SOP for Password for Computers and Software in Pharmaceutical

The purpose of the document is to establish a procedure for allocation, maintenance of uniqueness; and confidentiality of passwords which in turn are useful in achieving the maintenance of authenticity, integrity, confidentiality, and security of electronic data.

It is applicable to all computers, software, PLCs, and any other electronic devices used in the QA, Warehouse, Quality Control, Production, and Utilities for generating data records except for the software used for the purpose of the management of the inventory control.

Head of Production
Head of Engineering
Head of Quality Control
Head of Quality Assurance


A series of character that enables someone to access a file, computer or program and prevent unauthorized access.

Person will have full access to the system.

A person who will have access to change the daily operational variables, which are required to identify operations from each other, e.g. Batch No. / Lot No. Operator Name.

Operator/ User:
An individual who can only operate the system.

  • All computers, software’s, PLCs and any other electronic devices used in the Warehouse, QA, Quality Control, Production, and Utilities for generating data records shall have restricted access through user passwords.
  • The Quality Assurance shall assign individual passwords to log into the system and access the system.
  • The password shall be categorized on the basis of access rights assigned and /or the design of the system.
  • The password preferably shall be allocated at the Administrative level, Supervisory level and user level depending upon the availability of the provision in the system and the equipment.
  • The individual shall maintain the confidentiality of passwords assigned to him/her.
  • The assigned user passwords shall be enabled in the system.
  • The following category of passwords are forbidden for use:
  1. First Name
  2. Surname
  3. Birth Date
  4. Telephone Numbers
  5. Name of cities
  • The password allocated shall be recorded in Annexure-I and maintained under lock and key in the Quality Assurance department.
  • The data/records on the electronic system shall be viewed in case of emergency or during inspection/audit by another person only after approval from Quality Assurance.
  • The uniqueness of the passwords shall be maintained such that no two individuals shall have the same passwords for the same system.
Note: Same password can be shared by the different user level individuals in case there is no provision for generating more than two passwords for the system at the User level.
  • The passwords shall be revised on a quarterly basis and records of the same shall be maintained under lock and key in the Quality Assurance department.
  • Once the revised password is enabled, the previous password record shall be made obsolete and destroyed on yearly basis.
  • Quality Assurance department shall verify randomly that the old password does not permit access to the system.
  • No password shall be repeated for that year for any systems.
  • The access rights shall be defined by the Quality Assurance department and shall be recorded in the Annexure-II
  • In case of any individual who leaves the organization in between to whom the password has been already issued, the same password shall not be issued to the newly joint replacement for that post. Instead, new password shall be issued to the new recruit, and record of the same is maintained.

QAP : Quality Assurance Procedure
PLC : Programmable logic control
QA : Quality Assurance
ID : Identity

Annexure-I : Password Allocation Record
Annexure-II : Access Rights Record


PEOPLE ALSO READ: SOP for Data Integrity

Post a Comment