Translated by April from CPAPE, only for study and communication, not for commercialization 1 EMA Data integrity Q&A (NEW August 2016) EMA 数据完整性问答(2016 年8 月) 1. How can data risk be assessed? 1. 如何评估数据风险? Data risk assessment should consider the vulnerability of data to involuntary or deliberate amendment, deletion or recreation. Control measures which prevent unauthorised activity and increase visibility / detectability can be used as risk mitigating actions. 数据风险评估应考虑无意或有意修改、删除或重建数据导致的隐患。可通过实施预防未授权活动的控制措施,以及增加可见性/可检测性来减少风险。 Examples of factors which can increase risk of data integrity failure include complex, inconsistent processes with open-ended and subjective outcomes. Simple tasks which are consistent, well-defined and objective lead to reduced risk. 导致增加数据完整性风险的例子包括:结果开放主观的复杂且不一致的过程。一致、定义明确并且客观的简单任务风险较小。 Risk assessment should include a business process focus (e.g. production, QC) and not just consider IT system functionality or complexity. Factors to consider include: 风险评估应包括对业务(例如生产、QC)的关注,不能仅考虑IT 系统的功能或复杂性。应考虑的因素包括: Process complexity 工艺复杂性 Process consistency, degree of automation /human interface 工艺一致性,自动化程度/人性化界面 Subjectivity of outcome / result 结果的客观性 Is the process open-ended or well defined 工艺结果是否开放或定义是否明确 This ensures that manual interfaces with IT systems are considered in the risk assessment process. Computerised system validation in isolation may not result in low data integrity risk, in particular when the user is able to influence the reporting of data from the validated system. 在风险评估过...