Draft – SharePoint Configuration Guidance v0.9j 21 CFR Part 11 Requirements ...................................................................................... 62 Subpart B Electronic Records ....................................................................................... 63 11.10 Controls for Closed Systems ........................................................................... 63 11.10 (a) Validation of Systems ............................................................................. 63 11.10 (b) Record Review and Inspection ............................................................... 65 11.10 (c) Records protection and retrieval ............................................................. 65 11.10 (d) System Access ....................................................................................... 66 11.10 (e) Audit Trail ............................................................................................... 68 11.10 (f) Operational System Checks .................................................................... 68 11.10 (g) Protect records from unauthorized access .............................................. 68 11.10 (h) Data Input Validation .............................................................................. 69 11.10 (i) Training ................................................................................................... 69 11.10 (j) Electronic Signature Policy ...................................................................... 69 11.10 (k) System control ........................................................................................ 70 11.30 Controls for Open Systems ......................................................................... 71 11.50 Signature Manifestations ............................................................................ 72 11.50 (a) Signature Manifestation .......................................................................... 72 11.50 (b) Control of signature information .............................................................. 72 11.70 Signature/Record Linking ........................................................................... 73 Subpart C Electronic Signatures ................................................................................... 73 11.100 General Requirements ............................................................................. 73 11.100 (a) Uniqueness .......................................................................................... 73 11.100 (b) Identity Verification ............................................................................... 74 11.100 (c) Legal Certification ................................................................................. 74 11.200 Electronic Signature Components and Controls............................................. 74 11.200 (a) Non-biometric Signatures ..................................................................... 74 11.200 (b) Biometric Signatures ............................................................................ 75 11.300 Controls for Identification Codes/Passwords ............................................ 75 11.300 (a) Uniqueness of identity .......................................................................... 75 11.300 (b) Password Policy ................................................................................... 75 11.300 (c) Deactivation of Users ............................................................................ 76 11.300 (d) Unauthorized use of passwords or identification codes ........................ 76 11.300 (e) Identification Code Device Testing ....................................................... 77 Systems Validation and Compliance ............................................................................. 78
3