DESIGO INSIGHT V2.35 Pharma solution SP1 System description



Similar documents
InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

LT Auditor Windows Assessment SP1 Installation & Configuration Guide

PPC S SMART PRACTICE AIDS

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

Course Syllabus. 2553A: Administering Microsoft SharePoint Portal Server Key Data. Audience. At Course Completion.

Snow Inventory. Installing and Evaluating

EISOO AnyBackup 5.1. Detailed Features

LobbyWorks VMS Configuration and Technical Requirement Survey

Prerequisites Guide. Version 4.0, Rev. 1

epblue GxP oftware manual Software version

Implementing and Managing Microsoft Server Virtualization

IHS USER SECURITY AUDIT

SOLAARsecurity. Administrator Software Manual Issue 2

Outline SSC Configuring and Troubleshooting Windows Server 2008 Active Directory

Declaration of Conformity 21 CFR Part 11 SIMATIC WinCC flexible 2007

Solution Brief: Creating Avid Project Archives

Backup and Recovery FAQs

Netwrix Auditor for Exchange

Advanced Event Viewer Manual

NETWRIX EVENT LOG MANAGER

Exchange Brick-level Backup and Restore

Setting up an MS SQL Server for IGSS

Implementing and Maintaining Microsoft SQL Server 2005 Reporting Services COURSE OVERVIEW AUDIENCE OUTLINE OBJECTIVES PREREQUISITES

Acronis Backup & Recovery 11

Setup and configuration for Intelicode. SQL Server Express

Project Server 2013 Inside Out Course 55034; 5 Days, Instructor-led

Vector Asset Management User Manual

intertrax Suite resource MGR Web

Frequently Asked Questions. Secure Log Manager. Last Update: 6/25/ Barfield Road Atlanta, GA Tel: Fax:

User Guide. SysMan Utilities. By Sysgem AG

Introduction. Editions

Novell Archive and Version Services Administration Guide

Symantec Backup Exec Blueprints

Introduction and Overview

DeltaV Logbooks. Benefits. Introduction. Minimize shift handover risk. Electronically document events, observations, and notes.

A Tutorial on SQL Server CMPT 354 Fall 2007

User Guide. Version 3.0

KEYWORDS InteractX, database, SQL Server, SQL Server Express, backup, maintenance.

Inmagic Content Server v9 Standard Configuration Technical Guidelines

How To Install The Exchange Idataagent On A Windows (Windows 7) (Windows 8) (Powerpoint) (For Windows 7) And Windows 7 (Windows) (Netware) (Operations) (X

Installation & Maintenance Guide

Implementing Microsoft SQL Server 2008 Exercise Guide. Database by Design

COMPLETE COMPUTING, INC.

Version 4.61 or Later. Copyright 2013 Interactive Financial Solutions, Inc. All Rights Reserved. ProviderPro Network Administration Guide.

Job Scheduler User Guide IGSS Version 11.0

UNICORN 6.4. Administration and Technical Manual

ilaw Installation Procedure

Implementing and Managing Microsoft Server Virtualization

Release Notes: NovaBACKUP 17.3

Netwrix Auditor for SQL Server

Business Process Desktop: Acronis backup & Recovery 11.5 Deployment Guide

Compliance Response Edition 07/2009. SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures. simatic wincc DOKUMENTATION

UNICORN 7.0. Administration and Technical Manual

Omniquad Exchange Archiving

Using SQL Reporting Services with Amicus

Getting to Know the SQL Server Management Studio

StruxureWare Power Monitoring In-Place Upgrade Guide SQL Server Standard Edition Only

High Availability Solution

NovaBACKUP xsp Version 12.2 Upgrade Guide

Course: Configuring and Troubleshooting Windows Server 2008 Active Direct-ory Domain Services

C p o y p r y i r g i h g t D t e a t i a lie l d

M6425a Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

MRI Commercial. MRI Residential. CRE Manager. Windows Version 4.0 Installation Guide

MTA Course: Windows Operating System Fundamentals Topic: Understand backup and recovery methods File name: 10753_WindowsOS_SA_6.

