21 CFR Part 11 User guide

Mastersizer 2000 and Zetasizer Nano Series

Abstract
This document provides details on how to use the 21 CFR Part 11 features provided for the Mastersizer 2000 and the Zeta Nano series of DTS instruments. Although the two applications are functionally different, the implementation of the 21 CFR 11 features is almost identical for both of them. Consequently, this note will simply refer to the Application throughout. Where there are detailed functional variations arising from the differences between measurement techniques, these are detailed in the Appendices to this note. It is possible that your company SOPs specify control of access to the information given in this note. Consequently, this information is not incorporated in the online help or the printed manuals.

Figure 1: Configure ER/ES Options Screen

Assumptions
The intended readership is the system administrator. This is defined as the person responsible for the security and 21 CFR Part 11 compliance of the instrument. Some knowledge of the Windows operating system is assumed and some familiarity with the instrument software is also assumed. It is assumed that the software has been installed in accordance with the guidance provided by the relevant Software Update Notification (located on the Application CD) and that the feature key, CPS0020 (Mastersizer 2000) or CPS0032 (Zeta Nano), has been installed.

ER/ES Configuration
Selecting Security > ER/ES Settings will bring up the dialogue shown in figure 1. If this menu item is greyed out, the 21 CFR Part 11 Feature Key will not have been installed.

Prohibition of Record Deletion

It is possible to control individual users ability to delete records using the Group Permissions in the security configuration. However, for strict compliance to 21 CFR Part 11, it is also possible to prevent record deletion for all users by checking the prohibition option on the Configure ER/ES settings screen.

PDF file output directory

The PDF file output directory is the location where reports generated at the end of a measurement SOP will be stored. It is recommended that these reports be held on a centralized file server in order to comply with the 21 CFR Part 11 regulations about data preservation.

Enabling continuous use check.

In order to ensure that the person operating the system is actually the person identified by the access control system, it is possible to configure the software to monitor the system usage. If the software

21 CFR Part 11 User Guide

MRK531-02

remains idle for longer than a period specified, the user will be logged out. To enable this feature, check the option on the Configure ER/ES settings screen and configure the Timeout period.

Specifying the Audit Trail file output directory

The Audit Trail file output directory is the location where the Audit Trail files will be stored. It is recommended that these reports be held on a centralized file server in order to comply with the 21 CFR Part 11 regulations relating to data preservation.

Specifying the Audit Trail file interval

It is possible to control the approximate size of an audit trail file by specifying how often a new file is created. The period depends upon the usage of the system and the typical number of auditable events that occur in a day. This can only be assessed by the user from experience of using the system. Typical practice is to start a new audit file weekly and observe the number of events audited over that period. After the specified period has passed, the application will automatically begin a new audit trail file. The new file name will be automatically recorded at the tail end of the previous file in order to maintain a continuous audit trail.

Figure 2: Security Configuration Screen

Warning
It is possible to configure the security system in such a way as to prevent any user from logging in to the system. To avoid this situation, make sure that you do the following: 1. Configure a group with permission to Edit user settings. Ensure that there are at least two users that are members of this group. The first user should be the individual responsible for administering the security settings of the machine. The second user should be a pseudo account. The user name and password for this account should be recorded and stored in a secure but well known place. This might be in a sealed envelope held in the company safe or with a trusted individual such as the head of the I.T. department. This will permit access to the security system should the other user become unavailable.

Enabling security
Security is disabled by default to allow free access to the software. The administrator of the system should configure the users and groups before enabling the security system. Once the users and groups are configured, access and configure the security settings. (Figure 6) Finally check the Enable Security check box. For 21 CFR Part 11 enabled systems, it will not be possible to disable the security once enabled.

2.

3.

4.

Security Configuration
The configuration for the security system can be found under the Security menu. The security system is similar to the Windows operating system security and should be familiar to most advanced users.

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Adding Groups
A group defines a set of access rights that may be granted to member users. An access right allows or prohibits use of a specific feature of the software. The access rights available for both applications covered by this Note are detailed in the Appendix.

Group Name
An alias for the group. This is usually a descriptive name for either a level of access or a job function. Commonly defined groups are Operators, Supervisors and Administrators.

Description
A more detailed description of the group. Figure 3: Group Properties Screen

Members
The users who are members of the group and have the access permissions that the group allows. Users can be added to a group either as part of the user creation process or the group creation process.

Permissions
The list of access permissions conferred by membership of a group. Any user who is a member of the group will be granted access to a software feature if the relevant permission is checked. Figure 4 : Creating a new user

Adding Users
Once suitable groups have been defined, the next step is to add the users to the system. It is possible to add a single user by clicking Users/New User in the Security Configuration Menu. Rapid addition of existing users to a new Group can be done by double clicking an empty line in the Members section of the Group Properties dialogue for that Group. This action will cause the whole list of existing users to be displayed and selected

users can be highlighted as a group. Clicking OK will then add all the highlighted users to the new Group.

Full Name
The full name is the printed name of the user. This is the full name of the individual and may be placed on reports to identify the individual who made a measurement.

Username
Each user must have a unique user identifier and should be a member of at least one group. Any local SOP for security configuration should be followed but a typical practice is to use the initials and surname of a user as the user identifier.

Description
This is typically the users job title or function.

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Password
The password field is where you enter the password. For security reasons, the password is not displayed. It will also be noted that the number of asterisks may not necessarily map exactly to the password length. A typical practice to preserve the security of users passwords is for the administrator to agree a temporary password with the user, (this must not be the users final password), and check the option to force the user to change this password at the next logon. User must change password at next logon If this field is checked, users will be asked to change their passwords the next time that they log on to the system. This allows the administrator to set temporary passwords for new users or users who have forgotten their passwords. User cannot change password If this box is checked, the user will not be able to change the password unless it is the first time that a user has logged in and the system expects the user to change the password at the next logon. This box should only be checked in special circumstances such as for an administrator account to be used in emergencies. Password never expires Checking this box prevents the password expiry setting from applying to this user. This box should only be checked in special circumstances such as for an administrator account to be used in emergencies. Account disabled Checking this box prevents the user from logging in to the system.

Figure 5: Group Memberships screen This box should be checked when a user leaves the company or no longer is allowed access to the system. Under 21 CFR Part 11, users information must be retained for the full period of record retention. This option allows access to be prevented without removing the user details from the system. Many companies will use this feature to suspend an account while the user is on vacation. Account locked out This box will be enabled and checked if a user has been denied access by the security system. The administrator is able to allow access again by clearing this check box. This will typically happen when users forget their passwords and have made more than the allowed limit of logon attempts. (Figure 6) It may also be an indication of an attempt to logon by an unauthorized user. the user in the selected group or groups. (Figure 5) Where users are members of more than one group, it should be noted that if a permission is granted in one group, it will override any denial of the same permission in another group. In this way users have the sum of all the permissions in the groups they belong to. Administrators should be aware of this and be sure that they are familiar with the permissions which membership of each group confers on members. It is also possible to add users to groups by pressing the Add button in the group properties screen. This will then list the users who are available to add to the group. The Remove button works in the reverse direction when members are to be removed from a group.

Adding users to groups

This can be done in two ways. In the edit user screen, pressing the Groups button will list the groups available for the user to join. Pressing the Add button will include

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Security Settings
Security > Configure Security >Options > Security Settings will give access to the Security Settings screen. (Figure 6) Password Age It is possible to force users to change their passwords after a period of up to 365 days has elapsed. Once the password has expired, users will be prompted to confirm their existing passwords and specify a new one. In conjunction with the password uniqueness option, this can force users to regularly review their passwords. This facility should be used with caution. If users are too frequently forced to change their passwords, it is common for them to forget them or worse, to write them down, thereby defeating the original purpose of the security system. Password Uniqueness Each time that a user enters a new password, it can be checked against a list of up to 32 previous passwords held in the software to ensure that fresh passwords are used. It is recommended that if this feature is used, the size of the password history list should be limited to between 3 and 6 passwords. Any fewer and users will not have to review their passwords. More will force users to choose unfamiliar passwords and will increase the possibility of passwords being written down. Password Size It is possible to specify the minimum length for a password up to 32 characters. As a rule of thumb, the shorter a password is, the easier it is to guess. However, if it is too long, users may not be able to remember their passwords. 6 characters is generally a good compromise. Figure 6: Security Settings Screen Account lockout The software monitors each users attempts to log in. If the user fails to enter the correct user identifier and password combination, the software will record this and can optionally deny future access to the software. It is possible to specify the number of unsuccessful attempts allowed (up to 10) before users are locked out. This count will be reset after a specified period of time to allow for genuine users forgetting their passwords. If users exceed the allowed number of attempts, the software can either lock them out of the system for the specified period or require the intervention of another user with Administrator privileges to unlock their accounts. If the username in the security Configuration screen has an icon with a cross through it, that users access capability has been disabled. If the username has an icon with a padlock next to it, that user is locked out and the administrator should establish the reason for this before unlocking the account to readmit a bona-fide user.

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Audit Trails
The application software records system events in the system audit trail. This is a record of the application starting and closing, security events such as logging in and out of the system, and file events such as creation and deletion of measurement records and SOPs. (Figure 7) Use the File-Open menu to view audit trail files other than the currently active one viewed by default. Using the File-Export menu option, it is possible to export the audit trail file contents to an ASCII file for review and printing.

Measurement Audit Trails

Measurements cannot be edited. If changes are made to a measurement, a new measurement record is created at the end of the file. In the Zetasizer Nano series application, each record contains Audit Information allowing the user to view audit information in the record view (Figure 8). Instructions for configuring the Zetasizer Nano workspace are available in the applications online help. Figure 7: Audit trail view

Figure 8: Measurement Audit Parameters (Zetasizer Nano Series)

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

SOP Change History

The SOP files contain their own audit history in the form of file versions. Each time that an SOP is edited, a new version is created and the original values are preserved. By comparing the versions of the SOP file, it is possible to see what changes were made and by whom. Pressing the Versions button will display the version history of this SOP file. (Figure 9) To see the changes made between two versions of the SOP, select the two required revisions and press the Diff button to display the Differences screen. (Figure 10) The differences screen displays three columns; the parameter name for each parameter that has changed and the value of that parameter for each of the two versions. The fact that the SOP file has a new revision will also be recorded in the system audit file.

