TomTec QUADRA 4 - File System Monitoring Explained; Program Step Logging Details; Rationale for Using CFR11

To Next Page

To Previous Page

Quadra 4 Operator Manual

Tomtec

150

c. Other:

Other portions of system security are outlined in painful detail on the FDA website, they

include things like password protected screen savers, password complexity, and

password expiration. It is up to the user and their system administrators to enforce this

portion of the CFR11 compliance as we have no control.

11.1.2 File System Monitoring

File system monitoring, is configured by selecting directories that the user will be storing

program sequences in. The number of directories that are monitored is unlimited, but

monitoring more than 50 or so may have a negative impact on system performance.

The monitor, logs all changes, renames and deletes performed in the monitored

directories, and saves the information in the log directory specified in the configuration

program. As stated in System Security, it is the responsibility of the user to secure the

logging directory. Currently the only way to retrieve information that is logged, is to use

explorer to brows the log directory, and make copies of whatever file needs to be

retrieved.

11.1.3 Program step logging

The program steps are currently logged with user logs. These have multiple options

including the ability to overwrite, or not log at all. With the secure log, the user is not

even aware inside the GUI software that logging is happening. It is entirely transparent,

and happens even if user logging is turned off. No secure log is performed during

simulation, only during actual operation of the machine. During an error condition when

the user is in utilities nothing is logged, it is the users responsibility to make logbook

entries for these situations. What will appear in the secure log in these situations will

depend on the error condition. But will at minimum include the fact that an error

occurred, and that the user entered utilities.

The log will contain, the log message, the date the time and the users login ID. This is

one of the reasons for needing unique user ID's.

11.1.4 Why use CFR11

If the user doesn't know why they need CFR11 then the most likely don't need it. Any

situation involving interaction with the FDA will usually require this compliance. If you

read the CFR11 documentation on the FDA website, and look at the real information

that is there it is actually quite simple.

• Who did it.

• When did they do it.

• What did they do.

• Be able to reproduce it.