Audit Checklist for Data Integrity Page No.

: 1 of 8 CONTROLLED COPY STAMP HERE

Audit Checklist for Data Integrity

Auditing Department: ________________ Date of Audit: __________________
Name of Auditor(s) Department Signature & Date
1
2
3
Sr.
Assessment Question Guidance Observation Remark
No.
1. Documentation & Record:
1.1 Is the logbook/ records paginated All the activity shall be recorded in
and issued by QA? the
paginated logbooks and issued by QA
1.2 Is doer of the activity recording the The documents shall be Attributable
observation / parameter with sign to the person generating the data
/date and time (as applicable)?
1.3 Are the data entries being performed Document shall be Legible and
with indelible ink (with color of ink permanent.
as defined in SOP) and readable?
1.4 Is any scribe used for making data Should only take place where the act
entries? of recording places the product or
activity at risk and mentioned in
SOPs.
1.5 Are the required entries in the log Document shall be Contemporaneous
books/batch documents/ Analytical
sheets made on time and available?
1.6 Is the information/ data available in Document shall be Original
original record or certified true
copy?
Audit Checklist for Data Integrity Page No.: 2 of 8 CONTROLLED COPY STAMP HERE

1.7 Is any editing to errors performed in The document shall be Accurate

logbook/ document without
documented amendment as per
SOPs?
1.8 Are logbooks/ documents has All documents shall have a unique
reference of unique identification identification number (including the
number as defined in SOPs? version number) and shall be
checked, approved, signed and dated
(as applicable)
1.9 Is there any blank formats (including All blank formats (including SOP
SOP formats, Logbooks, note books, formats, Logbooks, worksheets,
worksheets) found in area which is laboratory notebooks) shall be
not issued by the quality unit? controlled by the quality unit
1.10 Are logbooks/ documents has Documents should be stored in a
reference of format no. as defined in manner which ensures appropriate
SOPs? version control
1.11 Is soft copy Master document is Master copy (in soft copy) should be
accessible at prevented from unauthorized or
computers? inadvertent changes
1.12 Are there any obsolete format/ SOP/ Updated versions shall be distributed
document available or in computer? in a timely manner.
1.13 Is there any blank space left in filled Entry of 'NA' placed in blank space
page of (if required) followed by sign / date.
log book/ BPCR/ DRS etc.
1.14 Is there enough space provided in Documents should be
logbooks/ BPCR/ DRS etc. in which Contemporaneous
the manual activities are recorded
should be ensured.
1.15 Is 24 hr (HH:MM) time format Time format should be HH:MM (24
being used in documents? hour format)
Audit Checklist for Data Integrity
1.16 Are clocks/ timer designated in area
easily accessible to note the timings
by doer?
1.17 Are clocks/ timer designated in area
easily accessible to be changed/
modified by any person?
1.18 Is the correct unit of measurement is
used while recording: temperature/
weight etc.?
1.19 Are critical activities signed by doer
being checked by another person
(wherever applicable)?
1.20 Are print outs (e.g. autoclave,
balance etc.) duly signed by doer
and checker and have cross
reference to the original / mother
document?
1.21 Are print outs which are on thermal
paper being photocopied prior to
attachment?
1.22 Are the procedures of document
review available and followed?
1.23 Is archival of paper records not
performed by QA in secure and
controlled archives?
1.24 Is the observation being recorded as
visible in the display on
instrument/equipment screen/
PLC/HMI etc.?
Page No.: 3 of 8 CONTROLLED COPY STAMP HERE
Clocks/ timer should be synchronized
and easily accessible. Documents
should be Contemporaneous.
Clocks/ timer should not be easily
accessible to be changed/ modified
by user.
Significant unit of measurement shall
be used as per requirement.
Doer and checker provision shall be
in place for critical activities. Data
should be Accurate and Original
Records shall be checked, and cross
reference shall be available. Data
should be Accurate
Thermal paper printouts shall be
photocopied and dully signed. Data
should be Legible
Data review procedures describing
review of relevant metadata should
be available (as applicable)
Archival of paper records by
designated
personnel in secure and controlled
archives
Digits for data shall be visible from
equipment/instrument display.
Audit Checklist for Data Integrity
1.25 Are entries in logbooks sequential,
reliable,
complete and legible?
1.26 Is transcribed data verified against
the raw
data for correctness and accuracy?
1.27 Is there any unauthorized changes
observed in the document?
1.28 Is whitener/ opaque substance/
eraser / white tape or whiteouts etc.
used in document for correction?
1.29 Are corrections not initially signed
with date
and properly justified?
1.30 Is there any partial correction of
numerical value?
1.31 Does signature log for employees
available?
2. Electronic Data:
2.1 Are individual Login ID and unique
password assigned to individual?
