European Union
EUROPEAN COMMISSION HEALTH AND CONSUMERS DIRECTORATE-GENERAL Public Health and Risk Assessment Pharmaceuticals Brussels, SANCO/C8/AM/sl/ares(2010)1064599 EudraLex The Rules Governing Medicinal Products
More informationQuestionnaire. Identity Management Maturity Scan for SWITCHaai. Thomas Lenggenhager, SWITCH Thomas Siegenthaler & Daniela Roesti, CSI Consulting AG
Questionnaire Identity Management Maturity Scan for SWITCHaai Thomas Lenggenhager, SWITCH Thomas Siegenthaler & Daniela Roesti, CSI Consulting AG Version: V2.1 Created: 19. Aug. 2011 Last change: 13. Nov.
More informationPTC s Windchill Product Lifecycle Management (PLM) System Facilitates Part 11 / Annex 11 Compliance
PTC s Product Lifecycle Management (PLM) ystem Facilitates Part 11 / Annex 11 Compliance A White Paper by: Diane Gleinser, r. VP olutions and ervices, UDM Life ciences Michael Prudhomme, olution Director,
More informationSummary of Significant Changes. Policy
This Policy replaces POL251/1 Copy Number Effective 03/04/17 Summary of Significant Changes Addition of requirements of 2016 review of Guidance by MHRA, ALCOA+, and documents related to Policy The purpose
More informationOracle Tech Cloud GxP Position Paper December, 2016
Oracle Tech Cloud GxP Position Paper Page 1 of 29 Oracle Tech Cloud GxP Position Paper December, 2016 Prepared By: Subbu Viswanathan, Head of Solutions Reviewed By: David Blewitt, VP Cloud Compliance Oracle
More informationExternal Supplier Control Obligations. Records Management
External Supplier Control Obligations Records Management Page 1 Governance and Roles and The Supplier must define and communicate roles and responsibilities for Records Records Management requires high-level
More informationU.S. FDA TiTle 21 CFR PART 11 ComPliAnCe ASSeSSmenT of SAP SRm
U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP SRM Disclaimer These materials are subject to change without notice. SAP AG s compliance analysis with respect to SAP software performance based
More informationAtlant s atwatch CAPA TM. Corrective and Preventive Action System (CAPA) Product & Services Bundle for
Corrective and Preventive Action System (CAPA) Product & Services Bundle for Atlant s atwatch CAPA TM Atlant Systems, Inc. (781)325-8157 team@atlantsystems.com Effectively Manage CAPAs Globally According
More informationStandard Operating Procedures
Auditing of a Technology Vendor Checklist This checklist is intended to be a guide to planning your next audit. The items here should be evaluated for completeness. It is crucial for both Quality and the
More informationComputerised Systems. Alfred Hunt Inspector. Wholesale Distribution Information Day, 28 th September Date Insert on Master Slide.
Computerised Systems Wholesale Distribution Information Day, Alfred Hunt Inspector Date Insert on Master Slide Slide 1 Index What is a computerised system Updates to EU GDPs Expectations Case studies Slide
More informationCompliance Response Electronic Records / Electronic Signatures for COMOS V10.0
Compliance Response Electronic Records / Electronic Signatures for COMOS V10.0 SIEMENS AG Industry Sector I IA VSS Pharma D-76187 Karlsruhe, Germany E-mail: pharma@siemens.com November 2013 SIEMENS AG
More informationInternal Audit Report Review of Controls Operating over Accounts Payable. Issued: 21 February 2018 Final Report
Audit Committee Tuesday 13 March 2018 Item No: 5.2 Internal Audit Report Review of Controls Operating over Accounts Payable Issued: 21 February 2018 Final Report Level of Assurance The overall control
More informationElectronic I-9 Documentation Guardian Electronic I-9 and E-Verify Compliance with 8 CFR 274a.2
Electronic I-9 Documentation Guardian Electronic I-9 and E-Verify Compliance with 8 CFR 274a.2 Abstract This document may be provided to Immigration and Customs Enforcement (ICE) in connection with a Form
More informationDocumenta tion and Records
Documenta tion and Records Page 1 of 30 Training Outcome of the Module: After completing this module, you will be able to: Recognize the importance of procedures Recognize the importance of record keeping
More informationEU GMP - Annex 11 Computerised systems Versione corrente Nuova versione per commenti (emessa 8 aprile 2008)
