Document No

STANDARD OPERATING PROCEDURE [Document Number]

<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

APPROVALS:
Name Signature Date

REVISION HISTORY:
Revision Initials and Date Summary of Changes
00

Instructions on completing this document

(Please remove this table when you are finished modifying this document.
This table is for your information only.)

- Montrium has inserted instructions in blue text into this document to help you
understand the information in each section. Once you have modified this
document to meet the specifics of your organization, please delete the blue text.

- Blue italicized text in this document indicates elements which should be revised
or completed by you so that the text meets your company’s needs and quality
system requirements. Once you have completed this information, please remove
the italics in the document.

Confidential Page 1 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

Contents
1.0 PURPOSE ................................................................................................................................................................................. 3
2.0 SCOPE ...................................................................................................................................................................................... 3
3.0 DEFINITIONS ............................................................................................................................................................................ 3

3.1 Acronyms ........................................................................................................................................................................... 3

3.1.1 HR – Human Resources ........................................................................................................................................... 3

3.1.2 IT – Information Technology ................................................................................................................................... 3
3.1.3 SOP – Standard Operating Procedure ..................................................................................................................... 3

3.2 Terms ................................................................................................................................................................................. 3

3.2.1 Accountability ......................................................................................................................................................... 3

3.2.2 Certificate................................................................................................................................................................ 3
3.2.3 Digital Signature ...................................................................................................................................................... 3
3.2.4 Electronic Record .................................................................................................................................................... 4
3.2.5 Electronic Signature ................................................................................................................................................ 4
3.2.6 Electronic Transaction ............................................................................................................................................. 4
3.2.7 Handwritten Signature ............................................................................................................................................ 4
3.2.8 Non-Repudiation ..................................................................................................................................................... 4
3.2.9 Record ..................................................................................................................................................................... 4
3.2.10 Qualified Electronic Signature Method ................................................................................................................... 4

4.0 RESPONSIBILITY ....................................................................................................................................................................... 5

4.1 IT Manager, representative or designee ............................................................................................................................ 5

4.2 Management ..................................................................................................................................................................... 5
4.3 User (employees, contractors and consultants)................................................................................................................. 5
4.4 Human Resources Representative or designated authorized personnel ........................................................................... 5

5.0 PROCEDURE............................................................................................................................................................................. 6

5.1 Selecting an electronic signature method.......................................................................................................................... 6

5.2 Minimum requirements for the use of an electronic signature ......................................................................................... 6

5.2.1 Components and controls ....................................................................................................................................... 6

5.2.2 Assignment ............................................................................................................................................................. 6

5.3 Expression of electronic signature ..................................................................................................................................... 7

5.4 Use of an electronic signature ........................................................................................................................................... 7

5.4.1 Signature required by Company Name procedural document ................................................................................ 7

5.4.2 Signature required by law or regulation.................................................................................................................. 7

5.5 Electronic Signature Breaches and Misuses ....................................................................................................................... 7

5.5.1 Reporting ................................................................................................................................................................ 7

5.5.2 Sanctions ................................................................................................................................................................. 7

5.6 Periodic Review ................................................................................................................................................................. 8

6.0 REFERENCES ............................................................................................................................................................................ 8

7.0 Appendices .............................................................................................................................................................................. 9

7.1 Appendix A: FDA Letter of Non-Repudiation Agreement

(http://www.fda.gov/ForIndustry/ElectronicSubmissionsGateway/ucm113964.htm) ...................................................................... 9

Confidential Page 2 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

1.0 PURPOSE
The purpose of this procedure is to establish a process for obtaining and tracking electronic
signatures in compliance with US FDA 21 CFR Part 11 and EU Annex 11 requirements.
This procedure also establishes when an electronic signature may replace a written signature
and when an electronic record may replace a paper document record.
Commented [MTM1]: In this section, you should insert a short
statement describing the purpose of the procedural document to
describe why it is needed, and what it is being implemented to
accomplish.
If the text in Section 1 is acceptable, you need only to insert your
Company name to replace the highlighted field.

2.0 SCOPE Commented [MTM2]: In this section, you should insert a short
statement describing the scope of the procedural document,
This procedure applies to all Company Name employees and consultants, and governs all uses of outline the reason the document was created and define its
intended audience.
electronic signatures and electronic records that are generated as part of Company Name
regulated activities. If the text in Section 2 is acceptable, you need only insert your
Company name to replace the highlighted field.
This procedure may also apply to additional activities which may include, but not be limited to,
the generation of electronic communications, transactions, contracts and any other document
or record that requires a signature.
This procedure does not apply to paper records transmitted by electronic means such as fax, or
to word-processed documents that are subsequently printed, authorized (signed and dated) and
maintained as paper records.

3.0 DEFINITIONS Commented [MTM3]: In this section define acronyms and

terms that would help team members better understand the
3.1 Acronyms content of this Procedure.

3.1.1 HR – Human Resources

3.1.2 IT – Information Technology
3.1.3 SOP – Standard Operating Procedure
3.2 Terms
3.2.1 Accountability
The obligation of an individual or organization to account for its activities, accept responsibility
for them, and to disclose the results in a transparent manner.
3.2.2 Certificate
Electronic document used to identify an individual, server, company, or some other entity and
to associate that identity with a public key. A certificate provides generally recognized proof of a
person's identity.
3.2.3 Digital Signature
An electronic signature based upon cryptographic methods of originator authentication,
computed by using a set of rules and a set of parameters such that the identity of the signer and
the integrity of the data can be verified. (see FDA 21 CFR Part 11 – Final Rule, section §11.3
Definitions (5)).

Confidential Page 3 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

3.2.4 Electronic Record

3.2.5 Electronic Signature

3.2.6 Electronic Transaction

3.2.7 Handwritten Signature

3.2.8 Non-Repudiation

3.2.9 Record

3.2.10 Qualified Electronic Signature Method

Confidential Page 4 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

4.0 RESPONSIBILITY Commented [MTM4]:

4.1 IT Manager, representative or designee

•

Commented [MTM5]:

4.2 Management Commented [MTM6]:

4.3 User (employees, contractors and consultants)

•

4.4 Human Resources Representative or designated authorized personnel

•

Commented [MTM7]:

Confidential Page 5 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

5.0 PROCEDURE
5.1 Selecting an electronic signature method Commented [MTM8]:

Commented [MTM9]:

5.2 Minimum requirements for the use of an electronic signature Commented [MTM10]:

5.2.1 Components and controls

5.2.2 Assignment

Confidential Page 6 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

5.3 Expression of electronic signature

5.4 Use of an electronic signature Commented [MTM11]:

5.4.1 Signature required by Company Name procedural document

5.4.2 Signature required by law or regulation

5.5 Electronic Signature Breaches and Misuses Commented [MTM12]:

5.5.1 Reporting

5.5.2 Sanctions

Commented [MTM13]:

Confidential Page 7 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

Severity Sanctions
(Human generated deviation)

Minor

Minor Repeated

Major Internal Impact

Major Impact on Company Name
Clients

5.6 Periodic Review

6.0 REFERENCES
Document Number Document Title
<enter title to the application Vendor Management procedure or Validation
Document Number
procedure/plan>
<enter title to the applicable user account management procedure or hiring
Document Number
and termination policy>

Confidential Page 8 of 10
 Document No
STANDARD OPERATING PROCEDURE [Document Number]
<ENTER COMPANY LOGO> Revision: [00]
TITLE Effective date
Electronic Signatures Management [Effective Date]

7.0 Appendices
7.1 Appendix A: FDA Letter of Non-Repudiation Agreement
(http://www.fda.gov/ForIndustry/ElectronicSubmissionsGateway/ucm113964.htm)

[Company Letterhead]

[Today’s Date]

ESG Support Team

Food and Drug Administration
11820 Parklawn Drive, Suite 300
Rockville, MD 20852

[Hand-written signature]
[Name of Company Representative]
[Company Representative Title]

Confidential Page 9 of 10
 FORM Form No
<ENTER COMPANY LOGO> [Form number]
TITLE
Form Version: [00]
Error! Unknown document property name.

Electronic Signature Non-Repudiation Form

Non-Repudiation Statement:

Printed Full Name Handwritten Signature Initials Date

(dd/MMM/yyyy)

Name Title Date

(dd/MMM/yyyy)

Confidential Page 10 of 10