Front cover -- Contents -- Notices -- Trademarks -- Preface -- Assumptions and other key points to consider -- The team that wrote this redbook -- Become a published author -- Comments welcome -- Qualification Plan -- Document approval -- Change history -- Part 1 Qualification Plan information -- Chapter 1. Introduction -- 1.1 Scope -- 1.2 Structure of the Qualification Package -- 1.3 Acceptance criteria -- 1.4 Roles and responsibilities -- 1.4.1 Management roles -- 1.4.2 Qualification and project team roles -- Chapter 2. Infrastructure description -- 2.1 Technical design documents -- 2.2 Infrastructure identification/Inventory list -- 2.3 Equipment Environmental requirements -- 2.4 Infrastructure (equipment) functional description -- Chapter 3. Installation qualification preparation -- 3.1 Validation team training -- 3.1.1 General Regulatory Training/21CFR11 basics -- 3.1.2 Good Documentation Practices training -- 3.1.3 Qualification Plan/Protocol training -- 3.1.4 Testing Procedures training -- 3.2 Validation Team training/Qualifications Records -- 3.3 Signature Log -- 3.4 Installation manuals and procedures -- Chapter 4. Risk assessment -- 4.1 Risk identification -- 4.2 Risk mitigation -- 4.3 Applying risk to the testing protocol -- Chapter 5. Testing protocol -- 5.1 Protocol contents -- 5.2 Roles and responsibilities -- 5.3 Infrastructure installation/Configuration verification -- 5.4 Environmental conditions verification -- 5.5 Documentation verification -- 5.6 Infrastructure functions verification -- 5.7 Trace Matrix -- 5.8 Test script preparation, approval, and changes -- 5.9 Test execution -- 5.10 Test testing protocol and Qualification Plan deviations -- 5.11 Test Report -- Chapter 6. Equipment operations and support procedures -- 6.1 Physical security -- 6.2 Change control/Configuration management -- 6.3 Backup and restore.

6.4 Infrastructure monitoring -- 6.5 Periodic/Preventative maintenance -- 6.6 Resolution -- 6.7 Disaster Recovery Plan/Continuity Plan -- 6.8 Training management/records -- 6.9 Document management -- 6.10 Periodic review/internal audit -- Chapter 7. Operations team training -- 7.1 Training requirements and initial operator training -- 7.2 Training records -- Chapter 8. Regulatory inspection preparation -- 8.1 Regulatory inspection procedures -- 8.2 Regulation, guidance, and standards cross-references -- Chapter 9. Qualification Report and infrastructure acceptance -- 9.1 Infrastructure Final Report and approvals -- 9.2 Follow-up item tracking -- 9.3 System and documentation turnover -- Part 2 Procedure and protocol appendixes -- Appendix A. Document master list: Roles and Responsibilities Matrix -- Roles and Responsibilities Matrix approvals -- Appendix B. Infrastructure identification -- Infrastructure Identification Test Script -- Cabling Test Script -- Appendix C. Infrastructure environmental requirements -- Environmental Conditions Test Script -- Power Supply UPS Test Script -- Physical Security Test Script -- Appendix D. Infrastructure functional description -- Logical Partition Installation Test Script -- Logical Partition Diagnostic Function Test Script -- Error Reporting Function Test Script -- LTO Library Connectivity Test Script -- ESS Network Connectivity Test Script -- High Availability Cluster Multi-Processing Function Test Script -- Network Connectivity Test Script -- IBM Service Agent Test Script -- Service Action Event Log Test Script -- Processor De-allocation Test Script -- LPAR Feature Set Test Script -- Service Focal Point Test Script -- Network Time Protocol Test Script -- Fail-over Test Script -- SANPilot Test Script -- Disk Storage Array Hot-swap Test Script -- Barcode Reader Test Script -- LTO Auto-clean Test Script.

ESS Web Administration Test Script -- SDD Redundancy Test Script -- SDD Installation Test Script -- Sysback/6000 Test Script -- TSM Service Manager Test Script -- Logical Security Test Script -- Appendix E. Installation Team Training/Qualifications Matrix -- Qualifications/Training Matrix -- Appendix F. General regulatory and 21CFR11 training -- Training course goals -- Training course contents and approach -- Topic 1: General quality system and regulatory training -- 21 CFR 11 training (electronic records and electronic signatures) -- Appendix G. Good Documentation Practices -- Detailed explanations of Good Documentation Practices (GDP) -- Entries or signatures must always be clear and legible -- Entry-makers must sign their recordings -- Signatures must be authentic -- Entries or signatures must be made in ink -- Each original data entry or signature cannot be removed -- Corrections require a replacement entry that does not obscure the original -- Correction entries require a signature, date, and reason -- Voided entries or documents must be identified and retained -- An entry or a signature must be labeled as to what it represents -- Recopied data must have its source identified, attached, or both -- Date and times must be unambiguous -- Blank fields must be "N/A" unless obvious -- Entries are made, signed, and dated immediately, not ex post facto -- Document attachments must be positively linked to their point-of-origination -- Document attachments must be labeled and paginated -- Work organizers and work aids -- Document workflows and records retention -- Appendix H. Training/qualifications record -- Appendix I. Resume equivalent for training and qualifications record -- Training and Qualifications Test Script -- Appendix J. Signature log -- Appendix K. Infrastructure installation and operating manuals.