EU GMP - Annex 11 Computerised systems Versione corrente Nuova versione per commenti (emessa 8 aprile 2008) Principle The introduction of computerised systems into systems of manufacturing, including storage,
More informationValidation of MES and Manufacturing Automation systems
Validation of MES and Manufacturing Automation systems The FDA Group Presentation APRIL 26, 2017 Chinmoy Roy, B.S. (Hons.) MSCS Industry Consultant 1 Agenda What is a MES Validation concepts Validation
More informationEU Annex 11 US FDA 211, 820, 11; other guidelines Orlando López 11-MAY-2011
Principle. a. This annex applies to all forms of computerised systems used as part of a GMP regulated activities. A computerised system is a set of software and hardware components which together fulfill
More informationRegulatory Overview Annex 11 and Part 11. Sion Wyn Conformity +[44] (0)
Regulatory Overview Annex 11 and Part 11 Sion Wyn Conformity +[44] (0) 1492 642622 sion.wyn@conform-it.com 1 Two Key Regulations Annex 11 21 CFR Part 11 Apply to the regulated company, but often have a
More informationThe Role of the LMS in 21 CFR Part 11 Compliance
The Role of the LMS in 21 CFR Part 11 Compliance Co-author: Dr. Bob McDowall, Director R.D. McDowall Limited ABSTRACT The purpose of this white paper is to describe how NetDimensions Learning addresses
More informationRecords Management Plan
Records Management Plan October 2014 1 2 Document control Title The Scottish Funding Council Records Management Plan Prepared by Information Management and Security Officer Approved internally by Martin
More informationEUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL. EudraLex The Rules Governing Medicinal Products in the European Union
EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL Consumer goods Pharmaceuticals Brussels, 08 April 2008 EudraLex The Rules Governing Medicinal Products in the European Union Volume 4 EU
More informationE-CRB System specification
On behalf of Bi or Tri Borough CRB Partnerhip Appendix A E-CRB System specification July 2012 Requirement Scope Functional Requirements Validation of Application Data Processing of Applications User Administration
More informationAmerican Well Hosting Operations Guide for AmWell Customers. Version 7.0
American Well Hosting Operations Guide for AmWell Customers Version 7.0 October 31, 2016 Contents Introduction... 4 Scope and Purpose... 4 Document Change Control... 4 Description of Services... 5 Data
More informationReferences Concept. Principle. EU Annex 11 US FDA , (g), (i), 11 Orlando Lopez 2/15/11. Old Annex 11.
References Concept Principle a. This annex applies to all forms of computerised systems used as part of a GMP regulated activities. A computerised system is a set of software and hardware components which
More informationGeneral Government and Gainesville Regional Utilities Vendor Master File Audit
FINAL AUDIT REPORT A Report to the City Commission General Government and Gainesville Regional Utilities Vendor Master File Audit Mayor Lauren Poe Mayor Pro-Tem Adrian Hayes-Santos Commission Members David
More informationISPE NORDIC COP CLEAN UTILITIES SEPTEMBER TUUSULA FINLAND. Timo Kuosmanen STERIS Finn-Aqua
ISPE NORDIC COP CLEAN UTILITIES SEPTEMBER 7 2016 TUUSULA FINLAND Timo Kuosmanen STERIS Finn-Aqua Timo_Kuosmanen@steris.com AUDIT TRAIL IN CRITICAL UTILITIES MONITORING CURRENT TRENDS CONTENTS BACKGROUND
More informationInternal Control Checklist
Instructions: The may be used to document a review of the existing procedures and activities that make up your internal control system, or serve as a guide in developing additional controls. The provides
More informationGood Laboratory Practice. GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC STANDARD OPERATING PROCEDURES (SOPs) IN A GLP ENVIRONMENT
AGIT: Swiss Working Group on Information Technology in a GLP Environment Good Laboratory Practice GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC STANDARD OPERATING PROCEDURES (SOPs) IN A GLP ENVIRONMENT Release
More informationSEDIBENG TVET COLLEGE GROW WITH THE FLOW COLLEGE COUNCIL PAID POSTS
SEDIBENG TVET COLLEGE GROW WITH THE FLOW COLLEGE COUNCIL PAID POSTS The College Council of Sedibeng TVET College hereby invites applications from suitably qualified persons to fill the following three
More informationAsset Tracking Solutions. Partial Controls and Features
