SOP For the working in network of HPLC system using Chromeleon software

1. OBJECTIVE:

The purpose of this SOP to lay down a procedure for the working in network of HPLC system using Chromeleon software.

2. SCOPE:

This SOP is applicable to work in active data source provided on server &all HPLC systems operated using Chromeleon software at Quality control laboratory of manufacturing facility of XXX

3. RESPONSIBILITY:

1. IT Department:

• Responsible for ID creation, Modification & reallocation.
• Responsible for Backup & data restoration.
• Responsible to maintain the record related to ID creation, Modification & reallocation. 

3. Quality Control:

• Responsible to raise the request for ID creation, Modification & reallocation.
• Responsible to work on active data source provided on server.
• Ensure that the activities related to the ID creation of Chromeleon software are performed as specified in this document.

3. Quality assurance:

• Head QA or designee is responsible for approval of ID creation, Modification & reallocation forms.
• Responsiblefor proper implementation.

4. PROCEDURE:

1. User management system
   1. The users and groups are design based on the data base policies. The policies are:

1. Administrator access group and privileges: Administrator belongs to access of all groups.
2. Client locking / Inactivity time out: Client station will lock if no user input receives from client for 5 minutes.
3. Password restrictions: Minimum password length shall be of 06 characters with alphanumeric special character. Validity of password shall be 45 days.
4. Account lock policy except administrator account: After input of wrong user password 03 times, it shall be locked.
5. Account lock policy for administrator account: After input of wrong user password 05 times, it shall be locked.
   1. Five types of privilege groups shall be identified:

Administrator  : For administrative purpose

Reviewer : For monitoring of day to day activities

Analyst      : For analyst having limited privileges as required

Service Engg : Only for maintenance and service purpose of instruments

QA             : For QA review

1. DATA MANAGEMENT SYSTEM 
   1. New data source shall be created every year with Name “CMDATA_YYYY” and shall be mounted on each of the PC at the starting of the year. Server database CMDATA_YYYY folder structure as below:

Where, YYYY represents as current year i.e. 2021.

0. CMDATA_YYYY
   1. AUDITS: For audit trail for the instruments

• Instrument ID

0. CALIBRATION: For calibration of instrument.

• Instrument ID Month (Like. JAN, FEB, MAR etc.)

0. CM_QUALIFICATION: For qualification of the instrument.

• CM_OQ  System ID  CM_OQ_DDMMYYYY

0. METHODS_AGILENT: For method of product. (Refer SOP No. QCXXX)

• FP
• GC
• GLP
• RM

0. METHODS_DIONEX: For method of product. (Refer SOP No. QCXXX)

• FP
• GLP
• RM

0. METHODS_SHIMADZU: For method of product. (Refer SOP No. QCXXX)

• FP
• GLP
• RM

0. PROGRAMME_AGILENT: For program of the product (Refer SOP No. QCXXX)

• FP
• GC
• GLP
• RM

0. PROGRAMME _DIONEX: For program of the product (Refer SOP No. QCXXX)

• FP
• GLP
• RM

0. PROGRAMME _SHIMADZU: For program of the product (Refer SOP No. QCXXX)

• FP
• GLP
• RM

0. REPORT: For Print Layouts

• CALIBRATION
• ROUTINE

0. SEQUENCES: For Sequences (Refer SOP No. QCXXX)

• Instrument ID Month (Like. JAN, FEB, MAR etc.)

0. ACCESS ON DATA MANAGEMENT
   1. Access to the above data management is controlled by user access groups in user management system.
   2. The users created under user management system are classified in below access groups.
      1. No privilege group including Reviewer and administrator privilege group shall have the deletion rights.
      2. No abbreviated name is allowed, as there is possibility that two analysts can have same abbreviated name.

