JUL-AUG 2017

Issue link:

Contents of this Issue


Page 30 of 53

INTECH JULY/AUGUST 2017 31 AUTOMATION IT you prevent data integrity from being compromised. Pre- vention includes training, controls, events computer sys- tems, enforcing the workflow, and other measures. The goal of training is every employee understanding the meaning of data integrity and taking personal accountability of the data being recorded in any given action. Ultimately, if you cannot prevent attacks, you need mechanisms in place to identify issues early, coupled with action plans. Data integrity program: Hierarchy In Massingham's company, there is very senior management sponsorship from the top of the company throughout the organization. There is a formal quality council that consists of the quality group heads, steering team, and distinct pre- vention and detection groups, as illustrated in the functional organization chart. Massingham emphasized users should make sure data integrity is defined in purchase specifications for automa - tion, controls, and equipment. He noted, "It is amazing how many installed systems today have challenges to meet the latest regulations in place." Data and documentation have two distinct groups: one that deals with electronic data and one with paper documentation. Electronic data includes IT, lab systems, and manufacturing systems, and the scale is enormous. In his company, it is within the range of 50,000 systems. Data integrity applied to systems System review category themes to consider: l Access/security: Do you have the right access and secu- rity controls in place for your manufacturing systems? Are users assigned the correct roles, and are system adminis - trators correct? l Audit trail review: Catch errors and mistakes. l Repeat testing: Make sure to capture all the raw product testing data and that audit trail information is stored in a system for later review. l PC clock/time stamp: Make sure the time of all devices is synchronized to the master clock for accurate time stamps. l Event/alarm: Much can be learned from alarms, so consis- tency and good alarm management practices are important. ISA standards, most notably ANSI/ISA-18.2-2016, Manage- ment of Alarm Systems for the Process Industries, can really help end users achieve a strong program. l Backups/archives: Backups and archives are a critical part of all the automation that need to be double checked regu- larly to ensure it is current. l Change control: Make sure changes are documented. Prevention: Focuses on stopping DI issues from arising in the first place and provides the frame- work and standards to operate Detection: Determines whether sites and systems comply with internal and regulatory DI expectations. Feedback loop in place to ensure that preven- tive measures are current, complete, and correct. Prevention Detection Approach to data integrity Data integrity hierarchy Policy/ procedure Data and documentation Data quality culture Capability building/training Technology Document (paper) ALCOA + principles Risk-based approach Policy updates Awareness and training Resources, system upgrades Quality council Steering team Prevention Detection Self-inspection DI focus in audit programs

Articles in this issue

Links on this page

Archives of this issue

view archives of InTech - JUL-AUG 2017