Pharma Industry Interview Question & Answer Part 03 (General)

 

Data Integrity App

 
Question 21: What requirements are made concerning physical protection?

Best Answer:  Physical protection must be adequate to the risk. Physical protection comprises the protection of data storage devices from unauthorised parties as well as the environmental impacts influencing the respective data storage devices.
A DVD should not be put in the sun; but this will be less problematic with a hard disk.
 
 

Question 22:  What is the difference between a clear printed printout and a normal printout?

Best Answer:  “Clear printed” means that apart from the values themselves, the units and the respective context can
also be seen in the printout.
 
 
 
Question 23: What controls are required in the case of a change of configuration?

Best Answer:  This has to be defined system-specifically. Measures need to be defined according to a risk
assessment.
 
Here, a distinction can be drawn between configurations that are for intended use and are only documented by means of a logbook (such as infrastructure, virus scanner, …) and configurations which have to be formally authorised and documented by means of a change control (such as release work flow with electronic signature).
 
 
Question 24:  Must changes which are not GMP-relevant also be carried out in a controlled manner?

Best Answer:  If the whole system is not GMP-relevant = NO. If the system is GMP-relevant = YES, because in an
integrated system it must also be evaluated that there is no negative influence.
 
It can also only be ascertained by means of a “risk assessment” that a standard update or standard patch poses no risk and that it therefore can be registered and performed.
 
 
 
Question 25: What does periodic mean? What period of times is expected as a minimum, for example?
Best Answer:  Periodic in this case means regularly and recurrently. No minimum period of time is defined. It must be substantiated that the period of time is adequate in order to control the process risk.
 
 
 
Question 26: Can such periodical evaluations be incorporated in the annual report or PQR? Must they be incorporated there?
 
Best Answer:  They can be incorporated in the Annual Product Review, but they need not be.
 
I would not recommend to generally incorporate them in the Annual Product Review as the periods of time in the Periodic Review can usually be longer than the Annual Product Review since the systems are subject to strict change control and possible deviations in the company are controlled by means of the CAPA process.
 
 
Question 27:  How often do users have to change their passwords? How often must user profiles be checked?

Best Answer:  The frequency of change as well as the frequency of control of user profiles depends on the risk.
Annex 11 does not pose any requirements on the frequency of password changes.
 
 
Question 28 : What exactly does “all incidents” mean? Does it also mean service requests (such as resetting a password)?

Best Answer:  It means per definition all incidents. But the company can define what an incident is and what the intended use is.
Resetting a password, for instance, can be a regular task of the administration and therefore it is no incident since the system documents resetting via log files. Here, you can limit the
incidents.
 
 
Question 29: Are workarounds accepted for preventive actions?

Best Answer:  Yes, provided they are described and regulated – for instance, in SOPs.
 
Question 30: How often should the readability of archived data be checked?
 
Best Answer:  This is to be defined by the company and depends on a set of further factors apart from the type of system or data.
 
There is no simple and general answer to this question since the readability of a data storage device depends on various factors; including the technology used, the storage conditions of the data storage devices and the reliability of the requisite disk drives.
 
That is the reason why the period of review should be defined based on the identified risks, the criticality of the data and, if applicable, experience. This point should in any case be a subject of the periodical evaluation.
 
 

“Trust but Verify “ Ronald Reagan

 

Across the internet, there are millions of resources are available which provide information about Everything.

 

If you found all content under one roof then it will save your time, effort & you will more concentrated on your important activity.

Data Integrity App

Our Data integrity app will helpful for understanding what Data integrity & CSV really means & How 21 CFR Part 11, EU Annex 11 & other regulatory guidelines affects in pharmaceutical Industry.

 

Data Integrity App Include 

- Basic Data Integrity Concepts

- ERES & Its Requirement

- CSV & Its best practices 

- Mock Inspection and General Q&A

- Checklist for inspection

- Inspection Readiness

- Useful SOP’s

- Stay Regulatory Compliant.

 

“Stay One Step Ahead in Pharma IT Compliance” 

Data Integrity App Link:

https://play.google.com/store/apps/details?id=com.innovativeapps.dataintegrity

 

Try our "Data Integrity" app which helps you to better understand current regulatory agencies thinking on Data Integrity & CSV.