0. CREATING AND EDITING USER
   1. The request form shall be raised by QC departments for “Chromeleon Software User ID Creation, Disable, Lock & Unlock user ID and Updation/Modification of User Privileges” & shall be submitted to IT department after signing of QC Head and QA Head or respective designee
   2. The user ID shall be created by IT personnel after approval from QC Head and QA Head or respective designee.
   3. First, do double click on the “CmUser” icon on one of the client PC or Server.
   4. Enter the user ID and password for login in “CmUser”.
   5. After successful login “CmUser” screen will display.
   6. Click on “New” icon, click on “User data” and enter the User ID and User Name (to create a clone, select the user name from the drop down list).
   7. Click on “Logon Password” then tick mark on “Logon Password expires” to 45days. Enter the default user password as “12345678” then tick mark on “user and change logon password on next login”.
   8. Click on “Logon failure” then tick mark on “Limit logon retries”. The maximum 03 logon attempt are allowedfor all user group except administrator group & for administrator group 05 logon attempt are allowed.  After reaching limit of 03 attempt user account except administrator account will get lock & screen will display “Lock Account”. After reaching limit of 05 attempt administrator account will get lock & screen will display “Lock Account”
   9. For user creation, click “OK”. Check the privilege and access group of the user.
   10. The new user shall open his / her account on any of the PC by typing his / her user ID and the default password as “12345678” in the first entry, the window shall prompt for change in password where the user shall type his / her password. The same needs shall be confirm by re-typing the password. On completion, this becomes his / her password on every login thereon.

Note: Password of the user shall expire every 45 days. In such cases, the user shall reenter a new password and confirm the same.

0. To modify the user privileges, click on “Edit user” and follow the steps 4.4.3 to 4.4.5 & modify the privilege and access group of the user.
1. To deactivate the account of user, tick mark on “Account locked” in logon failure.
2. To activate the account of user (in case of the account is locked), remove the tick mark on “Account locked” in logon failure, default reset password as “12345678” in the first entry, the window shall prompt for change in password where the user shall type his / her password. The same needs shall be confirm by re-typing the password. On completion, this becomes his / her password on every login thereon.
3. POLICIES ON ADMINISTRATOR
   11. Administrator from QA shall be in operation.
   12. In case the administrator changes, the following procedure shall be adopted:
   13. The IT personnel shall create the new administrator in presence of QA Head
   14. The IT personnel shall deactivate the relieving administrator in the presence of QA head.
   15. The only privilege that administrator does not have is deletion of data.
4. POLICIES ON USERS
   11. User account shall be created / edited only by the IT personnel after approval from QC Head and QA Head or respective Designee.
   12. Only qualified HPLC operators shall operate on the network.
   13. The privilege of individual user can be changed as and when required by the IT personnel after approval from QC Head and QA Head or respective designee.
   14. On periodic review, the inactive user shall be locked by the IT Personnel after approval from QC Head and QA Heador respective Designee.
5. POLICIES ON DATA MANAGEMENT
   11. The reviewer shall lock the sequences after the review of data.
   12. The locked sequences shall be unlocked as and when required. After approval of QA Head.
   13. Audit trail from the local PC to the server (i.e.AUDIT folder on the CM datasource) shall be done frequently by the authorized IT personnel.
6. GENERAL POLICIES
   11. The server shall be rebooted as and when required by the authorized IT personnel to ensure optimal   performance of the server.
   12. Any maintenance carried out shall be done with prior intimation to administrator and risk involved shall be evaluated.
   13. Backup of the data (e.g., event logs, audit trails, sequence) from the network shall be done only by IT administrator as per SOP ITXXX.For this, a portable hard drive or software shall be used. No other drives (e.g., floppy drive, USB drive etc.) shall be used.
   14. All incidents pertaining to network / server shall be documented. Appropriate action for the incidents, if required, shall be taken in consultation with IT / QA.
   15. Change control shall be raised in the following cases.

• Addition / deletion of PC.
• Any major modification in the server / network.
• Any up-gradation of software.
• Relocation of server.
• Relocation of PC.