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Citrix EdgeSight for NetScaler Rapid Deployment Guide

Xcalibur Global Version 1.2 Installation Guide Document Version 3.0

Maintaining a Microsoft SQL Server 2008 Database

Course 50273B: Planning and Designing Microsoft Virtualization Solutions. Level: 300. About this Course

How To Manage Your On A Microsoft Powerbook 2.5 (For Microsoft) On A Macbook 2 (For A Mac) On An Iphone Or Ipad (For An Ipad) On Your Pc Or Macbook

Computer System Validation for Clinical Trials:

Microsoft SQL Database Administrator Certification

VERITAS Backup Exec TM 10.0 for Windows Servers

EVENT LOG MANAGEMENT...

ClockWork Enterprise 5

@ptitude Observer. Installation Manual. Part No Revision G

Course 50322B: Configuring and Administering Windows 7

Implementing Title 21 CFR Part 11 (Electronic Records ; Electronic Signatures) in Manufacturing Presented by: Steve Malyszko, P.E.

PSES/PSNCDM Installation and SQL Issues

How to Copy A SQL Database SQL Server Express (Making a History Company)

Course Syllabus. At Course Completion

Netwrix Auditor for SQL Server

Installation Instruction STATISTICA Enterprise Small Business

Administering a Microsoft SQL Server 2000 Database

LEARNING SOLUTIONS website milner.com/learning phone

Version 3. Installation Guide for SQL Server 2005 Express Edition. Copyright 2011 Teclink Development Ltd. All rights reserved.

RFMS, INC. Reference Library Documentation. Version 10 Conversion Manual. Microsoft SQL

SQL Server 2008 R2 Express Edition Installation Guide

Backup and Recovery in Laserfiche 8. White Paper

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Implementing and Managing Microsoft Desktop Virtualization en

Microsoft Enterprise Search for IT Professionals Course 10802A; 3 Days, Instructor-led

State of Michigan Data Exchange Gateway. Web-Interface Users Guide

4 Backing Up and Restoring System Software

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Transcription:

s DESIGO INSIGHT V2.35 Pharma solution SP1 System description CM110515en_02 21.05.2007 Building Technologies HVAC Products

Siemens Switzerland Ltd. Building Technologies Group International Headquarters Gubelstrasse 22 CH-6301 Zug Tel. +41 41-724 24 24 Fax +41 41-724 35 22 www.sbt.siemens.com 2/10 2007 Siemens Switzerland Ltd. Subject to change HVAC Products 21.05.2007

Table of contents 1 General description...4 1.1 Introduction...4 1.2 System topology...4 1.3 Prerequisites / System requirements...5 2 Traceability of all GxP critical data...6 2.1 Audit trail functionality...6 2.1.1 Special actions...6 2.1.2 Qualification testing...6 2.2 Searching and reporting within the audit trail or archived data...7 3 Security backup for databases...8 4 Data archiving over a given Data Retention Period...9 4.1.1 Special actions...9 HVAC Products Table of contents 21.05.2007 3/10

1 General description 1.1 Introduction Aim of this document This document describes the basic functionality of the DESIGO INSIGHT V2.35 Pharma Solution. It is intended for verification of the installed end product at the customer's facility. The solution described in this document provides the following functionality as add-ons to the basic functions of DESIGO INSIGHT V2.35 SP2. Traceability of all GxP-critical data Searching and reporting within the audit trail or archived data Security backup for databases Checksum secured archiving for a defined data retention period 1.2 System topology The diagram below depicts the recommended topology for the DESIGO INSIGHT V2.35 - Pharma Solution. Other variations of this topology are possible, but should be checked with the responsible country product manager and the HQ Pharma Center of Competence. Figure 1: Example of a network topology. The SQL server contains both the global DESIGO INSIGHT databases and the Pharma Solution modules for the audit trail, archiving and backup features. Each DESIGO INSIGHT workstation must be registered with the Pharma Solution audit trail. The Audit/Archive Viewer application can either be installed on a workstation or on the server. This topology is recommended for use with the InfoCenter Suite monitoring system. In which case, the Microsoft SQL Server 2000 would additionally contain the InfoCenter server with its databases. The InfoCenter client applications (Administrator and Report Manager) can then be installed on any DESIGO INSIGHT workstations. 4/10 HVAC Products General description 21.05.2007

