实验室审计追踪具体包含哪些项目

实验室审计追踪具体包含哪些项目AuditTrails审计追踪Anaudittrailisachronologyofthe“who,what,when,andwhy”ofarecord.Itensuresasecure,computer-generated,time-stampedelectronicrecordisavailablethatallowsforreconstructionofthecourseofeventsrelatingtothecreation,modification,ordeletionofanelectronicrecord.Forexample,theaudittrailforanHPLCruncouldincludetheusername,dateandtimeoftherun,integrationparametersused,anddetailsofreprocessing,ifany,includingthechangejustification.Inaddition,aspartofreconciliation,theinjectionlogcanbeincluded,butthisinjectionlogdoesnotincludeaudittrailinjectioninformation(blank/systemsuitability/Lot#)(2).审计追踪是记录“谁、做什么、何时、为什么”的记录，能确保安全受控计算机所生成的，带时间戳的电子记录可以重建与电子记录的创建、修改或删除有关的事件过程。例如，HPLC运行的审计追踪可以包括，用户名，运行日期以及时间，所使用的完整参数记录，再处理过程细节，或，修改理由。此外，进针日志也可囊括在内，但是此进针日志不包括审计追踪进样信息(空白/系统适用性/批号)(2)。Theaudittrailfeature(orfunction)shouldbeenabledatalltimes,withstrictaccesscontrolsinplace;equipmentwithdataprocessingcapabilitybutlackingaudittrailcapabilityshouldbeupgradedtoCGMPstandards.Inthoseinstanceswheretheequipmentlackssuchcapability,appropriatecontrols(e.g.,paper-based)shouldbeimplementedtoensurealldataandinformationgenerated,alongwiththehistoryofallactivitiesperformed,isavailableforreview.审计追踪功能应始终启用，并应有严格的访问控制，具有数据处理能力但缺乏审计追踪功能的设备应升级为cGMP标准。在设备缺乏该功能的情况下，应实施适当的控制(例如，通过纸质记录)应该被实施以确保所有数据和信息的产生，以及所有活动的历史可以回顾。Theaudittrailshouldincludeallpossibledatachanges;then,thereviewercandecidewhetheranydatachangerepresentsacompromisedorregulatedevent.审计追踪应包括所有可能的数据更改；据此追踪记录，审阅者可以判别是否数据更改是否是一个异常事件。Differenttypesofaudittrailssupplydataondifferentfunctions;eachshouldbeassessedindividu-allyand,then,allaudittrailsshouldbeassessedcollectivelytodeterminetheintegrityofthedata.Instrument-specificsoftwareprovidesseveralfieldsforconfiguringaudittrails,andtemplatesfromwhichtochooseforpresentation.Figure6.3.9-1illustratesoneapproachtoaudittrailclassification.不同类型的审计追踪提供不同功能的数据，每个都应该单独评估。然后，所

有的审计追踪应进行汇总评估，以确定数据的完整性。仪器软件提供了用于配置审计追踪的字段以及选择用于表示的模板。图6.3.9.1阐述了审计追踪的一个分类方法SystemLev&l

系铳展面

Uaerscbvityflcgtn/togoffffailur&loginattempls/privtlegechanges)

用户活动(登录/登出/登录失政/权限变化)

Systempolicychanges

系统策略变化ProdLKVMcleculeFoJderLovelApplicationLeveil施用展面产品/分子文件层囿序列，方法、域黑市廿追踪的汇总Dataacquiredsyslerndetails数据捕集系琉的详版情况Sequence序列Se^ueftcemodificationduringandaftercjxeculicm执行过程中或执行后的序列整改SurTirr^ryof窗鸟口口包『旧点、methods,resultaudittr^jlsCalculatedValue结果计算ProcessinghistoryProdLKVMcleculeFoJderLovelApplicationLeveil施用展面产品/分子文件层囿序列，方法、域黑市廿追踪的汇总Dataacquiredsyslerndetails数据捕集系琉的详版情况Sequence序列Se^ueftcemodificationduringandaftercjxeculicm执行过程中或执行后的序列整改SurTirr^ryof窗鸟口口包『旧点、methods,resultaudittr^jlsCalculatedValue结果计算Processinghistory(Int&grationtype,p§uitnumber,c^ilibr^tkHicurvesandmodificationofsampledetails),publiishingdetails处理历史L积分类型『结果号.校正曲线和样品信息的修改)，发布的具体情况Method方法Crealion/modtrie<ldetails创建、修改的详细情况EachfnodlflcaUnnidentifiedbyversionnumber通过敝本号所识别的每一次修改Figure6.3.9-1ExampleofanAuditTrailSummary图6.3.9-1审计追踪示例TheQualityUnitisresponsibleforenablingfullyfunctionalaudittrails,assessingthedifferentkindsofmetadatacaptured,andchoosingwhichfieldsarerequiredtoverifyandensuredatareliabilityandcompliance.Thisapproachshouldbecarefullyselectedwithaviewtodesignthemostappropriatepro-ceduresforbatchreleaseaswellasasoundperiodicreview.Thefollowinglistreflectsonerecommendedapproachtothevariousclassificationsofaudits,eachofwhicharediscussedinthesectionsbelow:质量部门负责启用全面功能的审计追踪，评估所捕获的不同类型的元数据，并选择哪些字段需要确认以确保数据的可靠性和完整性。应仔细选择此方法,以设计最适合批放行和定期审核的程序。对不同等级的审计追踪的推荐方法如下所列：System-levelaudittrail系统层面审计追踪Application-levelaudittrail应用层面审计追踪Methodaudittrail方法审计追踪Resultsaudittrail(orinjectionaudittrail)结果审计追踪(或进针追踪)Sequenceaudittrail序列审计追踪Transactionlog/systemerrorlog色谱事件日志/系统错误日志System-LevelAuditTrail系统层面追踪Ifasystem-levelauditcapabilityexists,theaudittrailshouldcapture,ataminimum:anyattempttologin,successfulorunsuccessful;ID,date,andtimeofeachloginattempt;dateandtimeofeachlog-off;deviceused;andfunction(s)performedwhileloggedin,i.e.,applicationsthattheuserattempted,successfullyorunsuccessfully,toperform,asshowninFigure6.3.9.1-1(2).如果存在系统层面的审计能力，审计追踪最少应捕捉：任何登录尝试、成功或不成功；尝试登录的ID、日期和时间；每次注销的日期和时间；使用的设备；以及登录时执行的功能，例如用户尝试的应用程序；成功或失败。Systemaudittrailscovertheactivitiesrelatedtosystempolicychanges,useractivities(login,logoff,unauthorizedloginsanduserprivilegeschanges),changestoprojects(creating,deleting,modifyingandrestoring),verificationofprojectintegrityandchangestosystems.TheQualityUnitshouldreviewsystemaudittrailsonaperiodicbasisestablishedbythefirmforanytypeofdeletions.系统审计追踪覆盖了系统策略更改、用户活动相关的活动(登录、注销、未经授权的登录和用户权限更改，对项目的更改(创建、删除、修改和恢复)，证明项目的完整性和对系统的变更。质量系统应定期审核系统审计追踪以确定任何类型的删除。Figure6.3.9.1-2displaysatypicalsystemaudittrailforprojectdeletion.Systemaudittrailsarere-viewedininvestigationstochecktheloginandlogofftimesaswellasanysystem-basedinformationthatisnotcapturedonapplication-levelaudittrails(2).图6.3.9.1-2展示了一个典型的系统层面项目删除的审计追踪。系统审核追踪可以在调查过程查看以检查登录和注销时间,以及在应用级别审计追踪(2)中未能捕获的任何基于系统的信息。

