The purpose of this SOP to lay down a procedure for the working in network of HPLC system using Chromeleon software.
This SOP is applicable to work in active data source provided on server &all HPLC systems operated using Chromeleon software at Quality control laboratory of manufacturing facility of XXX
- IT Department:
- Responsible for ID creation, Modification & reallocation.
- Responsible for Backup & data restoration.
- Responsible to maintain the record related to ID creation, Modification & reallocation.
- Quality Control:
- Responsible to raise the request for ID creation, Modification & reallocation.
- Responsible to work on active data source provided on server.
- Ensure that the activities related to the ID creation of Chromeleon software are performed as specified in this document.
- Quality assurance:
- Head QA or designee is responsible for approval of ID creation, Modification & reallocation forms.
- Responsiblefor proper implementation.
- User management system
- The users and groups are design based on the data base policies. The policies are:
- Administrator access group and privileges: Administrator belongs to access of all groups.
- Client locking / Inactivity time out: Client station will lock if no user input receives from client for 5 minutes.
- Password restrictions: Minimum password length shall be of 06 characters with alphanumeric special character. Validity of password shall be 45 days.
- Account lock policy except administrator account: After input of wrong user password 03 times, it shall be locked.
- Account lock policy for administrator account: After input of wrong user password 05 times, it shall be locked.
- Five types of privilege groups shall be identified:
|Administrator : For administrative purpose|
|Reviewer : For monitoring of day to day activities|
|Analyst : For analyst having limited privileges as required|
|Service Engg : Only for maintenance and service purpose of instruments|
|QA : For QA review|
- DATA MANAGEMENT SYSTEM
- New data source shall be created every year with Name “CMDATA_YYYY” and shall be mounted on each of the PC at the starting of the year. Server database CMDATA_YYYY folder structure as below:
Where, YYYY represents as current year i.e. 2021.
- AUDITS: For audit trail for the instruments
- Instrument ID
- CALIBRATION: For calibration of instrument.
- Instrument ID Month (Like. JAN, FEB, MAR etc.)
- CM_QUALIFICATION: For qualification of the instrument.
- CM_OQ System ID CM_OQ_DDMMYYYY
- METHODS_AGILENT: For method of product. (Refer SOP No. QCXXX)
- METHODS_DIONEX: For method of product. (Refer SOP No. QCXXX)
- METHODS_SHIMADZU: For method of product. (Refer SOP No. QCXXX)
- PROGRAMME_AGILENT: For program of the product (Refer SOP No. QCXXX)
- PROGRAMME _DIONEX: For program of the product (Refer SOP No. QCXXX)
- PROGRAMME _SHIMADZU: For program of the product (Refer SOP No. QCXXX)
- REPORT: For Print Layouts
- SEQUENCES: For Sequences (Refer SOP No. QCXXX)
- Instrument ID Month (Like. JAN, FEB, MAR etc.)
- ACCESS ON DATA MANAGEMENT
- Access to the above data management is controlled by user access groups in user management system.
- The users created under user management system are classified in below access groups.
- No privilege group including Reviewer and administrator privilege group shall have the deletion rights.
- No abbreviated name is allowed, as there is possibility that two analysts can have same abbreviated name.
- CREATING AND EDITING USER
- The request form shall be raised by QC departments for “Chromeleon Software User ID Creation, Disable, Lock & Unlock user ID and Updation/Modification of User Privileges” & shall be submitted to IT department after signing of QC Head and QA Head or respective designee
- The user ID shall be created by IT personnel after approval from QC Head and QA Head or respective designee.
- First, do double click on the “CmUser” icon on one of the client PC or Server.
- Enter the user ID and password for login in “CmUser”.
- After successful login “CmUser” screen will display.
- Click on “New” icon, click on “User data” and enter the User ID and User Name (to create a clone, select the user name from the drop down list).
- Click on “Logon Password” then tick mark on “Logon Password expires” to 45days. Enter the default user password as “12345678” then tick mark on “user and change logon password on next login”.
- Click on “Logon failure” then tick mark on “Limit logon retries”. The maximum 03 logon attempt are allowedfor all user group except administrator group & for administrator group 05 logon attempt are allowed. After reaching limit of 03 attempt user account except administrator account will get lock & screen will display “Lock Account”. After reaching limit of 05 attempt administrator account will get lock & screen will display “Lock Account”
- For user creation, click “OK”. Check the privilege and access group of the user.
