This section contains some suggested strategies for configuring a 21 CFR Part 11 environment.
Disabling the Ability to Change the System Time
Application developers may want to disable an operator's ability to change the system time by removing the "Change the system time" user right from the appropriate user accounts in Windows security. By doing so, you can prevent inaccurate timestamps from entering the audit trail.
Enabling Auditing in the Windows Security System
Application developers who want to monitor Windows security events, such as logon and logoff, should enable auditing in the Windows Local Security Policy. You can display these events in the Windows Event Viewer's security log.
