Part 01 · The QuestionPart 02 · The RecordPart 03 · The File
← All Case Files
Inspection Case File · CF07 · Quality Control Laboratory

Data Integrity Decision Trail: The 483 Most Teams Don't See Coming.

A documented deviation. A signed CAPA. A closed investigation. And a single question, asked on day two of inspection, that the file does not answer.

What you'll see in this case file
  • The exact 483 observation language
  • The five required authorization fields
  • A complete reference DDR record
  • The blank template for your facility
See What Defensible Looks Like → Free to read. No payment to continue.
Citation · 21 CFR Part 11 ICH · Q9 Used by Quality leaders preparing for FDA inspections
The Scene

Day four of the inspection.

. The investigator pulls Data Integrity Investigation DI-2024-0042. Audit trail anomalies on HPLC system in Lab 3. Multiple instances of analyst access during off-hours that did not correspond to authorized testing schedules.

The investigation explained each anomaly: system administrator maintenance, validated software updates, scheduled calibration runs. Each anomaly was associated with a documented activity. The conclusion: no data integrity concern.

The investigator turns to the conclusion.

Investigator
"No data integrity concern."
She reads the conclusion twice. Then she sets the file down and looks up.
Investigator
"Who authorized the conclusion of no data integrity concern? Was each anomaly correlated to a documented activity log entry made independently of this investigation? What data was reviewed to confirm no manipulation occurred during these access events? And on what basis was the documented activity log itself deemed reliable?"
She listens to the verbal answer. Then she asks for the documented reasoning.
Pause

Most QA teams answer this question verbally. The file does not contain the documented reasoning. That is the gap.

Skip ahead to the record format →
Why this matters now

Data integrity 483 observations have been the fastest-growing category of FDA observations over the past five years. The pattern is consistent: anomalies identified, explanations provided, no documented independent corroboration of those explanations.

What the file contained

The investigation report was complete. Each anomaly was identified. Each anomaly was explained.

The investigation team reviewed the audit trail. They reviewed the maintenance logs. They interviewed the system administrator. They cross-referenced calibration schedules. The Lab QA Director signed the closure.

What the file contained was the conclusion.

What the file did not contain was the decision.

Anomalies were identified. Explanations were provided. The conclusion of no concern was reached. But the rationale for treating each explanation as sufficient, the independent verification that explanations were not constructed retrospectively to fit the anomalies, and the named individual who authorized the determination are not in the file.

The conclusion belongs in the file. The decision belongs in the record.

What the investigator is evaluating
21 CFR Part 11 requires reliable electronic records. The standard is not whether anomalies have explanations. The standard is whether the no-concern conclusion was reached on a documented, independently-verifiable basis.

Under MHRA and FDA data integrity expectations, the rigor required for a no-concern conclusion increases when the audit trail itself is the source of the concern. Independent corroboration is expected.

The investigation must demonstrate — in writing, contemporaneous with the conclusion — that explanations were corroborated by evidence external to the investigation itself, that the data captured during anomalous access was reviewed for manipulation, and that the named authorizing individual reviewed both before approving the determination.

A plausible explanation is data. A plausible explanation is not, on its own, a documented data integrity disposition.

Investigator
"I am not asking whether the explanations are plausible. I am asking whether the no-concern conclusion was authorized — and on what evidentiary basis independent of this investigation itself."
The Lab QA Director cannot produce the record.
The Gap

The explanations may have been correct. The file does not show the work behind concluding no data integrity concern.

The DI investigation file documents the explanations. It does not document who decided there was no concern, on what independently verifiable evidence, against what alternatives, and under what authority.

Ready to see the record format?
See the five fields the investigator expects to find →
The 483
"Failure to document the rationale used to justify the conclusion that electronic records met data integrity requirements, including the specific evidence reviewed at the time of determination and the basis on which observed audit trail gaps or user access anomalies were accepted. The data integrity assessment establishes that the system was reviewed but does not reconstruct the decision logic that produced the conclusion."
21 CFR Part 11 — applied regulatory framework.
Continued · Part 02 of 03

That 483 was avoidable.

See the record that prevents it.

The five fields the investigator expects to find. The alternative-causes evaluation that distinguishes a decision from a signature. A complete reference example from the Vancomycin scenario.

Show Me the Record →
✓ Free to read · No payment required to continue

Used by Quality and Validation leaders preparing for FDA and EMA inspections. Built around 21 CFR 211.192 and ICH Q9.