ISPE 的数据完整性成熟度等级自评-双语版
DATA INTEGRITY MATURITY LEVEL CHARACTERIZATION | ||||||
Maturity Area | Maturity Factors | Maturity Level Characterization | ||||
Level 1 | Level 2 | Level 3 | Level 4 | Level 5 | ||
Cluture | ||||||
• DI Understanding and awareness • 对数据完整性的理解和认识 | Awareness of the importance of data integrity, and understanding of data integrity principles 对数据完整性的重要性的认识,以及对数据完整性原则的理解 | Low awareness, limited to SMEs and specialists 认识不足,仅来自于SMEs和专家 | General awareness of the topic, but not fully reflected in working practices 对主题有一定的认识,但没有充分反映在工作中 | Principles reflected in working practices, but not consistently applied 对原则的理解反映在工作中,但是不能持续的应用 | Data integrity principles fully incorporated and applied in established processes and practices 数据完整性原则在既定的过程和实践中充分纳入和应用 | Formal ongoing awareness programme, proactively keeping abreast of industry developments 制定正式的持续改进计划,积极跟进行业发展 |
• Corporate culture and working environment • 企业文化与工作环境 | A culture of willing and open reporting for errors, omissions and abnormal results, and willing collaboration to achieve data integrity objectives 一种愿意和公开报告错误、遗漏和异常结果的文化,并愿意协作以实现数据完整性目标 | Unwillingness or no motivation to report errors and abnormal results. 不愿意或没有动机报告错误和异常结果 | DI problems may be reported but mitigation is either inadequate or ignored 可能会报告数据完整性问题,但缓解要么不够充分,要么被忽略 | Policies and procedures encourage openness, but not implemented in all cases. Mitigation generally limited to the specific instance 政策和程序鼓励暴露问题,但不适用于所有情形。缓解通常局限于具体的实例 | Full openness and collaboration achieved through such behaviour being motivated by management behaviour. Mitigation considers wider implication 通过管理行为激励实现了充分的开放和协作。缓解考虑更广泛的影响 | Anticipating potential future DI weaknesses and applying appropriate controls 预测未来潜在的数据完整性弱点并应用合适的控制 |
• Quality Culture • 质量文化 | An environment in which employees habitually follow quality standards, take taking quality-focused actions, and consistently see others doing so. 员工习惯遵循质量标准的环境,采取以质量为中心的行动,并且周围人也在这样做 | Low awareness and application of quality principles and standards. A culture of not reporting what management would rather not hear 对质量原则和标准的认识和应用不足。管理层不愿听到的就不报告的文化 | Ad-hoc quality. Activities performed, but relying on individual efforts 仅为这次的质量文化。开展活动,但是仅依赖于个人的努力 | General application of some quality principles, but not fully ingrained or consistent. 普遍应用一些质量原则,但不完全彻底和一致 | Quality considerations incorporated in normal working practice 质量因素纳入日常工作实践 | Quality and continuous improvement incorporated in normal working practice 质量和持续改进纳入日常工作实践 |
Governance and Organization 治理与组织 | ||||||
• Leadership governance • 领导力 | Objectives defined and communicated by executive management. 目标界定和行政管理沟通 | Leadership silent or inconsistent on the need for data integrity. Other business priorities typically override. 领导对数据完整性的需求保持沉默或不一致。其他业务优先级通常高于数据完整性 | Leadership state need for DI, but do not lead by example. 领导强调需要数据完整性,但不以身作则 | Objectives defined in policies and high level statements, but not always fully reflected in management priorities. 政策和高级别声明中定义了数据完整性的目标,但并非总是充分反映在管理优先事项中 | Management actions and priorities fully reflect stated objectives 管理行为和优先级充分反映所规定的数据完整性目标 | DI aspects routinely addressed and improved as part of management review 数据完整性的常规处理和改进作为管理评审的一部分 |