0. PRIVILEGE GROUP 
   1. Privileges shall be assigned to each user group as follows:
   2. Privileges of CM-SERVER CONTROL 

Privilege Categories	Privileges
		ANALYST	Reviewer	QA	Service Egg	Administer
CM-SERVER CONTROL
Server Configuration	Modify Configuration
Control Panels	Create PAN
Delete PAN
Modify PAN
Copy PAN
Move PAN
Edit Script Button
Program Files	Create PGM
Delete PGM
Modify PGM
Copy PGM
Move PGM
Audit Trails	Copy Audit Trail
Move Audit Trail
Delete Audit Trail
Rename Audit Trail
Online Control	Monitor Time Base
Control Time Base
Take Over Control
Run Batch
Acquire Data
Manual Injection
Control Foreign Batch
Control During Batch
Predictive Performance	Change Performance Limit
Change Qualification Interval
Override Qualification
Approve Qualification
DATA SOURCE
Basics	Create DS
Mount Dismount DS
Rename DS
Customize DS
Modify History Mode
Modify History Comment
Modify Protection Mode
Modify DSAvailability
Directories	CreateDIR
DeleteDIR
RenameDIR
CopyDIR
MoveDIR
LockDIR
UnlockDIR
ModifyAccessGroup DIR
Queries	CreateQRY
DeleteQRY
ModifyQRY
CopyQRY
MoveQRY
ExecuteQRY
SEQUENCE
Sequences	CreateSEQ
CreateSEQ_ViaWizard
CreateSEQ_ViaWorklist
ModifySEQ
RenameSEQ
RenameSEQ with RawData
CopySEQ
MoveSEQ
DeleteSEQ
DeleteSignedSEQ
DeleteLockedSEQ
LockSEQ
UnlockSEQ
CustomizeColLayoutSEQ
Samples	CopySamples
InsertNewSamples
AppendNewSamples
ModifyFinishedSamples
ModifyFinishedStatus
DeleteFinishedSamples
DeleteRawData
SIGNATURE
Sign Privileges	Submit Results
Review Results
Approve Results
Undo Submit Results
Undo Review Results
Modify Sign Requirements
Privileges only used by Chromeleon 6.20 and below	Sign Results
Undo Sign Results
Signed Results	Delete SOR
Rename SOR
Copy SOR
Move SOR
DATA REDUCTION
QNT Methods	CreateQNT
DeleteQNT
ModifyQNT
CopyQNT
MoveQNT
ManipulatePeaks
DeletePeakManipulations
CustomizeColLayout QNT
Spectra Libraries	CreateLIB
DeleteLIB
ModifyLIB
CopyLIB
MoveLIB
AddLibSpectra
DeleteLibSpectra
REPORTING
Report Definition Files	CreateRDF
DeleteRDF
ModifyRDF
CopyRDF
MoveRDF
AllowPlotPropertyChanges
PrintExportUnsavedData
Save RDF As Excel file
Batch	RunPrintBatch
RunExportBatch
MISCELLANEOUS
Workspaces	CreateWSP
DeleteWSP
ModifyWSP
CopyWSP
MoveWSP
Archive	Restore
Backup
ImportPeakNetData
ImportAIA
ImportChemStationData

• Chromeleon CMUSER software system create default standard privileges group.

5. TRAINING:

Trainer:   Head – Information Technology 

Trainee:   Staff of QA, QC &I.T.

6. DISTRIBUTION:

Controlled Copy 1 :  Head of Department – Quality Assurance

Controlled Copy 2 :  Head of Department – Information Technology 

Controlled Copy 3 :  Head of Department – Quality Control

Original Copy:   Quality Assurance

7. ANNEXURE(S):

Annexure I: Chromeleon Software User ID creation, lock& unlock user ID and updation of user privileges.

8. REFERENCE(S)

Nil 

9. REVISION HISTORY CARD: