FDA 21 CFR Part 11 establishes the criteria under which electronic records and electronic
signatures are considered trustworthy, reliable, and equivalent to paper records and
handwritten signatures. Any organization that creates, modifies, maintains, archives,
retrieves, or transmits electronic records under FDA predicates must comply.
This checklist covers the specific requirements of Subpart B (Electronic Records, Sections
11.10 through 11.70) and Subpart C (Electronic Signatures, Sections 11.100 through 11.300).
Use it during vendor evaluation, internal system audits, or pre-inspection preparation.
Prepared by: _______________________
Date: _______________________
System: _______________________
System validation: the system has been validated to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records.
11.10(a)
The system can generate accurate and complete copies of records in both human-readable and electronic form suitable for inspection, review, and copying by the agency.
11.10(b)
Records are protected and can be readily retrieved throughout the required retention period.
11.10(c)
System access is limited to authorized individuals only.
11.10(d)
Secure, computer-generated, time-stamped audit trails are in place to independently record the date and time of operator entries and actions that create, modify, or delete electronic records.
11.10(e)
Audit trail entries include previously recorded information when records are changed (original values are preserved, not overwritten).
11.10(e)
Audit trail documentation is retained for a period at least as long as that required for the subject electronic records and is available for agency review and copying.
11.10(e)
Operational system checks are used to enforce permitted sequencing of steps and events, as appropriate.
11.10(f)
Authority checks are used to ensure that only authorized individuals can use the system, electronically sign records, access the operation or computer system input or output device, alter a record, or perform the operation at hand.
11.10(g)
Device checks (e.g., terminal) are used to determine the validity of the source of data input or operational instruction, as appropriate.
11.10(h)
Persons who develop, maintain, or use electronic record/electronic signature systems have the education, training, and experience to perform their assigned tasks.
11.10(i)
Written policies hold individuals accountable and responsible for actions initiated under their electronic signatures, to deter record and signature falsification.
11.10(j)
Adequate controls exist over the distribution of, access to, and use of documentation for system operation and maintenance.
11.10(k)
Revision and change control procedures are in place to maintain an audit trail that documents time-sequenced development and modification of systems documentation.
11.10(k)
Signed electronic records contain information associated with the signing that clearly indicates the printed name of the signer.
11.50(a)
Signed electronic records contain the date and time when the signature was executed.
11.50(a)
Signed electronic records contain the meaning (such as review, approval, responsibility, or authorship) associated with the signature.
11.50(a)
The signature manifestation information (name, date/time, meaning) is subject to the same controls as for electronic records and is included as part of any human-readable form of the electronic record (such as electronic display or printout).
11.50(b)
Each electronic signature is unique to one individual and is not reused by, or reassigned to, anyone else.
11.100(a)
The identity of the individual is verified before the organization establishes, assigns, certifies, or otherwise sanctions an individual's electronic signature or any element of such electronic signature.
11.100(a)
Persons using electronic signatures have, prior to or at the time of such use, certified to the agency that the electronic signatures in their system are intended to be the legally binding equivalent of traditional handwritten signatures.
11.100(c)
The certification is submitted in paper form and signed with a traditional handwritten signature to the FDA Office of Regional Operations.
11.100(c)
Electronic signatures that are not based on biometrics employ at least two distinct identification components such as an identification code and password.
11.200(a)(1)
When an individual executes a series of signings during a single, continuous period of controlled system access, the first signing is executed using all electronic signature components. Subsequent signings are executed using at least one component designed to be used only by that individual.
11.200(a)(1)(i)
When an individual executes one or more signings not performed during a single, continuous period of controlled system access, each signing is executed using all electronic signature components.
11.200(a)(1)(ii)
Electronic signatures based on biometrics are designed to ensure they cannot be used by anyone other than their genuine owners.
11.200(b)
Controls are in place to maintain the uniqueness of each combined identification code and password, such that no two individuals have the same combination of identification code and password.
11.300(a)
Identification codes and passwords are periodically checked, recalled, or revised (e.g., to cover such events as password aging).
11.300(b)
Loss management procedures are followed to electronically deauthorize lost, stolen, missing, or otherwise potentially compromised tokens, cards, and other devices that bear or generate identification code or password information. Temporary or permanent replacements are issued using suitable, rigorous controls.
11.300(c)
Transaction safeguards are in place to prevent unauthorized use of passwords and/or identification codes, and to detect and report in an immediate and urgent manner any attempts at their unauthorized use to the system security unit and, as appropriate, to organizational management.
11.300(d)
Initial and periodic testing of devices (such as tokens or cards) bearing or generating identification code or password information is performed to ensure that they function properly and have not been altered in an unauthorized manner.
11.300(e)