2.2 Is user creation, authorization list
available for the system defining
access levels?
2.3 Does Audit trail contain following
details,
- Name of the person who
performed the activity
- Description of the activity
- Time and date of the activity
- Justification in case of any
changes made
Page No.: 4 of 8 CONTROLLED COPY STAMP HERE
Entries should be sequential, reliable,
complete and legible.
Document should be original. If
transcribed cross reference of mother
document shall be mentioned.
Unauthorized changes should not be
done in the documents
Data should be Legible
(No usage of opaque substance)
Corrections shall be justified with
sign and date.
No partial correction of numerical
value. Data should be Legible
Log should be available and
maintained
Individual login ID should be
assigned for individual person.
List shall be available for individual
equipment and access levels should
be defined.
Audit trial should contain the
attributes
Audit Checklist for Data Integrity
2.4 Does electronic data saved at the
time of the activity and before
proceeding to the next step of the
sequence of events?
2.5 Is the audit trail secure and time-
stamped that independently record
operator actions?
2.6 Is privileges given to any person to
overwrite the original data?
2.7 Are electronic records archived by
any person in random manner?
2.8 Is there any provision available to
change time/date of system by doer/
checker?
2.9 Is time/date of system synchronized
across the GXP operations?
2.10 Does audit trail reviewed in routine
data review/ approval process?
2.11 Does relevant meta data reviewed
along with original electronic data?
2.12 Is data review signified by
electronically
signing the electronic data &
metadata?
2.13 Is computer system validated and
controls/ setting tested, locked and
protected from unauthorized access?
2.14 Does the system validation
documentation include established
controls to ensure data integrity
Page No.: 5 of 8 CONTROLLED COPY STAMP HERE
Data shall be saved at the time of
activity. Data should be
Contemporaneous and Original
Audit trail should be secured and
time-stamped.
Data should be Legible and access to
overwrite the data should be
prohibited
Archival of electronic records by
designated
person in secure, controlled and
reproducible electronic archives
System should not allow to change
the time and date.
Time/date of system should be
synchronized
Audit trial review procedure should
be available.
Relevant meta data shall be reviewed
with original data.
As per approved procedure and
system limitations as validated.
Validation should be available.
Validation should be available.
Audit Checklist for Data Integrity
(data security- access
roles/permissions, sequence of
operations, enabling of relevant
audit trail)?
2.15 Are the standards for the system’s
password strength and complexity
defined and documented within
system documentation
(requirements, and testing)?
2.16 Is there a defined password
expiration that is enforced by the
system?
2.17 Is data retained in a non-editable
format or PDF format etc.?
2.18 Are back-up copies of original
electronic records stored in another
location as a safeguard in case of
disaster?
2.19 Are periodic tests performed to
verify the ability to retrieve archived
electronic data from storage
locations?
2.20 Is archival copy compared with the
original electronic data to confirm
entire content and meaning of the
original record?
2.21 Are time/date and done by/ checked
by printed on records electronically?
2.22 Is authorization to verify data
separate from
doer?
Page No.: 6 of 8 CONTROLLED COPY STAMP HERE
Computer system validation
document should be available with
password complexity.
Password expiration should be
enforced.
Approved procedure should be
available for back-up and storage
Approved procedure should be
available for back-up and storage
Approved procedure should be
available for back-up and storage
review
Approved procedure for archival of
data should be available.
Records should be available in form
of time and date stamped records and
signed.
Authorization to generate data shall
be separate to authorization to verify
data
Audit Checklist for Data Integrity Page No.: 7 of 8 CONTROLLED COPY STAMP HERE

2.23 Is restoring of Back up Computer system validation shall

data/Archiving Data validated and demonstrate.
regularly tested?
2.24 Does a list of computerized system The name, location and primary
available? function of
each computerized system should be
available.
2.25 A list of currently approved users, List shall be available for individual
specifying the users name and equipment.
surname, and any specific
usernames should be available.
2.26 System administrators should be preferably IT personnel
independent from users performing
the task
2.27 Can general user switch off the audit System should not allow to change
trail? the settings

3. Personnel Training:
3.1 Is Training record for data integrity All personnel should be trained on
and cGMP available? data integrity concept and cGMP
3.2 Is Training record available for All personnel should be trained on
related SOPs related SOPs as per job assigned
as per job assigned?