Partial Controls and Features Cloud Hosting and Data Storage- No servers required - Allows you to focus on running your business. GPS On scan GPS location data captured Audit Data Timestamped to ensure
More informationWhite paper: Code of GMP Chapter 4 Documentation - PIC/S versus EU
White paper: Code of GMP Chapter 4 Documentation - PIC/S versus EU Numerous articles are available comparing the current and previous EU Code of GMP Chapter 4: Documentation, but no comparison exists between
More informationCompliance Response Electronic Records / Electronic Signatures (ERES) for SIMATIC PCS 7 V8.1
Compliance Response Electronic Records / Electronic Signatures (ERES) for SIMATIC PCS 7 V8.1 SIEMENS AG Industry Sector VSS Pharma D-76187 Karlsruhe, Germany E-Mail: pharma@siemens.com March 2015 A5E35829023-AA
More informationCOMPUTER SYSTEMS VALIDATION
COMPUTER SYSTEMS VALIDATION DOCUMENT NO.: POL007 v1.0 AUTHOR: Lorn Mackenzie ISSUE DATE: 04 AUG 2017 1 INTRODUCTION 1.1 The Academic & Clinical Central Office for Research & Development (ACCORD) is a joint
More informationScreenMaster RVG200 Paperless recorder
Technical description TD/RandC/016 EN ScreenMaster RVG200 Paperless recorder RVG200 and AMS2750 in the heat treatment industry Measurement made easy Introduction AMS2750 (Aerospace Material Specification)
More informationWHAT S NEW IN PASTEL EVOLUTION VERSION 6.60
WHAT S NEW IN PASTEL EVOLUTION VERSION 6.60 Softline Pastel s continuous investment in research and development ensures that you are kept up to date with the latest and most cutting-edge business management
More informationControl Self Assessment Questionnaire
Control Self Assessment Questionnaire (31 Questions) 1. The department documents the monthly reconciliation of its Lynx finance accounts and reports. A yes answer indicates that the department has written
More informationHP Agile Manager. Key Benefits. At a glance. Project Management. Key Software Capabilities. Administration. Enterprise SaaS.
Datasheet HP Agile Manager At a glance HP Agile Manager ( AGM ) is an on-demand Software-as-a-Service (SaaS) solution for Agile Project Management. HP Agile Manager software acts as the communication hub
More informationPREDICTIVE INTELLIGENCE SECURITY, PRIVACY, AND ARCHITECTURE
PREDICTIVE INTELLIGENCE SECURITY, PRIVACY, AND ARCHITECTURE Last Updated: May 6, 2016 Salesforce s Corporate Trust Commitment Salesforce is committed to achieving and maintaining the trust of our customers.
More informationRetail Payment Systems Internal Control Questionnaire
Retail Payment Systems Internal Control Questionnaire Completed by: Date Completed: POLICIES AND PROCEDURES 1. Has the board of directors, consistent with its duties and responsibilities, adopted formal
More informationEU Annex 11 US FDA , (g), (i), 11 Orlando López 09-APR
Principle. a. This annex applies to all forms of computerised systems used as part of a GMP regulated activities. A computerised system is a set of software and hardware components which together fulfill
More informationHICAPS and Medicare Integration
HICAPS and Medicare Integration Visual Outcomes now includes integration of HICAPS and Medicare payment methods for clients. Setting up your HICAPS Terminal Please call HICAPS and organise for a terminal
More informationStandard Operating Procedures (SOP) Research and Development Office
Standard Operating Procedures (SOP) Research and Development Office Title of SOP: Essential Documentation and Creation and Maintenance of Trial Master File SOP Number: 13 Version Number: 2.0 Supercedes:
More information10 "Must-Haves" for the Life Sciences Learning Management System
10 "Must-Haves" for the Life Sciences Learning Management System Why the Life Sciences LMS Needs to Demonstrate Record Control UL talks to many Life Sciences companies that are exploring learning and development
More informationANCHOR ISO9001:2008 RPR-002 MARINE SERVICES REQUIRED PROCEDURE RECORDS CONTROL
RECORD CONTROL (4.2.4) Document Control Revision History PAGE REASON FOR CHANGE REV. REVIEWER / AUTHORISED BY: ALL ALL RELEASE DATE: Revision Approval: J.BENTINK Signature: Date: 20/02/17 Revision: B UNCONTROLLED
More informationRESEARCH AUDIT Standard Operating Procedure
Reference Number: UHB 236 Version Number: 2 Date of Next Review: 17 th Oct 2020 Previous Trust/LHB Reference Number: N/A RESEARCH AUDIT Standard Operating Procedure Introduction and Aim As a legal Sponsor
