SOP for Operation of Chromeleon Software

Objective

This SOP's goal is to outline how to use Chromeleon software to operate in a network of Chromatographic equipment.

Scope

This SOP applies to the Quality Control Department for User Account Management, Chromatographic System Access Control, and Data Management using Chromeleon software.

Procedure for Handling Chromeleon Software

User Management System – Chromeleon software

Based on the database policies, users and groups are assigned. The regulations are:

1. Administrator credentials and access groups - Administrators are members of all access groups.
2. Client locking - Inactivity timeout any client device that has gone ten minutes without user input.
3. Restrictions on passwords - A minimum password length of six characters must include an alphanumeric special character. Every three months, the login password will expire.
4. User ID - defaults for the user ID For login purposes, the default user ID is Blank. The maximum number of attempted logins is 5, and if more attempts are made, the user account is locked.

Six types of privilege groups shall be identified:

1. Administrator: For administrative purposes
2. Reviewer: For monitoring of day to day activities
3. Analyst: For analysts having limited privileges as required
4. Service Engg: Only for maintenance and service purposes of instruments
5. IT Personnel: Only for IT support
6. QC Manager: Only for review

Data management system – Chromeleon software

A new data source shall be created every year with the Name “CMDATA_YYYY” and shall be mounted on each of the IPCs at the start of the year.

CMDATA_YYYY

• ALL PANELS: Panels for Control of Instruments
• AUDITS: For storage of daily audit trails
• CALIBRATION: For Calibration of Instruments
• CALIBRATION TEMPLATES: For calibration sequence templates
• CM_OQ: For Qualification of Chromeleon Software
• METHOD: For processing Method creation
• PROGRAM: For method creation
• REPORTS: For Report Format Templates
• SEQUENCES: For sequence creation as per the testing procedure

The subfolders shall be created in the above folders as follows:

• AUDITS
• Instrument ID
• CALIBRATION
• Instrument ID
• CALIBRATION TEMPLATES
• Instrument Model
• CM_OQ
• OQ
• URS
• REPORTS
• Calibration
• Routine
• SEQUENCES
• Instrument ID

Note: Additional directories / sub-directories shall be created as and when required.

The naming of the sequence shall be as done as follows:

• For e.g. PRODUCTNAME_DATE_VERSIONNO
• DATE is the Date of the Analysis
• VERSION NO is the Number of Version of the same date sequence

Access to data management – Chromeleon software:

• Access to the above data management is controlled by user access groups in a user management system.
• The access groups are defined for each of the subdirectories made in the HPLC DATA data source with the same name.
• The users created under the user management system are classified in these access groups.

For Example:

• A user can access VALIDATION and PANELS by becoming a member of the QC_VALIDATION and ALL PANELS access group.
• An analyst shall have only one username falling under single privilege/access groups.

Note 1: No privileged group including the Reviewer and administrator privilege group shall have deletion rights.

Note 2: No abbreviated name is allowed, as there is a possibility that two analysts can have the same abbreviated name.

Creating and editing user – Chromeleon software

• User accounts shall be created/ edited only by the IT Personnel after approval from the QC Head and QA Head or respective designee.
• The form shall be raised of “Chromeleon Software User ID Creation, Disable, Lock & Unlock user ID and Updation of User Privileges as per SOP.” by an initiator while creating, disabling a user ID, unlocking user ID, or Updating the user privileges.

The user ID shall be created by IT personnel after approval from the QC Head and QA Head or respective designee.

• Double-click on the “CmUser” icon on one of the client PCs or Servers.
• Enter the user ID and password for login in “CmUser”.
• After successful login “CmUser” screen shall be displayed.
• Click on the “New” icon, Click on “User data” and enter the User ID and User Name (to create a clone, select the user name from the drop-down list).
• Click on “Logon Password” then tick mark on “Logon Password expires” to 3 months.
• Enter the default user then tick mark on “user and change login password on the next login”.
• Click on “Logon failure” then tick the mark on “Limit login retries”.
• The maximum number of allowed login attempts is 5.
• After reaching the limit “Lock Account”.
• Click on “OK”. The user shall be created. Check the privilege and access group of the user.
• The new user shall open his / her account on any of the IPC by typing his / her user ID and the default password in the first entry, The window shall prompt for a change in a password where the user shall type his / her password.
• The same needs to be confirmed by re-typing the password.
• On completion, this becomes his / her password on every login thereon.

