I need clarification on below mentioned points.
In case of old laboratory instruments like HPLC, GPLC, AAS, UV- Spectrophotometer, Gas Chromatography etc; which we have in our facility do not have feature to comply as per the requirement mentioned in Part11; due to system software constraint. These system are used for testing of sample, IPQC etc. (i.e. GLP & GMP)
To counter above things, we are planning to put following control & do the validation of these systems subsequently.
1)[b]Application software do not have password length, complexity & password auto-expiry feature:- [/b]
Control :- SOP on Password policy will be prepared; which will guide user about password length, complexity & auto-expiry feature. So User will take care while changing/assigning their password of application software
2)Application software do not have audit trail feature:-
Control:- Ms-window’s audit policy will be activated to capture login, logout, and deletion of record events. This will not able to capture all events but it will able to satisfy partial requirement of audit trail. For rest all things, we can put the control through procedure.
3) Application software do not have data integrity feature:-
Control:- Folder level security will be assigned to database folder to avoid tampering of Final data. Audit trail will be activated to capture the event.
4) Application software do not have security feature:-
Control:- Windows 2 level security will be configured as administrator & supervisor. Appropriate instruction pertaining to operation of application software will be mentioned in the operation SOP.
5) User account is not getting locked out after unsuccessful attempt.
Control:- Audit trail review is done periodically to track & control above event.
Request you to give your comment, against suggested possible solution (which I can think about?). If you can know better control than this, pl. do let tell us to comply as per the regulatory requirement.
In addition to this, I want clarification on closed system, open system & hybrid system.
Awaiting for your valuable feedback.
Nilesh