• Sponsorship • 资源支持 | Executive management providing appropriate resources and support. 行政管理提供合适的资源支持 | Appropriate resources only made available in emergencies (e.g. critical citation). 仅在紧急情况下提供资源(如关键引文) | Appropriate resources available in principle, but often not be available in practice due to other pressures. 原则上有适当的资源,但由于其他方面的压力,通常不可用在实践中 | Appropriate resources available, but may be diverted or diluted due to other pressures. 适当的可用资源,但由于其他压力,可能被转移或稀释 | Required and planned resources are available and safeguarded due to ongoing commitment to data integrity 由于持续致力于数据完整性,所需和计划的资源得到保障。 | Management looking ahead to identify future resource needs, based on experience 管理层展望未来,根据经验确定未来的资源需求 |
• Structure • 结构 | Appropriate roles and reporting structures. 适当的角和报告结构 | No consideration of specific data governance in roles and responsibilities. 不在角和职责制定中考虑数据管理 | Data governance roles only recently established, or in flux. 最近才建立数据管理角,或一直在变化 | Data governance roles established, but not always effective. 建立数据管理角,但是不是一直有效 | Data Governance roles are well integrated into the management structures and systems 数据管理的角很好地融入管理结构和系统 | Management reviewing and adapting organizational structures based on experience 基于经验的管理评审与组织结构调整 |
• Stakeholder Engagement • 相关人员参与 | Engagement of business Process Owners, Quality Assurance, and key supporting technical groups (e.g. IT) 参与业务流程所有者、质量保证和关键支持技术组织(例如:IT) | Data integrity and governance seen as either an IT issue or a Quality Issue. No real Process Owner involvement 数据完整性和治理视为IT问题或质量问题。没有真正的过程所有者参与 | Ad-hoc involvement of Process Owners, and Quality Assurance. High person dependence. 过程所有者和QA “仅仅这次”参与。高度依赖于人 | Process Owners, and Quality Assurance typically involved, but not consistently 过程所有者和QA通常涉及,但不是一贯的 | Process Owners, Quality Assurance, and IT work together through the data and system life cycles 过程所有者、QA和IT在数据和系统生命周期中一起协作 | All stakeholders consistently work together to identify further co-operation opportunities, based on experience. 所有利益相关者不断合作,根据经验确定进一步的合作机会 |
• Data Ownership • 数据所有权 | Clear ownership of data and data-related responsibilities 明确数据所有权和数据相关的责任 | Process, system, and data owners not defined 没有定义过程、系统和数据的所有者 | Process, system, and data owners identified in few areas. 在小范围内定义过程、系统和数据的所有者 | Process, system, and data owners typically defined in many, but not all cases, and responsibilities not always clear 过程、系统和数据所有者在大范围内定义,但是并非所有情况下,而且职责也不是一直都清晰, | Process, system, and data owners are well defined and documented. 流程、系统和数据所有者都被很好的定义并且文档化 | Process, system, and data owner responsibilities considered and clarified during management review. 在管理评审中对过程、系统和数据所有者的职责进行考虑和阐述 |
• Policies and Standards • 政策和标准 | Defined polices and standards on data integrity 定义关于数据完整性的政策和标准 | No established policies and standards for data integrity 没有建立政策和标准用于数据完整性 | Ad-hoc policies and standards for data integrity in some cases 在某些情况下有用于数据完整性的政策和标准 | Polices and standards exist, but not fully integrated into the QMS and business process. 政策和标准存在,但没有完全纳入质量管理体系和业务流程 | Policies and standards fully integrated into the QMS and fully reflected in business processes and practices 政策和标准完全纳入质量管理体系并且充分反映在业务流程和实践中 | Policies and standards regularly reviewed and improved based on experience 基于经验。定期评审和改进政策和标准 |
• Procedures • 规程 | Established procedures defining key activities and processes 建立规程描述关键活动和流程 | No established procedures for key data integrity related activities 没有建立管理数据完整想相关活动的规程 | Ad-hoc procedures for data integrity in some cases 针对数据完整性的某些情况制定了有限的规程 | Some procedures and standards exist, but not covering all data integrity related activities. 有一些规程,但是没有覆盖所有的数据完整性相关活动 | Procedures for all key areas fully integrated into the QMS and reflecting established policies and standards. 将所有关键领域的规程充分纳入质量管理体系并反映既定的政策和标准 | Procedures regularly reviewed and improved based on experience 基于经验。定期评审和改进规程 |