Note: The password of the user shall expire every after 3 months. In such cases, the user shall re-enter a new password and confirm the same.

• To edit the user, click on “Edit user” and follow the above steps.
• For the deactivation of the account of a user, tick the mark on “Account locked” in logon failure.
• To activate the account of the user (in case the account is locked), remove the tickmark on “Account locked” in logon failure.

Policies on administrator – Chromeleon software

• The administrator from QA shall be in operation.
• In case the administrator changes, the following procedure shall be adopted:

1. The IT personnel shall create the new administrator (QA Head) in the presence of the quality head or with prior approval from the Quality Head.
2. The IT personnel shall deactivate the relieving administrator in the presence of the QA head.
3. The only privilege that an administrator does not have is the deletion of data.

Policies on users – Chromeleon software

• User accounts shall be created/edited only by the IT Personnel after approval from the QC Head and QA Head or respective Designee.
• Only qualified operators shall operate on the network.
• The privilege of an individual user can be changed as and when required by the IT Personnel after approval from the QC Head and QA Head or respective Designee.
• On periodic review, the inactive user shall be locked by the IT Personnel after approval from the QC Head and QA Head or respective Designee.

Policies on data management – Chromeleon software

Migration of data from the active data source (i.e., CMDATA_YEAR) to the archive data source (i.e. DATA-Backup) shall be done by the following procedure:

1. A query is created to move the locked sequence from the active data source to the archive data source, by this all locked sequences are moved automatically as per the schedule defined by the administrator.
2. The reviewer shall lock the sequences after the review of the data.
3. The locked sequences shall always be unlocked as and when required by an administrator.
4. Audit trail from the local IPC to the server (i.e. AUDIT folder on the CM data source) shall be done frequently by the authorized IT personnel.

ALSO READ: SOP for System Suitability Test in HPLC Analysis and HPLC Documentation

General policies – Chromeleon software

• The server shall be rebooted as and when required by the authorized IT personnel to ensure optimal performance of the server.
• Any maintenance carried out shall be done with prior intimation to the administrator and the risk involved shall be evaluated.
• Backup of the data from the network shall be done as per our SOP Procedure for archiving, Storage, and retrieval of electronically generated and Processed Data.
• For this, Symantec Backup Agent is used where a backup job is scheduled to the Tape Drive.

Note: The backup is required to send the information for any incident that takes place in the network to the manufacturer.

• All incidents pertaining to the network/server shall be documented.
• Appropriate action for the incidents, if required, shall be taken in consultation with IT / QA.
• Change control shall be raised in the following cases.
• Addition/deletion of IPC.
• Any major modification in the server/network.
• Any up-gradation of Chromeleon software.
• Relocation of a server.
• Relocation of IPCs.
• Privilege Group
• Privileges shall be assigned to each user group as follows:

Privileges of CM-SERVER CONTROL – Chromeleon software:

Privilege Categories	Privileges	Privilege Groups
		Analyst	Reviewer	IT Personnel	Service Engg	Administrator	QC Manager
CM-Server Installation	Modify Configuration	X	√	√	√	√	X
Control Panels	Create PAN	X	X	X	√	√	X
	Delete PAN	X	X	X	X	X	X
	Modify PAN	X	X	X	√	√	X
	Copy PAN	X	X	X	√	√	X
	Move PAN	X	X	X	√	√	X
	Edit Script Button	X	X	X	√	√	X
Program Files	Create PGM	X	√	X	√	√	X
	Delete PGM	X	X	X	X	X	X
	Modify PGM	X	√	X	√	√	X
	Copy PGM	√	√	X	√	√	X
	Move PGM	X	√	X	√	√	X
Audit Trails	Copy Audit Trail	X	X	√	X	√	X
	Move Audit Trail	X	X	√	X	√	X
	Delete Audit Trail	X	X	X	X	X	X
	Rename Audit Trail	X	X	X	X	√	X
Online Control	Monitor Time Base	√	√	X	√	√	X
	Control Time Base	√	√	X	√	√	X
	Take Over Control	√	√	X	√	√	X
	Run Batch	√	√	X	√	√	X
	Acquire Data	√	√	X	√	√	X
	Control Foreign Batch	√	√	X	√	√	X
Predictive Performance	Change performance limit	X	X	X	√	X	X
	Change Qualification interval	X	X	X	√	X	X
	Override Qualification	X	X	X	X	X	X
	Approve Qualification	X	X	X	X	X	X