More informationInternal Control and the Computerised Information System (CIS) Environment. CA A. Rafeq, FCA
Internal Control and the Computerised Information System (CIS) Environment CA A. Rafeq, FCA 1 Agenda 1. Internal Controls and CIS Environment 2. Planning audit of CIS environment 3. Design and procedural
More informationStudy Files and Filing
Study Files and Filing The current version of all Hillingdon Hospital R&D Guidance Documents and Standard Operating Procedures are available from the R&D Intranet and Internet sites: www.ths.nhs.uk/departments/research/research.htm
More informationService Level Agreement - REDCap University of Alabama at Birmingham Department of Medicine
Service Level Agreement - REDCap University of Alabama at Birmingham Department of Medicine Document Title: DOM IT REDCap SLA Document number: DOM_IT_REDCap_01 Created on: 11-15-2018 Effective Date: 01-01-2019
More informationSTANDARD OPERATING PROCEDURE
STANDARD OPERATING PROCEDURE Title Reference Number Maintaining Study Files SOP-RES-014 Version Number 2 Issue Date 08 th Dec 2015 Effective Date 22 nd January 2016 Review Date 22 nd January 2018 Author(s)
More informationApriso and FDA 21 CFR Part 11
Apriso and FDA 21 CFR Part 11 JUNE 2010 Table of Contents Executive Summary... 3 Introduction... 4 What is Compliance?... 4 Cost Effective Compliance... 4 Apriso and 21 CFR Part 11... 5 Part 11: Electronic
More informationSIMPLE FUND 360: AN AUDITORS GUIDE. Australia s leading cloud SMSF admin solution AN AUDITORS GUIDE.
Australia s leading cloud SMSF admin solution AN AUDITORS GUIDE www.bglcorp.com Prepared by BGL Corporate Solutions Pty Ltd March 2018 CONTENTS 1.0 Overview of BGL s Web Applications 2.0 Data Sources and
More informationComputerised System Validation
Computerised System Validation Considerations for the Validation Lifecycle Paul Moody GMP Conference 12 th November 2014 Regulatory References EU GMP Annex 11 (2011) http://ec.europa.eu/health/files/eudralex/vol-4/annex11_01-2011_en.pdf
More informationEpicor Cloud ERP Services Specification Single Tenant SaaS and Single Tenant Hosting Services (Updated July 31, 2017)
Epicor Cloud ERP Services Specification Single Tenant SaaS and Single Tenant Hosting Services (Updated July 31, 2017) GENERAL TERMS & INFORMATION A. GENERAL TERMS & DEFINITIONS 1. This Services Specification
More informationIntland s Medical IEC & ISO Template
Intland s Medical IEC 62304 & ISO 14971 Template Intland s Medical IEC 62304 & ISO 14971 Template codebeamer ALM for Medical Device Development Intland s Medical IEC 62304 & ISO 14971 Template Medical
More informationData Integrity Why is it important? DADM Conference - 22 August 2017
Data Integrity Why is it important? DADM Conference - 22 August 2017 Maibritt Haugaard Møller, System Validation Expert Mette Ravn, Vice President, Data Management, IT and System Validation Overview of
More informationSarbanes-Oxley Compliance Kit
Kit February 2018 This product is NOT FOR RESALE or REDISTRIBUTION in any physical or electronic format. The purchaser of this template has acquired the rights to use it for a SINGLE Disaster Recovery
More informationDovico Planning & Timesheet v4 BEST PRACTICES
Dovico Planning & Timesheet v4 Dovico Planning & Timesheet v4 Audience and Context This document is intended to help clients plan the configuration and use of Dovico Planning & Timesheet. It is to be used
More informationAdministration & Security Essentials FOR MICROSOFT DYNAMICS AX 2012 R3
Administration & Security Essentials FOR MICROSOFT DYNAMICS AX 2012 R3 Table of Contents Course Details 1 Prerequisites 1 Course Outline 4 Agenda 11 Course Details This five-day instructor-led course provides
More informationU.S. FDA TiTle 21 CFR PART 11 ComPliAnCe ASSeSSmenT of SAP ReCiPe management
U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Recipe Management Copyright 2007 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for
More informationCREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 04/29/2016
CREDIT CARD MERCHANT PROCEDURES MANUAL Effective Date: 04/29/2016 Updated: April 29, 2016 TABLE OF CONTENTS Introduction... 1 Third-Party Vendors... 1 Merchant Account Set-up... 2 Personnel Requirements...
