Free Download

21 CFR Part 11 Compliance Checklist

A section-by-section checklist of every requirement in FDA 21 CFR Part 11 for electronic records and electronic signatures. 34 items covering Subpart B and Subpart C, each mapped to its specific CFR section.

Download Checklist Read the Full Part 11 Guide

Why Organizations Need a Part 11 Checklist

FDA 21 CFR Part 11 defines over 30 distinct requirements spread across seven regulatory sections. The regulation covers everything from system validation and audit trail retention to two-factor authentication and password management controls. Missing even a single requirement can result in a Form 483 observation or a warning letter, both of which create real operational disruption and reputational risk.

The challenge is that Part 11 was written as regulatory text, not as an implementation guide. Subpart B (Electronic Records) and Subpart C (Electronic Signatures) each contain requirements that interact with each other but are structured by regulatory logic rather than by implementation order. A checklist that maps every requirement to its specific CFR section gives QA teams, IT departments, and compliance officers a concrete way to verify coverage without re-reading the regulation every time.

This checklist is designed for three use cases: evaluating a new e-signature vendor against Part 11 requirements, conducting internal compliance audits of existing systems, and preparing documentation before an FDA inspection. It covers all items from Section 11.10 through Section 11.300, organized by subpart and section for easy reference.

What the Checklist Covers

34 individual requirements organized by Part 11 section, each referencing the specific CFR subsection.

Controls for Closed Systems

11.10

Validation, audit trails, access controls, authority checks, device checks, personnel qualifications, accountability, and document controls.

14 items

Controls for Open Systems

11.30

Additional encryption and digital signature measures beyond closed system controls.

2 items

Signature Manifestations

11.50

Printed name, date/time, and meaning (approval, review, authorship) displayed on signed records.

4 items

Signature/Record Linking

11.70

Signatures linked to records so they cannot be excised, copied, or transferred.

1 item

General Requirements

11.100

Unique signatures, identity verification, and FDA certification of electronic signature intent.

4 items

Components and Controls

11.200

Two-factor authentication requirements, continuous session rules, and biometric controls.

4 items

Identification Codes/Passwords

11.300

Uniqueness, periodic review, loss management, transaction safeguards, and device testing.

5 items

Download the Full Checklist

Related Part 11 Guides

Go deeper on specific Part 11 topics with these guides from the Certivo blog.

FDA 21 CFR Part 11: Complete Compliance Guide (2026)

Deep dive into all three subparts, audit trail requirements, common 483 findings, and a compliance framework.

Part 11 Electronic Signatures: Requirements, Components, and Common Mistakes

Subpart B and Subpart C explained, common compliance failures at clinical research sites, and what FDA inspectors look for.

Best 21 CFR Part 11 Compliant E-Signature Software (2026)

The 7 technical requirements that separate genuinely compliant platforms from those that just claim it.

Audit Trails in Regulated Industries: Complete Guide

FDA Section 11.10(e), hash chain verification, common 483 findings, and implementation best practices.

E-Signature Vendor Evaluation Checklist

40+ RFP questions for evaluating e-signature vendors covering Part 11, Annex 11, ALCOA+, scoring framework, and red flags.

Built for Part 11 Compliance

Certivo is a purpose-built e-signature platform for life sciences organizations that need FDA 21 CFR Part 11 compliance without the overhead of configuring a general-purpose tool. SHA-256 hash chain audit trails, 2FA at every signing event, and validation documentation included.

Start Free Trial View Compliance Details