21 CFR 11

Question 1

T/F: Electronic signatures are currently accepted for any & all records whether originally submitted in paper form or electronic form.

Answer 1

False

Question 2

T/F: If electronic records meet the criteria specified in 21 CFR 11, the agency will consider the electronic
signatures, initials & other general signing equivalent to full hand written signatures, unless specifically
excepted by regulations effective after August 20,
1997.

Answer 2

True

Question 3

T/F: Electronic records cannot be used in lieu of paper records.

Answer 3

false

Question 4

Computer systems (including hardware & software), controls & attendant documentation maintained under the electronic signature provision are subject to whose
inspection ?

Answer 4

FDA

Question 5

T/F: Provided they meet the requirements, persons can use
electronic records in lieu of paper records, for records required to be maintained, but not submitted
to the agency.

Answer 5

True

Question 6

T/F: Persons can use electronic records in lieu of paper records for documents required to be submitted to the agency provided the document has been identified as a type of submission that FDA will accept in electronic
format.

Answer 6

true

Question 7

T/F: Documents submitted to the FDA that are not specified in the public docket as acceptable in electronic
form, will not be considered as official if they are submitted in electronic form.

Answer 7

True

Question 8

Who determines the details for electronic submission (e.g. methods of transmission, media, file format &
technical protocol)?

Answer 8

The intended receiving agency unit will determine the
details of electronic submission.

Question 9

In FDA’s regulations covering electronic signatures,
what does the term “Act” refer to?

Answer 9

“Act” means the Federal Food, Drug & Cosmetic Act

Question 10

What is the term that means a method of verifying an
individual’s identity based on measurement of individual’s physical features or repeatable actions where those features &/or actions are both measurable & unique to that individual?

Answer 10

biometrics

Question 11

What does the term “closed system” mean with regard to electronic records?

Answer 11

“Closed system” means an environment in which
system access is controlled by persons who are responsible for the content of the electronic records that are in the system.

Question 12

T/F: An electronic signature is based upon cryptographic methods of originator authentication, computed by using a set of rules & a set of parameters such that the identity of the signer & integrity of the data can be
verified.

Answer 12

false
(this is the definition for digital signature)

Question 13

Any combination of text, graphics, data, pictorial, audio, or other information representation in digital
form that is created, modified, maintained, archived, retrieved or distributed by computer system is known as what?

Answer 13

electronic record

Question 14

T/F: Electronic signatures & digital signature are synonymous terms.

Answer 14

false

Question 15

What type of signature is the scripted name or legal
mark of an individual preserved with writing or marking instrument such as pen or stylus?

Answer 15

Handwritten signature.

Question 16

How does open system differ from closed system with
regards to the FDA’s electronic record regulations?

Answer 16

In an open system access is not controlled by persons
who are responsible for the content of electronic
records that are on the system.

Question 17

Why is validation of system an important procedure &
control for closed systems?

Answer 17

Validation of systems ensures accuracy, reliability,
consistency of intended performance & the ability to
discern invalid or altered records.

Question 18

T/F: The ability to generate complete & accurate copies of records in both human readable & electronic form
suitable for for inspection, review,& copying by agency is a control established for closed system.

Answer 18

true

Question 19

T/F: Closed systems are limited to authorized individuals only.

Answer 19

true

Question 20

T/F: A procedure in place as a control for closed systems includes the use of secure, computer-generated, time stamped audit trails to independently record the date and time of operator entries. Changes made to the records may obscure & delete previous recorded information will always be accessible.

Answer 20

false

Question 21

In electronic record, what do authority checks ensure?

Answer 21

Authority checks ensure that only authorized
individuals can use the system, electronically sign a
record, access the computer system’s input & output
devices, alter a record, or perform other operations at
hand.

Question 22

T/F:A control procedure for closed systems requires the determination that persons who develop, maintain or use electronic record/electronic signature systems have proper training, education & experience to perform the assigned task.

Answer 22

true

Question 23

T/F: Persons or organizations desiring to use electronic records are not required to have written policies that
hold individuals accountable & responsible for actions initiated under the electronic signatures because the
nature of electronic records does not permit falsification.

Answer 23

false

Question 24

T/F: Persons who use open systems are not bound to any of the controls or procedures established by the closed systems.

Answer 24

false

Question 25

What three elements are necessary for signed
electronic records?

Answer 25

The printed name of the signer.

The date & time when the signature was executed.

The meaning of the signature (such as review, approval, authorship)

Question 26

Why is it necessary to link electronic signature & handwritten signature to the appropriate electronic
records?

Answer 26

Linking ensures that the signatures cannot be excised,
copied or otherwise transferred to falsify an electronic
record by ordinary means.

Question 27

T/F: Each electronic signature can only be reused by one other person beyond the originator.

Answer 27

false

Question 28

T/F: An organization must first verify the identity of the individual wishing to use an electronic signature.

Answer 28

true

Question 29

T/F: Certification of electronic signatures used on or after August 20,1997 can be done electronically.

Answer 29

false

Question 30

cannot request further certification, since it was
originally certified & submitted in writing.

Answer 30

false

Question 31

When an electronic signature is not based upon biometrics, how many distinct identification components must be employed?

Answer 31

Two distinct components such as password &
identification code must be used.

Question 32

T/F: Each & every time a user executes the electronic signature, all signature components must be employed, even if the signing take place during one continuous period of controlled system access.

Answer 32

false

Question 33

T/F: When an individual executes one or more signings not performed during a single continuous period of
controlled system access, each signing shall be executed using all of the electronic signature components.

Answer 33

true

Question 34

T/F: When using signatures are based upon biometrics, they are intended to be used by the signer & his/her designee.

Answer 34

false

Question 35

There are five controls in place for identification codes
& password procedures. Name all of them.

Answer 35

1. Maintaining uniqueness of codes & passwords.
2. Ensuring periodic check, recall & revision of codes
   & passwords.
3. Following loss management procedures to electronically de-authorize lost, stolen or
   compromised codes & passwords.
4. Use of safeguards to detect & prevent unauthorized use of codes & passwords.
5. Testing of devices such as tokens or cards that bear or generate codes & password to ensure proper & consistent functioning.