- The new user shall open his / her account on any of the PC by typing his / her user ID and the default password as “12345678” in the first entry, the window shall prompt for change in password where the user shall type his / her password. The same needs shall be confirm by re-typing the password. On completion, this becomes his / her password on every login thereon.
Note: Password of the user shall expire every 45 days. In such cases, the user shall reenter a new password and confirm the same.
- To modify the user privileges, click on “Edit user” and follow the steps 4.4.3 to 4.4.5 & modify the privilege and access group of the user.
- To deactivate the account of user, tick mark on “Account locked” in logon failure.
- To activate the account of user (in case of the account is locked), remove the tick mark on “Account locked” in logon failure, default reset password as “12345678” in the first entry, the window shall prompt for change in password where the user shall type his / her password. The same needs shall be confirm by re-typing the password. On completion, this becomes his / her password on every login thereon.
- POLICIES ON ADMINISTRATOR
- Administrator from QA shall be in operation.
- In case the administrator changes, the following procedure shall be adopted:
- The IT personnel shall create the new administrator in presence of QA Head
- The IT personnel shall deactivate the relieving administrator in the presence of QA head.
- The only privilege that administrator does not have is deletion of data.
- POLICIES ON USERS
- User account shall be created / edited only by the IT personnel after approval from QC Head and QA Head or respective Designee.
- Only qualified HPLC operators shall operate on the network.
- The privilege of individual user can be changed as and when required by the IT personnel after approval from QC Head and QA Head or respective designee.
- On periodic review, the inactive user shall be locked by the IT Personnel after approval from QC Head and QA Heador respective Designee.
- POLICIES ON DATA MANAGEMENT
- The reviewer shall lock the sequences after the review of data.
- The locked sequences shall be unlocked as and when required. After approval of QA Head.
- Audit trail from the local PC to the server (i.e.AUDIT folder on the CM datasource) shall be done frequently by the authorized IT personnel.
- GENERAL POLICIES
- The server shall be rebooted as and when required by the authorized IT personnel to ensure optimal performance of the server.
- Any maintenance carried out shall be done with prior intimation to administrator and risk involved shall be evaluated.
- Backup of the data (e.g., event logs, audit trails, sequence) from the network shall be done only by IT administrator as per SOP ITXXX.For this, a portable hard drive or software shall be used. No other drives (e.g., floppy drive, USB drive etc.) shall be used.
- All incidents pertaining to network / server shall be documented. Appropriate action for the incidents, if required, shall be taken in consultation with IT / QA.
- Change control shall be raised in the following cases.
- Addition / deletion of PC.
- Any major modification in the server / network.
- Any up-gradation of software.
- Relocation of server.
- Relocation of PC.
- PRIVILEGE GROUP
- Privileges shall be assigned to each user group as follows:
- Privileges of CM-SERVER CONTROL
|Server Configuration||Modify Configuration|
|Control Panels||Create PAN|
|Edit Script Button|
|Program Files||Create PGM|
|Audit Trails||Copy Audit Trail|
|Move Audit Trail|
|Delete Audit Trail|
|Rename Audit Trail|
|Online Control||Monitor Time Base|
|Control Time Base|
|Take Over Control|
|Control Foreign Batch|
|Control During Batch|
|Predictive Performance||Change Performance Limit|
|Change Qualification Interval|
|Mount Dismount DS|
|Modify History Mode|
|Modify History Comment|
|Modify Protection Mode|
|RenameSEQ with RawData|
|Sign Privileges||Submit Results|
|Undo Submit Results|
|Undo Review Results|
|Modify Sign Requirements|
|Privileges only used by Chromeleon 6.20 and below||Sign Results|
|Undo Sign Results|
|Report Definition Files||CreateRDF|
|Save RDF As Excel file|
- Chromeleon CMUSER software system create default standard privileges group.
Trainer: Head – Information Technology
Trainee: Staff of QA, QC &I.T.
Controlled Copy 1 : Head of Department – Quality Assurance
Controlled Copy 2 : Head of Department – Information Technology
Controlled Copy 3 : Head of Department – Quality Control
Original Copy: Quality Assurance
Annexure I: Chromeleon Software User ID creation, lock& unlock user ID and updation of user privileges.
- REVISION HISTORY CARD: