Audit Checklist for Data Integrity

Auditing Department:			Date of Audit:
No.	Name of Auditor(s)	Department		Signature & Date
1
2
3

Sr. No.	Assessment Question	Guidance	Observation
1. Documentation & Record:
1.1	Is the logbook/ records paginated and issued by QA?	All the activity shall be recorded in the paginated logbooks and issued by QA
1.2	Is doer of the activity recording the observation/parameter with sign/date and time (as applicable)?	The documents shall be Attributable to the person generating the data
1.3	Are the data entries being performed with indelible ink (with color of ink as defined in SOP) and readable?	Document shall be Legible and permanent.
1.4	Is any scribe used for making data entries?	Should only take place where the act of recording places the product or activity at risk and mentioned in SOPs.
1.5	Are the required entries in the log books/batch documents/ Analytical sheets made on time and available?	Document shall be Contemporaneous
1.6	Is the information/ data available in original record or certified true copy?	Document shall be Original
1.7	Is any editing to errors performed in logbook/ document without documented amendment as per SOPs?	The document shall be Accurate
1.8	Are logbooks/ documents has reference of unique identification number as defined in SOPs?	All documents shall have a unique identification number (including the version number) and shall be checked, approved, signed and dated (as applicable)
1.9	Is there any blank formats (including SOP formats, Logbooks, note books, worksheets) found in area which is not issued by the quality unit?	All blank formats (including SOP formats, Logbooks, worksheets, laboratory notebooks) shall be controlled by the quality unit
1.10	Are logbooks/ documents has a reference of format no. as defined in SOPs?	Documents should be stored in a manner that ensures appropriate version control
1.11	Is a soft copy Master document accessible at computers?	Master copy (in soft copy) should be prevented from unauthorized or inadvertent changes
1.12	Are there any obsolete format/ SOP/ document available or in a computer?	Updated versions shall be distributed in a timely manner.
1.13	Is there any blank space left in the filled page of log book/ BPCR/ DRS etc.	Entry of 'NA' placed in blank space (if required) followed by sign/date.
1.14	Is there enough space provided in logbooks/ BPCR/ DRS etc. in which the manual activities are recorded should be ensured.	Documents should be Contemporaneous
1.15	Is 24 hr (HH:MM) time format being used in documents?	Time format should be HH:MM (24-hour format)

ALSO READ: SOP for Data Integrity

1.16	Are clocks/ timer designated in area easily accessible to note the timings by doer?	Clocks/ timer should be synchronized and easily accessible. Documents should be Contemporaneous.
1.17	Are clocks/ timer designated in area easily accessible to be changed/ modified by any person?	Clocks/ timer should not be easily accessible to be changed/ modified by user.
1.18	Is the correct unit of measurement is used while recording: temperature/ weight etc.?	Significant unit of measurement shall be used as per requirement.
1.19	Are critical activities signed by doer being checked by another person (wherever applicable)?	Doer and checker provision shall be in place for critical activities. Data should be Accurate and Original
1.20	Are print outs (e.g. autoclave, balance etc.) duly signed by doer and checker and have cross reference to the original / mother document?	Records shall be checked, and cross reference shall be available. Data should be Accurate
1.21	Are print outs which are on thermal paper being photocopied prior to attachment?	Thermal paper printouts shall be photocopied and dully signed. Data should be Legible
1.22	Are the procedures of document review available and followed?	Data review procedures describing review of relevant metadata should be available (as applicable)
1.23	Is archival of paper records not performed by QA in secure and controlled archives?	Archival of paper records by designated personnel in secure and controlled archives
1.24	Is the observation being recorded as visible in the display on the instrument/equipment screen/ PLC/HMI etc.?	Digits for data shall be visible from equipment/instrument display.
1.25	Are entries in logbooks sequential, reliable, complete and legible?	Entries should be sequential, reliable, complete and legible.
1.26	Is transcribed data verified against the raw data for correctness and accuracy?	The document should be original. If the transcribed cross reference of the mother document shall be mentioned.
1.27	Is there any unauthorized changes observed in the document?	Unauthorized changes should not be done in the documents
1.28	Is whitener/ opaque substance/ eraser / white tape or whiteouts etc. used in the document for correction?	Data should be Legible (No usage of opaque substance)
1.29	Are corrections not initially signed with a date and properly justified?	Corrections shall be justified with sign and date.
1.30	Is there any partial correction of the numerical value?	No partial correction of numerical value. Data should be Legible
1.31	Does a signature log for employees available?	The log should be available and maintained

ALSO READ: Importance of Electronic Records and Signatures in the Pharmaceuticals

2. Electronic Data:
2.1	Are individual Login IDs and unique passwords assigned to individuals?	Individual login ID should be assigned for the individual persons.
2.2	Is user creation, authorization list available for the system defining access levels?	List shall be available for individual equipment and access levels should be defined.
2.3	Does the Audit trail contain the following details, Name of the person who performed the activity Description of the activity Time and date of the activity Justification in case of any changes made	The audit trial should contain the attributes
2.4	Does electronic data saved at the time of the activity and before proceeding to the next step of the sequence of events?	Data shall be saved at the time of activity. Data should be Contemporaneous and Original
2.5	Is the audit trail secure and time- stamped that independently record operator actions?	Audit trail should be secured and time-stamped.
2.6	Is privileges given to any person to overwrite the original data?	Data should be Legible and access to overwrite the data should be prohibited
2.7	Are electronic records archived by any person in random manner?	Archival of electronic records by designated person in secure, controlled and reproducible electronic archives
2.8	Is there any provision available to change the time/date of the system by doer/ checker?	System should not allow changing the time and date.
2.9	Is the time/date of the system synchronized across the GXP operations?	Time/date of system should be synchronized
2.10	Does audit trail review in routine data review/ approval process?	Audit trial review procedure should be available.
2.11	Does relevant meta data review along with original electronic data?	Relevant meta data shall be reviewed with original data.
2.12	Is data review signified by electronically signing the electronic data & metadata?	As per approved procedure and system limitations as validated.
2.13	Is computer system validated and controls/ setting tested, locked and protected from unauthorized access?	Validation should be available.

ALSO READ: Contamination and Cross-Contamination in Pharmaceutical Manufacturing

2.14	Does the system validation documentation include established controls to ensure data integrity (data security- access roles/permissions, sequence of operations, enabling of relevant audit trail)?	Validation should be available.
2.15	Are the standards for the system’s password strength and complexity defined and documented within system documentation (requirements, and testing)?	Computer system validation document should be available with password complexity.
2.16	Is there a defined password expiration that is enforced by the system?	Password expiration should be enforced.
2.17	Is data retained in a non-editable format or PDF format etc.?	Approved procedure should be available for back-up and storage
2.18	Are back-up copies of original electronic records stored in another location as a safeguard in case of disaster?	Approved procedure should be available for back-up and storage
2.19	Are periodic tests performed to verify the ability to retrieve archived electronic data from storage locations?	Approved procedure should be available for back-up and storage review
2.20	Is archival copy compared with the original electronic data to confirm entire content and meaning of the original record?	Approved procedure for archival of data should be available.
2.21	Are time/date and done by/ checked by printed on records electronically?	Records should be available in form of time and date stamped records and signed.
2.22	Is authorization to verify data separate from doer?	Authorization to generate data shall be separate to authorization to verify data
2.23	Is restoring of Back up data/Archiving Data validated and regularly tested?	Computer system validation shall demonstrate.
2.24	Does a list of computerized system available?	The name, location and primary function of each computerized system should be available.
2.25	A list of currently approved users, specifying the users name and surname, and any specific usernames should be available.	List shall be available for individual equipment.
2.26	System administrators should be independent of users performing the task	preferably IT personnel
2.27	Can the general user switch off the audit trail?	The system should not allow changing the settings
3. Personnel Training:
3.1	Is a Training record for data integrity and cGMP available?	All personnel should be trained on the data integrity concept and cGMP
3.2	Is a Training record available for related SOPs as per the job assigned?	All personnel should be trained on related SOPs as per the job assigned

ALSO READ: Vendor Audit for Validation