More informationAEO APPLICATION AND SELF ASSESSMENT FORM
AEO APPLICATION AND SELF ASSESSMENT FORM I would like to apply for accreditation to the Authorised Economic Operator (AEO) Programme that you offer. I take cognisance of all the conditions listed below
More informationHSCIC Audit of Data Sharing Activities:
Directorate / Programme Data Dissemination Services Project Data Sharing Audits Status Approved Director Terry Hill Version 1.0 Owner Rob Shaw Version issue date 20/04/2016 HSCIC Audit of Data Sharing
More informationTHE UNIVERSITY OF GEORGIA INTERNAL AUDITING DIVISION INTERNAL CONTROL QUESTIONNAIRE GENERAL
GENERAL BACKGROUND MATERIAL A. Please provide an organization chart which shows lines of authority and responsibility for the unit. B. What department code(s) does your Office manage? C. Who is the contact
More informationData Integrity: Production Environment
Data Integrity: Production Environment MANUAL AND AUTOMATED SYSTEMS Ciara Turley GMP Conference 12 th November 2014 Content GMP Guide requirements and application to processing equipment Security Audit
More informationAiden and Glover Limited
Request for Proposal for a Biometric Employee Time and Attendance Management System Submittal Deadline: July 7 th, 2017 Aiden and Glover Limited invites qualified vendors to submit responses to its Request
More informationCA M.R. (Abhay) Mate WELCOME
WELCOME STEP BY STEP APPROACH TOWARDS INFORMATION SYSTEMS(IS)AUDIT Presentation by CA Madhav(Abhay) Mate (B.Com, F.C.A. DISA) What is an Information Systems Audit? IS audit focuses on the computer-based
More informationINFORMATION BULLETIN No. 173
Bulletin No. 173 Revision No. 01 Issue Date 29 th January 2018 Effective Date 01 Mar 2018 INFORMATION BULLETIN No. 173 Electronic Record Keeping Systems Guidance and Instructions for Bahamas Recognised
More informationESSENTIAL DOCUMENTS DURING THE CLINICAL CONDUCT OF THE TRIAL
ESSENTIAL DOCUMENTS DURING THE CLINICAL CONDUCT OF THE TRIAL THIS INFORMATION SHEET (ISR-RG-014) HAS BEEN TAKEN DIRECTLY FROM THE ICH- GUIDELINE* WITH ADDITIONAL COMMENTS ADDED BY THE RESEARCH GOVERNANCE
More informationASSESSMENT AND EVALUATION OF THE CITY OF PHILADELPHIA S INFORMATION TECHNOLOGY GENERAL CONTROLS FISCAL 2016
ASSESSMENT AND EVALUATION OF THE CITY OF PHILADELPHIA S INFORMATION TECHNOLOGY GENERAL CONTROLS FISCAL 2016 Charles J. Brennan Chief Information Officer Office of Innovation and Technology 1234 Market
More informationProduct Overview. KIVA Respect 7 unified Teller (ut) Four Key Product Components
Tellers have more personal contact with your customers than any other job function in the organization. Doesn t it make sense for them to play a key role in your customer relationship management (CRM)
More informationNATIONAL HEAVY VEHICLE ACCREDITATION SCHEME BASIC FATIGUE MANAGEMENT AUDIT MATRIX
NATIONAL HEAVY VEHICLE ACCREDITATION SCHEME BASIC FATIGUE MANAGEMENT AUDIT MATRIX Operator name Location of audit Auditor name Audit Date: / / PURPOSE For the purposes of accreditation, the Basic Fatigue
More informationINFORMATION BULLETIN No. 173
Bulletin No. 173 Revision No. 00 Issue Date 12 Jan 2018 Effective Date 01 Mar 2018 INFORMATION BULLETIN No. 173 Electronic Record Keeping Systems Guidance and Instructions for Bahamas Recognised Organisations,
More informationAdministration & Security Essentials
Administration & Security Essentials Microsoft Dynamics AX 2012 R3 Atlanta I Denver I San Francisco I St. Louis I Toronto Table of Contents Course Details 1 Prerequisites 3 Course Outline 4 Agenda 12 Course
More informationServices for Assessment, Designing and Implementation of IT Governance Framework
[Abstract] BIDDING DOCUMENT Services for Assessment, Designing and Implementation of IT Governance Framework June, 2018 General Services Department, House Building Finance Company Limited) 3 rd Floor,
More informationNEWCASTLE CLINICAL TRIALS UNIT STANDARD OPERATING PROCEDURES
NEWCASTLE CLINICAL TRIALS UNIT STANDARD OPERATING PROCEDURES SOP details SOP title: Trial Master File & Investigator Site File SOP number: TM 001 SOP category: Trial Management Version number: 03 Version
More informationNATIONAL HEAVY VEHICLE ACCREDITATION SCHEME ADVANCED FATIGUE MANAGEMENT AUDIT MATRIX
