SOTEC Managed Services

Regulatory Compliance IT Managed Services

FDA 21 CFR Part 11

Electronic Records, Electronic Signatures

Title 21 CFR Part 11 of the Code of Federal Regulations deals with the U.S. Food and Drug Administration guidelines on electronic records and electronic signatures in the United States. [Learn more...]

Section 11.2 - Implementation
Requirement SOTEC Remote Monitoring/Partner
  • Records maintained in electronic form and electronic signatures may be used in lieu of traditional signatures.
  • Need to assure high availability of the server hosting the electronic records and monitor and alert on key performance metrics
  • Automatically reboot servers upon system or application failure

Section 11.10 - Electronic Records
Controls for Closed Systems
Requirement SOTEC Remote Monitoring/Partner
  • Measures designed to ensure the integrity of system operations and information stored on the system
  • Archival protection of records
  • Use of computer generated, time stamped audit trails
  • Proactive systems monitoring, alerting and alarm notification
  • Windows intrusion monitoring
  • Address the security of closed systems requiring authority checks be used to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record or perform operations
  • Firewall monitoring
  • Vulnerability scans
  • Windows intrusion monitoring
  • Patch assessment
  • Asset reports automatically identify all moves, adds, changes
  • Notify on changes in access policies; changes in firewall configurations; router configurations; disk drive removals; and environmentals

Section 11.300 - Electronic Signatures
Controls for Identification Codes/Passwords
Requirement SOTEC Remote Monitoring/Partner
  • Electronic signatures based upon use of identification codes in combination with passwords must employ controls to ensure security and integrity
  • Transaction safeguards must be used to prevent unauthorized use of passwords and/or identification codes, and to detect and report an attempt to misuse such codes
  • Real-time intrusion alerts
  • Monthly intrusion summaries
  • Login/logout activity by user/device
  • Failed login details report
  • Account modification activity by user/account report

Regulatory Compliance IT Managed Services:



Learn More:



Our Partners

Dell Certified Partner - Managed Services

Microsoft Certified Partner