LoggedinasQAReviewerRterdilViewRecordsHp(pActionChangeDateUser1SuccessfullyLaggedOn3/22^01810?41:17AMEDT(□roupleaderUnsmceisfulLogonAitempt3/22/201010:42252AMEDTAnalystAsSuccessfullyLaggedOn3/23/201810^6AMEDTChemist4UnsucesssFulAnempttoConfirmIdentity3/22/20181。辑5位AMEDIGroupleatkr5UnsuccesslFullLoganAlt2mpit3/22/20181105503AMEOTAnalystA6UnsuccessfulLogonAttemptJ^2/2O1811^5:15AMEDTMaly5tA7UnsucceufutLogonAttempt1^22^01811305^8AMEDFAnalystA8SucressfuilyLoggedOn3^22/2010112028AMEDTChemistgSuccessfujlyLoggedOn^22^01811:31503AMEDTChwnisi10UnsuccMsfulAttempttoConfirmIdentity三<22/2018112168AMEOTChemist11SuccessfullyLoggedOnJf22™711:3WAMEDTCrouplwd^rFigure6.3.9.1-1SystemAuditTrail(Default)图6.2.9.1-1系统审计追踪Loggedin耕QAReviewer 二同RieEdktViewRecoidsHek>ActionChangeDateUser105DeletedProject4/14/2Q18 PMEDI&ymem/Admiini式iQto『ProjectXYZReasonsPrt>)ect也beingddeletl106107DeletedProject3/22/201BKH4252AMELJTSystem/AdministratorProjectAAARmsoitProjectisbeingdeleted.DeletedProject3722/201B1W56AMECFTSystem/AdministratorProjectKDReawn：Projeclisbeingdeleted.108DetetedProject3/22/201Blft4SB2AMEOTSystem/AdministratorProjectHGKReason：Prp|ectisbeingdeleted.109DelatedProjed3/22/201BllflSUBAMEIJTSystem/AdmiinistrAtorProjectDDfiReas4xi:Projectisbeingd@etedlFigure6.3.9.1-2SystemAuditTrailforProjectDeletion图6.3.9.1-2项目删除的系统审计追踪Application-LevelAuditTrail应用层面审计追踪Application-levelaudittrailsmonitorandloguseractivities,includingwhichdatafileswereopenedandclosed,andwhatspecificactionshavebeentaken,suchasreading,editing,processing,anddelet-ingrecordsorfields,andpublishingreports.Thiscouldalsobecalledaproject-levelaudittrail.Someapplicationsmaybesensitiveenoughtocreateanaudittrailthatcaptures“before”and“after”informa-tionforeachmodifiedrecordorthedatachangedwithinarecord(54).应用层面审计追踪监视和记录用户活动，包括打开关闭哪些数据文件，以及采取了什么具体行动，例如查看、编辑、处理和删除记录或文件，和发布报告。这也可以称为项目级别审计追踪。某些应用程序可能足够敏感,可以创建一个审核追踪,用于捕获每个修改记录的"之前"和"之后"信息,或记录中更改的数据(54)。MethodAuditTrail方法审计追踪Methodaudittrailstrackthechangesmadetothemethodandtypicallycontainthefollowinginformation:方法审计追踪追踪方法所做的更改，通常包含以下信息：Methodmodificationhistory方法修改历史Methodusedforallinjections所有进样的方法Methodmodifiedbetweenthesequences不同序列之间的方法修改ResultsAuditTrail结果审计追踪Chromatogramsorreportscanserveasaresultsaudittrail.Figure6.3.9.4-1isamodelresultsaudittrailreportthatpresentsintegrationtype,dateacquired,dateprocessedandbywhom,andifthechro-matogramwasalteredaftergeneratingdata.Typically,chromatogramsshouldcontain:色谱图或报告提供结果审计追踪。图6.3.9.4.1是一个结果审计追踪报告模板，它显示了积分类型、获取的日期、处理的日期以及由谁处理的日期，以及在生成数据之后色谱图是否被改变。