NATIONAL HEAVY VEHICLE ACCREDITATION SCHEME ADVANCED FATIGUE MANAGEMENT AUDIT MATRIX Operator name Location of audit Auditor name Audit Date: / / PURPOSE For the purposes of accreditation, the Advanced
More informationISAE 3402 Type 2. Independent auditor s report on general IT controls regarding operating and hosting services for to
Deloitte Statsautoriseret Revisionspartnerselskab CVR no. 33 96 35 56 Weidekampsgade 6 P.O. Box 1600 0900 Copenhagen C Denmark Phone +45 36 10 20 30 Fax +45 36 10 20 40 www.deloitte.dk IT Relation A/S
More informationProducts Register User Guide
Products Register User Guide 1 Products Register - User Guide Contents General: Products Register: Purpose Scope Outline of roles, workflow and records Guidance: Description of key roles User access and
More informationCorrective and Preventive Action System (CAPA) Product & Services Bundle for Winchester s adwatch CAPA TM. Life Sciences Companies
Life Sciences Companies Corrective and Preventive Action System (CAPA) Product & Services Bundle for Winchester s adwatch CAPA TM Effectively Manage CAPAs Globally According to regulations, all companies
More informationKPMG LLP 2001 M Street, NW Washington, DC 20036
KPMG LLP 2001 M Street, NW Washington, DC 20036 The Members of the Board of Directors Washington Metropolitan Area Transit Authority: We have audited the financial statements of the Washington Metropolitan
More informationDATA QUALITY POLICY. Version: 1.2. Management and Caldicott Committee. Date approved: 02 February Governance Lead
DATA QUALITY POLICY Version: 1.2 Approved by: Date approved: 02 February 2016 Name of Originator/Author: Name of Responsible Committee/Individual: Information Governance, Records Management and Caldicott
More informationFlorida Department of Highway Safety and Motor Vehicles Office of Inspector General
Source of Audit: Auditor General Report Number: 2014-183 Report Title: Information Technology Operational Audit Finding No. 1: Data-Entry Procedures Department data-entry procedures to ensure that all
More informationServing Patients is a Privilege
Serving Patients is a Privilege This Privilege Comes with Significant Responsibilities Understanding Requirements for Data Integrity How to Develop a Data Integrity Program Including Data Integrity with
More informationUse of computerised equipment, software and systems in clinical research
Standard Operating Procedures (SOP) for: Use of computerised equipment, software and systems in clinical research SOP Number: 38a Version Number: 1.0 Effective Date: 21/3/16 Review Date: 21/8/17 Author:
More information21 CFR Part 11 A Risk Management Perspective
21 CFR Part 11 A Risk Management Perspective Patrick D. Roche 07 March 2003, Washington D.C. Proposed Agenda Recent 21 CFR Part 11 Developments Risk Management Perspective Potential Integration with other
More informationSuccess in Joint Ventures: Sustained Compliance and Audit Oversight
Success in Joint Ventures: Sustained Compliance and Audit Oversight Gene DeLaddy, CIA Senior Vice President, Chief Compliance & Privacy Officer, Chief Audit Executive Dave Pyland, CPA Director, Internal
More informationReport on controls over Devon Funds Management Limited s investment management services. For the period from 1 January 2014 to 31 December 2014
Report on controls over Devon Funds Management Limited s investment management services For the period from 1 January 2014 to 31 December 2014 Description of Investment Management Services, Controls
More informationPaperless recorders and 21 CFR part 11 compliance Videographic recorders
Sales guide SG/RandC/002 EN Paperless recorders and 21 CFR part 11 compliance Videographic recorders Introduction Today's manufacturing environment is becoming more regulated than ever and the most well
More informationDovico Timesheet Hosted - May 2014 BEST PRACTICES
Hosted - May 2014 Audience and Context This document is intended to help clients plan the configuration and use of Dovico Timesheet. It is to be used as a guide since the diversity of circumstances and
More informationEntrepreneur. Getting Started
Entrepreneur Getting Started G u i d e Entrepreneur Getting Started 1 Setting Up Your Company 5 Setting Up Customers & Suppliers 14 Setting Up Items 17 Essential Tasks 18 Reporting 23 System Administration
More information