The Audit Trail, Backup and Archiving modules of the DESIGO INSIGHT V2.35 Pharma Solution must be installed on the Microsoft SQL Server 2000 machine. The global databases for DESIGO INSIGHT must also be installed on this server. The combined use of DESIGO INSIGHT as a workstation and data server together with the Pharma Solution is not recommended for performance reasons. Warning! If DIPS and InfoCenter are to be installed together on the same Server, a second license for SQL is required even though InfoCenter includes an SQL license. The InfoCenter SQL license is limited for use only with InfoCenter and not for other software that requires SQL Server. 1.3 Prerequisites / System requirements The following prerequisites apply to the server for the DESIGO INSIGHT V2.35 global databases and to the Pharma Solution Audit Trail, Archiving and Backup modules. Microsoft Windows 2003 Server R2 (or higher) or Microsoft Windows 2000 Server SP4 (or higher) Microsoft SQL Server 2000 SP4 (or higher) Standard Edition. DESIGO INSIGHT V2.35 SP2 data server only running in Service mode All DESIGO INSIGHT management stations must meet the following requirements: DESIGO INSIGHT V2.35 SP2 running in Desktop mode All PCs where use of the Pharma Solution Archive Manager or Audit/Archive Viewer applications is required must meet the following requirements: Microsoft Windows 2000 Professional, Windows XP Professional, Windows Server 2000 family or Windows 2003 Server MDAC V2.8 or higher HVAC Products General description 21.05.2007 5/10

2 Traceability of all GxP critical data 2.1 Audit trail functionality A database level Audit Trail on GxP critical data prevents unauthorized attempts at modifiying data in the DESIGO INSIGHT V2.35 SP2 log, trend and system databases. The audit trail information is stored within its own database. Actions of certain «automated users» are excluded from the audit trail. Figure 2: Overview of Audit Trail architecture 2.1.1 Special actions Exclude Passwords Passwords are not GxP data, so they do not have to be included explicitly in the audit trail. If a password that is stored in a DI database field is added, updated or deleted, a placeholder is added to the «OldValue» or «NewValue» field in the Audit Trail database instead of the actual password. The placeholder values are: INSERT: [OldValue] = NULL, [NewValue] = [New UserPassword inserted] UPDATE: [OldValue] = [Existing UserPassword modified] [NewValue] = [Existing UserPassword modified] DELETE: [OldValue] = [Existing UserPassword deleted] [NewValue] = NULL 2.1.2 Qualification testing Rationale Rationale for testing auditing of INSERT, UPDATE, and DELETE, actions: The test plan for qualifying the correct auditing of INSERT, UPDATE, and DELETE actions is based on the following conditions and conclusion: 6/10 HVAC Products Traceability of all GxP critical data 21.05.2007

The correct installation of all new DB objects (databases, tables, triggers, etc.) is tested in the IQP. Thereby implying that all triggers necessary to audit INSERT, UPDATE, and DELETE actions on all GxP critical data are known to exist. A scripting utility based on a «standard-like» template automatically generates all defined scripts. This utility reads the actual database structure and then uses a template to generate the scripts, during which the triggers necessary for creating an audit trail are installed. The template is applied to each database field, and it implements the specified functionality. Conclusion Therefore, the qualification of the audit trail functionality for one table per database is sufficient. This statement is based on the fact that all triggers are generated on the basis of the same template for each database, and that the presence of all necessary triggers has been confirmed in the IQ (see IQP). Additionally, all references to actual database objects are guaranteed to be valid, since the resultant scripts are based on the actual database structure. 2.2 Searching and reporting within the audit trail or archived data With the Audit / Archive Viewer application it is possible to browse, search and filter data from within the Audit Trail database or any Pharma Solution XML archive file. The application can be used to generate printable audit reports. When viewing archived data, the MD5 checksum is verified and the results are also presented and included in the report. This application uses either the built-in windows authentication or the standard SQL user authentication to connect with and view the online audit trail database. Figure 3: The Audit /Archive Viewer application and an example audit trail report HVAC Products Traceability of all GxP critical data 21.05.2007 7/10

3 Security backup for databases The Pharma Solution software automatically creates two backup files for each of the audited DESIGO INSIGHT databases (audit, log, trend and system). The backup file names reflect the database name and whether it contains data or transaction log files. The two backup files for the Audit Trail database are: ISHTAUDIT_DBMedia ISHTAUDIT_LogMedia - Backup filename for the Audit Trail database s data. - Backup filename for the Audit Trail database s transaction log. The backup files for the other databases follow the same format, beginning with the short database name as displayed in the DESIGO INSIGHT Project Utility. The DESIGO INSIGHT V2.35 Pharma Solution backs up each transaction log file hourly. A snapshot (copy) of the data file is taken each day and added to the backup file. At the end of each week, these files are cleared and a full backup of each database is performed. Note that the backup data file will grow to at least six times its size at the beginning of the week before being cleared at week's end. In case of a serious system error, database data collected since the last backup can be rebuilt through the SQL Server using these files. Contact your local Siemens Building Technologies office in this situation. Warning! Recommendation: We strongly recommend configuring database backup locations on separate physical media, i.e. 2 nd HardDrive or a network location. Since the backup files are intended to enable recovery of data after a serious system or disk failure, it is important to periodically copy the backup files to offline media, such as tape. In order to set up effective offline system backups, you need to be aware of when these tasks are scheduled to run. You can find this detailed information in the installation guide CM110516_02. Additional site and project specific procedural controls might be required to manage database backup policies. These must be provided separately and do not form part of this product s deliverables. 8/10 HVAC Products Security backup for databases 21.05.2007

4 Data archiving over a given Data Retention Period The Audit Trail specified above is automatically archived according to the user configurable settings for archiving time and retention period. The archived data is available in a human readable form (XML). This open data format guarantees that the electronic data records will remain accessible during the entire retention period demanded by the industry often spanning decades. The validity of the data is verifiable by using an MD5 checksum. A status message for the archiving process is written to the audit trail database together with the path and filename of the archive file and its MD5 checksum. There is also a user interface that can be used to manually initiate archiving, if for example a maintenance week should be archived seperately. The XML archiving method can also be applied (optionally) to the DESIGO INSIGHT trends and system activity, offering an open, long term and verifiable alternative to the archiving provided within DESIGO INSIGHT. In this case, the archiving functionality provided by the DESIGO INSIGHT System Configurator must be disabled, because DIPS takes over this functionality. Figure 4: Archive Manager application showing a manual archive action 4.1.1 Special actions Exclude Passwords The fields; «PWEncryption», «PWSalt» and «PWEncryptionMd5» contained in various tables of the «ISHTSYS» database are not archived by the Archiving application. HVAC Products Data archiving over a given Data Retention Period 21.05.2007 9/10

Siemens Switzerland Ltd. Building Technologies Group International Headquarters Gubelstrasse 22 CH-6301 Zug Tel. +41 41-724 24 24 Fax +41 41-724 35 22 www.sbt.siemens.com 10/10 2007 Siemens Switzerland Ltd. Subject to change HVAC Products 21.05.2007