• Awareness and Training • 认识和培训 | Awareness and training on regulatory requirements and organizational polices and standards. 对法规要求、组织政策、标准的认识和培训 | No real awareness of regulatory requirements and company policy in this area 在这方面没有真正意识到法规要求和公司政策 | Some awareness of regulatory requirements and company policy, in pockets. 对于法规要求和公司政策,有一些局限的认识 | General awareness of well-known regulations, and the existence of company policies 普遍了解众所周知的法规,以及公司政策的存在 | Comprehensive training program ensures an appropriate level of knowledge of specific regulatory and company requirements 综合培训计划确保对特定的规章制度和公司要求有适当的了解 | Formal training needs analysis, taking into account regulatory developments. Training effectiveness assessment for ongoing improvement 考虑到法规的发展,进行正规培训需求分析。持续改进的培训效果评估 |
Quality Management System 质量管理体系 | Established and effective Quality Management System, focused on patient safety, product quality and data integrity. 建立有效的质量管理体系,关注患者安全,产品质量和数据的完整性 | Few procedures in place focused on patient safety, product quality and data integrity. 几乎没有规程关注患者安全,产品质量和数据的完整性 | Some procedures and quality control processes, but not consistently achieving quality goals. 一些规程和质量控制过程,但不能始终如一地实现质量目标 | Established Quality Management System, but compliance and data integrity activities are not fully effective 建立了质量管理体系,但合规性和数据完整性活动并不完全有效 | Established and effective Quality Management System, consistently achieving data integrity goals in support of patient safety and product quality 建立有效的质量管理体系,始终如一地实现数据完整性目标,以保证病人安全和产品质量 | QMS subject to regular management review and continuous improvement 定期管理评审和持续改进的质量管理体系 |
Business process definition 业务流程定义 | Clear and accurate definitions of regulated business processes, covering all key GxP areas 规范业务流程的清晰和准确的定义,涵盖所有GxP关键领域 | Few business processes formally defined and documented 几乎没有业务流程被正式定义和文档化 | Some business processes formally defined and documented on an ad-hoc basis, either by project or operational groups 一些业务流程被定义和文档化 | Most business processes defined, but not consistently following conventions or standards, and not always complete and up-to-date. 定义了大多数业务流程,但不是一贯遵循惯例或标准,并不总是完整的和最新的 | Business processes defined following established conventions and standards. 业务流程定义遵循既定惯例和标准 | Business processes defined and supported by appropriate tools, and consistently maintained. 业务流程通过适当工具定义和支持,并一直维护 |
Supplier and service provider management 供应商和服务提供商管理 | Assessment of suppliers and service providers against agreed standards, and setting up and monitoring of contracts and agreements to deliver those standards. 根据商定的标准评估供应商和服务供应商,并建立和监测合同和协议,以交付这些标准 | Many suppliers and providers with a potential impact on data integrity not assessed or managed 许多供应商和供应商对数据完整性的潜在影响没有评估或管理 | Some suppliers and providers with a potential impact on data integrity informally assessed 一些供应商对数据完整性的潜在影响进行评估 | Established process for supplier management, but not applied consistently. Data integrity implications not always fully covered by assessments or agreements 建立供应商管理流程,但不是一贯地应用。数据完整性的影响并不总是完全覆盖评估或协议 | Established process for supplier management, consistently applied, and including a data integrity risk review. 建立供应商管理的过程,始终如一地应用,包括数据完整性风险审查 | Effectiveness of supplier management subject to regular management review based on metrics. 对供应商管理的有效性是基于度量的定期管理评审 |
Strategic Planning and Data Integrity Program 战略规划和数据完整性计划 | ||||||
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论