色谱图通常应包含：Sampledescription样品描述Dateandtimeofsampleacquisition样品采集的日期和时间Dateandtimeofresultsprocessed,ifpossible处理结果的日期和时间(如有)Minimummethodparameters,i.e.,wavelength,injectionvolume,andmethodname/ID方法参数，比如波长、进样量、方法名称/IDIntegrationtype积分类型Retentiontime(anyothersystemsuitparameters)保留时间Timeprinted,published,orsaved打印、发布或保存时间Integrationevents积分事件Samplenamechangeafterexecution执行后样品名称变更Filterscanalsobeusedtosearchtherequirementfromhugeamountsofdata.Figure6.3.9.4-2rep-resentsafiltertosearchwhetherthesamplehasbeeninjectedinmultipleprojects.Foroldersystemswithlimitedfunctionality,thereviewershouldsignandstampresultsprintedonpaperandreviewtheelectronicdataaccordingtotheQualityUnitpolicy.Iftheresultsarepublishedelectronically,there-viewershoulde-signtheresultsafterreviewingandlockthesignedfile.Ifitwillbeusedforanyinves-tigationalpurpose,theQualityUnitmustreviewtheelectronicdataperthefirm’spolicy,aselectronicdataisdeemedtobefinal.Oncetheprinteddataisaudited,originalelectronicdatashouldbeavailableforreferenceandshouldnotbealtered.Anymodificationtotheapproveddataneedstobejustified.筛选器还可以用于从大量数据中搜索所需信息。图6.3.9.4-2代表筛选器搜索在多个项目中的样品进样。对于旧系统在功能有限的情况下，复核人应在打印结果上签名并按照质量部门SOP复核电子数据。如果结果是以电子形式发布的，复核人在审核后对结果进行电子签名并锁定名文件。如果它将被用于任何调查目的，当电子数据被认为是最终的数据，质量部门必须按照公司的政策审查电子数据。一旦打印的数据被审核过，原始电子数据应该仅用于参考，不可更改。对批准的数据的任何修改都应进行论证。5amp居5献MNhndReportSummarysampleSett^meQCEJ6ao_(»7_lrj SampieSetId3794Lmeaity_SSMPeakResultsSampfeMameVUI白ALqulredinslrumeniMetlitidIdUseriBlart(Mub41ePhd^)12/3/201711:2234AM1ST1m3匚hem闻2Caffeine(0.06mg/rnU_5|jL22/3/201711:26:13AM：EST1003Chemist3Caff«re(a06mgi/mU_20nl22/3/3017114*56AMESTI0CJ1Chwriist4Caffeine(0.06Fna/mlj.WL22^/201711:1551AM的1003ChenlstSCaffeine也加irig/iirilJ_90|jL22/3/201 AMHIIMSChemist6Caffeine(0.06mg/mU_1OOyL2W2O1711:4221AMEST1003ClteinKtPeakResultsR«ulrComment5;AltWfHlRpsultl1nj&ctk)nID□ateAcquiredResult口1Pidc«5InjpctionNd1J78£2Z3/X3171M539PMEST3S312Pkk«bInjectionIMO137912/3/201/12:15却PME513S223Pioc四旧型clknNd117982/3/201712J53WPME5T38234PiucmsInjecltonNd138042G/201713:T5?*lPMEST3624£PidtmaInjprlionNd113810J/3/20171?!ISrtlPMEST招6PioceuInjectionNo138)52/3/201712;T&^2PMEST3826'specrticHesurtnumberEtenotesmnplenarrnealleMtlon(■诧Lifnamealtered)ResultsAuditTrailReport图6.3.9.4-1结果审计追踪报告Figure6.3.9.4-2FiltertoSearchSampleinMultipleProjects图6.3.9.4-2使用筛选器在多个项目中寻找样品SequenceAuditTrail序列审计追踪Sequenceaudittrails,orsamplesetaudittrails,trackthechangesmadetothesamplesequenceorbatch.Figure6.3.9.5-1representsatypicalsequenceaudittrailreport,whichgenerallycontainsthefollowinginformation:序列审计追踪或样品集审计追踪，追踪对样品序列或批所做的更改。图6.3.9.5-1表示典型的序列审计追踪报告，一般包含以下信息：Namecorrectionforsamplesetorinjectionsafterinjectionacquisition样品采集或进样名称改变Samplesetalteration样品集改变Samplenamealterationduringsequenceexecution在序列执行过程中更改样品名称Methodusedforallinjections用于所有进样的方法Abortedsequences取消序列Project-LevelAuditTrail项目审计追踪Byenablingtheaudittrailsoptionwhilecreatingit,aprojectwillcapturealltheactivitiesperformedwithrespecttosampleset,injections,channels,results,calibrationcurves,andpeaks.Figure6.3.9.6-1representsaprojectaudittrailrecordfordeletedinjectionasapoorexampletoshowfraudulentdata.通过启用审计追踪选项时可以激活，项目将捕获关于样本集、进样、通道、结果、校准曲线和峰执行的所有活动。图6.3.9.6-1显示了项目审计追踪记录一个删除的事件，来展现欺诈性数据的示例。Action1RwSampleSetDeU451七期漫犯:值_枷_咖」4L崛阖L知*Saq触细以祗唯一曲JM，」WLhHrM_3SMym（电调lot?刚触sor姐:映小蛇ikeChanq?DaleUserMise12^dnUt1J1：niM£HUHIKIQQ_680SampleSetAuditTrailReport图6.3.9.5-1样品设置审计追踪报告DCOMS1OiMMbjtgSanpieHuntCJflEw«iuttM1.Oitg/mkfiTdtectWatlERM防总电艇科《后便惬硕ChMigeguUMf12^30018S2H1PMBT消iftnProjectAuditTrail-DeletedInjection图6.3.9.6-1项目审计追踪-删除进样InjectionLog进样日志Chromatographicdataacquisitionsoftwaretypicallyhastheabilitytomaintainalogofinjections.Inadditiontothedateandtime,thesoftwaremayincludeadditionalinformationassociatedwiththeinjectionsuchaslotnumber,blankorsystemsuitability,reference,orsample.Anaudittrailensurestheintegrityofthedataand,iftheaudittrailisenabled,reviewoftheinjectionlogisnotnecessary.Injectionlogreportsaretypicallybuiltinbythesoftwaredeveloper,thoughwithlimitedabilitytocustomizewithoutexpertprogrammingcapability.Thetype,easeoflogretrieval,andeaseofprinting/publishingarealsobuilt-infunctionalitiesofthesoftware;however,theirinclusionwillvaryamongsoftwaresuppliers.Aninjectionlogisseparateanddistinctfromanaudittrail;whileitisagoodtooltohave,itisnotessentialtoensuringdataintegrity(2).色谱数据采集软件通常具有保存进样日志的功能。除日期和时间外,软件还可能包括与进样相关的附加信息,如批号、空白或系统适用性、对照或样品。审计追踪可确保数据的完整性,如果启用了审计追踪,则不需要检查进样日志。进样日志报告通常由软件开发人员构建,因此没有专家编程能力，自定义能力有限。软件还内置功能,便于日志检索,易于打印/发布;但是,不同软件供应商的内容会有所不同。进样日志是独立的,有别于审计追踪，尽管这是一个很好的工具,但对确保数据完整性(2)来说并不重要。TransactionalLog/SystemErrors事件日志/系统错误Chromatography色谱仪Thetransactionallog(whichmaybereferredtobyothertermsdependingontheequipmentvendor)andsystemerrorlogsareonline,instantaneousfeaturesthatdisplaypop-upmessagesaboutsystemfunctionality,useractivity,andhardware-relatedissuesorerrors.Figure6.3.10.1-1showsthetypesoferrorsgeneratedbythesoftwareortransactionallogandatypicalrepresentationofasoftwaretransac-tionallog.Figure6.3.10.1-2representsatypicaltransactionalerrorlog.事件日志和系统错误日志(根据设备供应商的不同，此术语可以用其他术语来指代)是实时的、即时的特性，它们显示关于系统功能、用户活动和硬件相关问题或错误的弹出消息。图6.3.10.1-1、6.3.10.1-2展示常见错误。Thetransactionallogisneitheranaudittrailnorisitintendedtobeareplacementfororcomponentofotheraudittrails.Atransactionalloggenerallyprovidessomeadditionalinformationrelatedtosoft-ware(e.g.,missingvial,lostprime)orhardwaremalfunctions(e.g.,HSSfault,lostconnection)andcanhelpininterpretingtheaudittrail.事件日志既不是审计追踪，也不作为其他审计追踪的替代或组成。事务日志提供与软件有关的额外信息(如，missingvial,lostprime)或硬件功能异常(如HSS错误，断开连接)以及可以帮助解释审计追踪。Nooneshouldhaveaccessorauthoritytomanuallychangethislog;however,thesystemcanbeconfiguredtoautomaticallypurgethemessagesonaperiodicbasistoensureefficientoperationofthesystemprocess-ingmemory.Iftheaudittrailisneverturnedoff,anydeletion,modification,orcopyingofmessagesper-formedbytheadministratorwillberecordedinvalidatedaudittrails(e.g.,systemaudittrail).TheQualityUnitshouldverifywhenasystemorrunhasbeeninterruptedduetoadisconnectionorpowerloss.不应有人有权限修改此日志。然而，可以将系统配置为定期自动清除信息，来保证系统充足的操作记忆内存。如果审计追踪功能从未关闭，那么管理员说执行的任何有关信息删除、修改、和拷贝都会被记录在经验证的审计追踪中(例系统审计追踪)。质量部门应确认系统或一次运行何时于断开连接或断电造成的中断。lyoesteoorynmeAppucauonimProgftiw*粼即疗MRMUST迎网SwtaKterFMCWt?Mk¥L加7Error/nsfnifrenF1/1第加及rtMEJTQCL56SGroupteoder械亡&伽砒¥L蜀疗Messageprimpin由啪既KroftjreW2690/StDlISM7731AFigure6.3.10.1-1ExampleofaTransactionalLog图6.3.10.1-1事件日志示例n/ie/20180903：14pColumnheaterdooropen11/19/201805:26心4PBubblefoundonaxnpression11Z20/20181227：47pColumnheaterdooropen09:41:5%Rubblefoundoncompression11/27/20181035:43aColumnheaterdooropen■11Z27/20181037:11aColumnheaterdooropen■11/27/2018112957aColumnbeaterdooropen11/27/2018113631aColumnheaterdooropen11/27/20181137rf)3aColumnheaterdooropenErrorLogIdleExampleofaSystemErrorLog图6.3.10.1-2系统错误日志示例Themessagesappearinginthelogmaycomefromtheapplicationsoftware,third-partysoftware,(e.g.,Oracledatabasesupportingsystemforchromatographicsoftware)orotherconnectedinstruments(e.g.,balanceconnectedtoHPLC)orequipment.Somechromatographicsoftwarepackagesofferthisfunction-ality.Thetransactionallogsaresystem-levelmessages,temporarilystoredandoftenautomaticallypurgedbythesystemattime-baseddefinedintervals;theirutilityisthereforetime-sensitive.Thesetransactionallogsmayprovebeneficialfortrending(e.g.,trendingofmostfrequentinstrumentorprocessingerrorsthatrequireattentionhelpsintroubleshooting)orinvestigationalpurposes(e.g.,describingthecauseofthefailure)andcompaniesmayutilizethisinformationaccordingly.Duringsoftwarevalidation,messageswillpresentasinformation,warning,orerroraccordingtolistedcategories(e.g.,general,security).Criticalmessagesandactionsregardingdatamanipulationordatadeletionthatmayappearinthetransactionallogmustbecapturedinvalidatedaudittrails(e.g.,system,result,sequenceorsample,ormethodaudittrails).日志中出现的消息可能来自应用软件、第三方软件，例如支持色谱软件系统的Oracle数据库或其他连接仪器(例如连接到HPLC的天平)或设备。一些色谱软件包提供了这种功能。事件日志是系统层面的信息，临时存储并以指定时间间隔自动清除；因此它们的实用性是有时间限制的。这些日志对于分析趋势(例如，分析需要关注帮助排除故障的最频繁使用的仪器或处理错误)或调查原因(描述失败原因)可能有好处，公司可以相应的利用这些信息。在软件验证期间,信息将根据列出的类别(例如,常规、安全性)显示为信息、警告或错误。在事件日志中可能出现的关于数据操作或数据删除的关键消息和操作必须在经过验证的审计追踪(例如，系统、结果、序列或示例，或方法审计追踪)中捕获。Categorizationoferrormessageshavinganimpactonthesoftwareandproductideallywouldbeincor-poratedduringsoftwaredevelopmentandvalidationbythevendor.Someerrorswithtitlesthatsoundcritical(e.g.,cabledisconnected,connectionlost,communicationfailure）maynotbecapturedinavalidatedaudittrailbutrecordedinatransactionallog.Itmaybedifficulttoconfirmthatthesetypesofmessagesareallcausedbyintentionalinterruptionsorhaveanyimpactonproductqualitydata.Itisthereforeimportanttohaveappropriatecontrolsandproceduresinplacetoensurethattruepoweroutagesberecorded,especiallyifachromatographicrunisaffected.理想情况下，对软件和产品有影响的错误消息的分类将在软件开发和供应商验证期间涵盖。一些标题听起来很关键的错误（例如，电缆断开、连接丢失、通信失败）可能不会在经过验证的审计追踪中捕获，而是记录在事件日志中。可能很难确认这些类型的消息都是由故意中断引起的，或对产品质量数据有任何影响。因此有必要建立适当的控制和程序，以确保真正的停电记录，特别是如果色谱运行受到影响。TheQualityUnitforthelabmustestablishandvalidateerrormessagesduringequipmentinstallationandqualification.Someerrormessagesarespecifictotheoperatingsystemofthesoftwareandarenotdirectlyrelatedtodataorequipmentoperation.Itisimportanttoworkwiththesoftwaresuppliertounderstandthedescriptionofmessagesthatarerecordedinthetransactionallogastheymaybesubjecttoevaluationduringinspection.Further,itisimportanttoidentifythosemessagesthatarecritical,i.e.,relatedtodataandinstrumentoperations.Forexistingorpreviouslyinstalledequipment（e.g.,legacysystems）,duringinstallationandqualification,theQualityUnitshouldassurethatalltransactionallogmessagesarereviewedandunderstood,andthatcriticalmessagesareidentifiedandincludedinvalidatedaudittrails.Transactionallogmessagesthathavenoimpactonanalysesorqualityattributesofaproductandmessagesthatarealsorecordedinvalidatedaudittrailsneednotberetained.实验室的质量部门必须在设备安装和验证期间建立和验证错误信息。一些错误消息是特定于软件的操作系统的，与数据或设备操作没有直接关系。与软件供应商一起工作以理解记录在事件日志中的消息的描述是很重要的，因为它们可能在检查期间受到评估。此外，重要的是识别那些关键的消息，即与数据和仪器操作有关的消息。对于现有或先前安装的设备（例如，遗留系统），在安装和验证期间，质量部门应确保审查和理解所有事件性日志消息，并确保在已验证的审计追踪中识别关键消息。不需要保留不影响产品分析或质量属性的事件日志消息以及也记录在已验证的审计追踪中的消息。Forexample,ifacableisdisconnectedfromanHPLCtoaLAC/Ebox,thenthedatawillnotbecaptured,andthetransactionallogwillshowamessageassysteminterruptionduetocabledisconnection.Furtherdia-loguebetweenindustry,healthauthorities,andvendorsisneededtoresolvehowtoaddressthisevolvingtopic.例如，如果从HPLC到LAC/EBOX的连接断开，那么数据将不被捕获，并且事件日志将显示消息为由于连接断开导致的系统中断。需要在行业、卫生部门和供应商之间进一步对话,以解决如何处理这个不断变化的话题。OtherTypesofEquipment其他类型的设备TransactionallogsarealsoavailablefromothertypesofautomatedanalyticalequipmentsuchasX-raydiffraction(XRD)orKarlFisher(KF).ExamplesareshowninFigure6.3.10.2-1andFigure6.3.10.2-2below.Figure6.3.10.2-2alsoprovidesanexampleofhowthelogentriescanbemisleadingifanauditorisnotfullytrainedonthesystem.Forexample,althoughoneentryreads“Deletedthejournalentry”intheXRDlog,theactualreasonfordisplayingthemessageisajobinterruption.TheQualityUnitshouldrec-ognizecriticalmessagesrecordedintransactionallogsandensuretheyarerecordedinvalidatedaudittrails.其他类型的自动化分析设备也有事件日志，如X射线衍射(XRD)或水分仪(KF)。如图6.3.10.2-1和6.3.10.2-2所示.图6.3.10.2-2还说明如果审核人员没有对系统进行全面培训，则日志条目可能产生误导。例子在以下图6.3.10.2.1-6.3.10.2.2展示。例如，虽然一个条目在XRD日志中读取"删除日志条目",但显示消息的实际原因是作业中断。质量部门应该识别记录在事件日志中的关键消息，并确保它们记录在已验证的审计追踪中。03/21/2018Deletedthe)oum3ienirywrththe163hsii64r8H6SFei166❷V21/J018 Mlpwdthp)ouniRpfitrywirhnwlggll限制15a印1印1051/21/2018 Ancperalicnha&srarted.Oe/21/Mla ReleaseConrrolO9/21/2018 An<][制7lienhmfinntic'd.Aclivt*joblimpwasOw*t(Mid|OJOminutP5)O卬短018 GetcontfuljobtyO9/21/3018 Wjotiwiih finishedActiwjctjtimewas071wccndsfU-SrnlnuteslO卬？1门018 rilnte^TexsavingrawPk.bfuifjcb?2ODw^iskirigl。W21噂018 SutterkjadingaKembMWlzar(JPljglExfemionXid.FeisiwiV占JuOKulture=nE»twLPuMIcKeyTblffin=n5lExampleofaTransactionalLogforXRD图6.3.10.2-1XRD事件日志示例Warning20^7-®227JM:WUIC4KF3GMdrtionlrLgstoppedinFdmuTion刈7g2213D3JIUTC4KF2D^T9nniiUTkKinnish&dWarning20173221103:17UTC4KF1Condttianlnq5topp«dInfbnnatiafi2017^0922IK)至10W匚4KHDeterminationfinishedVfamlna2017®22BO2^7UFC-4KF2Sam^e6ai3livemodifiedInftxmation2017-09-221351JSUTC^KF2DetemnlnatbonstartedWarning20^7092?BOOJ7LffC4KF1Sdmpie胡alivemodifiedlmfwmat>on2017gAi2:5441LffC-4KF1DetenninatkmstartedFigure6.3.10.2-2ExampleofaTransactionalLogforKF图6.3.10.2-2KF事件日志示例CommonDeficiencies常见缺陷Thefollowingproblems,listedwiththerespectiveALCScomponents,areoftenencounteredandcom-monlyfoundinauditsorcitedinFDAWarningLetters:(55)FDA警告信中关于复杂计算机化系统的数据完整性的常见典型缺陷如下:Computers计算机Sharedpasswords共享密码Nocontroloverdatagenerated未控制所生成的数据Dataacquisitiondate-and-time-stampchangestoalteractualdateandtimeofresults修改数据采集日期和时间戳以改变实际的结果日期和时间Nocontrolofautomaticsoftwareupdates软件自动更新没有控制Computersystems/softwarevalidationerrors计算机系统/软件验证错误Timesynchronizationacrossallequipmentandcomputersinthelaboratory实验室内所有设备和计算机的