Document and Manual Verification Test Script -- Appendix L. Risk assessment and mitigation plan -- Risk Assessment Document -- Appendix M. Testing protocol -- Purpose -- Scope -- Responsibilities -- Prerequisites -- Technical design document -- Training -- Infrastructure preparation -- Infrastructure access authority and security -- Test cases/scripts -- Testing procedures -- Infrastructure manuals -- Acceptance criteria -- Test Report -- References -- Appendix N. Trace Matrix -- Appendix O. Test execution procedure -- Purpose -- Scope -- Roles and responsibilities -- Prerequisites -- Protocol and test cases/Scripts approved -- Testing assignments -- Training -- Equipment, database, and dataset or datasets preparation -- Instructions: Test Manager -- Test assignments and log -- Deviations management -- Test case/Script review -- Instructions: Tester -- Test case/Script execution -- Variable input data values -- Screen prints and reports -- Test discrepancies -- Test review and signature -- Test Assignment Log -- Appendix P. Deviations procedure -- Purpose -- Scope -- Roles and responsibilities -- Instructions: Tester -- Deviation request -- Deviation documentation -- Deviation package delivery -- Retesting -- Instructions: Technical Staff -- Deviation investigation -- Deviation resolution documentation -- Retesting requirements -- Deviation package -- Instructions: Test Manager -- Deviation identification -- Deviation logging and tracking -- Deviation investigation and resolution -- Deviations with change and retesting -- Deviation review and closure -- Non-testing deviations -- Deviation Report -- Deviations log -- Appendix Q. Validation reports procedure -- Purpose -- Scope -- Roles and responsibilities -- Instructions: Report Preparer -- Report preparation -- Documentation -- Instructions: Quality Representative -- Report Quality Review.

Report approval -- Appendix R. Infrastructure procedures verification checklist -- Procedure Verification Checklist Test Script -- Appendix S. Regulation, guidance, and standards cross references -- Regulations, guidance, and standards to IBM Installation Qualification requirements -- Part 3 FDA 21 CFR Part 11 and guidance -- Appendix T. FDA 21 CFR Part 11 Preamble -- I. Background -- II. Highlights of the Final Rule -- III. Comments on the Proposed Rule -- A. General Comments -- B. Regulations Versus Guidelines -- C. Flexibility and Specificity -- D. Controls for Electronic Systems Compared with Paper Systems -- E. FDA Certification of Electronic Signature Systems -- F. Biometric Electronic Signatures -- G. Personnel Integrity -- H. Security of Industry Electronic Records Submitted to FDA -- I. Effective Date/Grandfathering -- J. Comments by Electronic Mail and Electronic Distribution of FDA Documents -- K. Submissions by Facsimile (Fax) -- L. Blood Bank Issues -- M. Regulatory Flexibility Analysis -- N. Terminology -- O. General Comments Regarding Prescription Drug Marketing Act of 1987 (PDMA) -- P. Comments on the Unique Nature of Passwords -- IV. Scope (Sec. 11.1) -- V. Implementation (Sec. 11.2) -- VI. Definitions (Sec. 11.3) -- VII. Electronic Records--Controls for Closed Systems (Sec. 11.10) -- VIII. Electronic Records--Controls for Open Systems (Sec. 11.30) -- IX. Electronic Records--Signature Manifestations (Sec. 11.50) -- X. Electronic Records--Signature/Record Linking (Sec. 11.70) -- XI. Electronic Signatures--General Requirements (Sec. 11.100) -- XII. Electronic Signature Components and Controls (Sec. 11.200) -- XIII. Electronic Signatures--Controls for Identification Codes/Passwords (Sec. 11.300) -- XIV. Paperwork Reduction Act of 1995 -- XV. Environmental Impact -- XVI. Analysis of Impacts -- A. Objectives -- B. Small Entities Affected.

C. Description of the Impact.