Figure 9: SOP Versions screen

Figure 10: SOP Differences screen

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Electronic Signature Support

The application software does not directly support electronic signatures. The application will integrate with the Adobe Acrobat package and allow reports to be created as Portable Document Format (otherwise known as PDF) files automatically at the end of each measurement. These report files are held in the Acrobat Results folder specified in the ER/ES Settings. The file name for these report pages will be the Measurement file name followed by the record number of the result in question. Once reports have been generated, the Adobe Acrobat package can be used to electronically sign them using either the Adobe Self-Sign technology or a third party digital signature solution such as VeriSign. The Adobe Acrobat Self-Sign solution is fully compliant with 21 CFR Part 11. The Adobe Knowledge base document 323231 details the compliance (go to: www.adobe.com/support and enter 323231 into the search field).

Figure 11: Acrobat Report

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Appendix: Administering Group Permissions.

As a general rule, this should be done by the administrator in consultation with the most senior operator, the Qualified Person for the Lab or the laboratory supervisor. Note: These appear in two sections: Common permissions applicable to both applications and additional permissions relating to the Mastersizer 2000.

A) Common Permissions:
Permission Configure Communications Setting Description Allow the user to modify the serial port to which the instrument is connected . This feature should be restricted to advanced users. Once the software is installed, it should not be necessary to modify the communications settings. Allow the user to alter the ER/ES settings. In a 21 CFR Part 11 environment, this feature should be restricted to the administrators of the system. Configure user workspace settings (Zetasizer Nano Series only) Control display of status bar Allow the user to configure the workspace settings such as which reports are available and which parameters are displayed in the record view. You may wish to pre-configure the workspace for all users and confine changes to the more advanced users. Allow the user to show or hide the status bar at the bottom of the application window. The status bar displays useful help and diagnostic information and should not generally be removed. Allow the user to show or hide toolbars at the top of the application window. The toolbars provide quick shortcuts to commonly used features of the software and should not generally be removed. Allow the user to create or modify templates for the export of data. You may wish to pre-configure standard export templates and confine access to this feature to advanced users. Allow the user to create or modify reports. You may wish to pre-configure standard reports and confine access to this feature to advanced users. Create and edit SOPs Allow the user to create and modify SOP settings. You may wish to pre-configure standard SOP files for your product range and confine access to this feature to advanced users. Delete Results Allow the user to delete results. In a 21 CFR environment, this permission should not be provided to any user. This facility is provided for a mixed environment where some users do not operate under FDA regulations.

Configure ER/ES settings

Control display of toolbars

Create and edit export templates.

Create and edit reports.

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Permission Edit Line Styles (Zetasizer Nano only) Edit Results

Description Allow the user to modify the line styles used in graphing. You may wish to pre-configure acceptable line styles and confine access to this feature to advanced users. Allow the user to create a new result by modifying the analysis parameters and recalculating the result. Since no data is changed or obscured in the original record, access can be granted to any user.

Edit User Settings

Allow the user to modify the security settings and manage the users and groups. Access to this feature should be confined to administrators of the system. At least one user must have access to this permission.

Make a measurement

Allow the user to make a measurement. This feature is required by any user wishing to make a measurement but may not be required by the system administrator.

View Audit Trail

Allow the user to view and export the audit trail files. Access to this feature should be confined to the administrators of the system.

B) Mastersizer 2000-specific Permissions

It is considered good practice to only turn on permissions for people as and when they have undergone the necessary training, either by sitting alongside a trained operator or by undergoing Malvern training. Note: It should be remembered that the software can be loaded onto a free-standing PC away from the instrument. This allows trainees to familiarise themselves with the software without adversely affecting the integrity of the installation. Permission Change the pot order in the Autosampler schedule Create and Edit Custom Calculations Create new Autosampler pots Autosampler pot details Edit Autosampler Pot Details Recycle Autosampler trays Edit Result Emulation Factors Description Only applicable if you have an Autosampler. Allows the user to produce bespoke reports. Lab supervisor or trained equivalent. Only applicable if you have an Autosampler

Result Emulation factors are not really a GxP-approved feature. Lab Supervisor or trained equivalent. Modifies the number and width of size bins in the Report Administrator or Lab Supervisor only Marks a result as a comparison standard for difference plotting. Lab supervisor only and only if comparisons of current results are to be made against a standard material using difference plots.

Edit User Sizes

Set Reference Results

10

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02

Malvern Instruments Ltd Enigma Business Park Grovewood Road Malvern Worcestershire UK WR14 1XZ Tel: +44 (0)1684 892456 Fax: +44 (0)1684 892789 Malvern Instruments Worldwide Sales and service centers in over 50 countries for details visit www.malvern.com/contact

more information at www.malvern.com

11

21 CFR Part 11 User Guide for Mastersizer 2000 and Zetasizer Nano Series MRK531-02