Privileges of DATA SOURCE – Chromeleon Software

Privilege Categories	Privileges	Privilege Groups
		Analyst	Reviewer	IT Personnel	Service Engg	Administrator	QC Manager
Basics	Create DS	X	X	√	√	√	X
	Mount Dismount DS	X	X	√	√	√	X
	Rename DS	X	X	√	X	√	X
	Customize DS	X	√	√	√	√	X
	Modify History Mode	X	X	X	√	√	X
	Modify History Comment	X	X	X	√	√	X
	Modify Protection Mode	X	X	X	√	√	X
	Modify DS Availability	X	X	X	X	√	X
Directories	Create DIR	X	√	√	√	√	X
	Delete DIR	X	X	X	X	X	X
	Rename DIR	X	√	√	√	√	X
	Copy DIR	X	√	√	√	√	X
	Move DIR	X	√	√	√	√	X
	Lock DIR	X	√	√	√	√	X
	Unlock DIR	X	X	√	√	√	X
	Modify Access Group DIR	X	√	√	X	√	X
Queries	Create QRY	X	√	√	√	√	√
	Delete QRY	X	X	X	X	X	X
	Modify QRY	X	√	√	√	√	√
	Copy QRY	X	√	√	√	√	√
	Move QRY	X	√	√	√	√	X
	Execute QRY	X	√	√	√	√	√

Privileges of SEQUENCE – Chromeleon software

Privilege Categories	Privileges	Privilege Groups
		Analyst	Reviewer	IT Personnel	Service Engg	Administrator	QC Manager
Sequences (Via Work list)	Create SEQ	√	X	X	√	√	X
	Create SEQ Via Wizard	√	X	X	√	√	X
	Create SEQ	X	X	X	X	√	X
	Modify SEQ	√	X	X	√	√	X
	Rename SEQ	√	X	X	√	√	X
	Rename SEQ with Raw Data	X	X	X	X	√	X
	Copy SEQ	X	X	X	√	√	X
	Move SEQ	X	X	X	X	√	X
	Delete SEQ	X	X	X	X	X	X
	Delete Signed SEQ	X	X	X	X	X	X
	Delete Locked SEQ	X	X	X	X	X	X
	Lock SEQ	X	X	X	X	√	X
	Unlock SEQ	X	X	X	X	√	X
	Customize Col Layout SEQ	X	√	X	√	√	X
Samples	Copy Samples	X	X	X	X	√	X
	Insert New Samples	√	X	X	√	√	X
	Append New Samples	√	X	X	√	√	X
	Modify Finished Sample	X	X	X	√	√	X
	Modify Finished Status	X	X	X	X	X	X
	Delete Finished Sample	X	X	X	X	X	X
	Delete Raw Data	X	X	X	X	X	X
Signature	Submit result	√	X	X	X	X	X
	Review Result	X	X	X	X	X	X
	Approve Result	X	X	X	X	X	√
	Undo submit result	X	X	X	X	X	X
	Undo Review result	X	X	X	X	X	√
	Undo Approve Requirement	X	X	X	X	X	√
	Modify Sign Requirement	X	√	X	X	X	X
	Sign result	X	X	X	X	X	X
	Undo Sign Result	X	X	X	X	X	X

Privileges of DATA REDUCTION – Chromeleon software

Privilege Categories	Privileges	Privilege Groups
		Analyst	Reviewer	IT Personnel	Service Engg	Administrator	QC Manager
QNT Methods	Create QNT	X	√	X	√	√	X
	Delete QNT	X	X	X	X	X	X
	Modify QNT	√	X	X	√	√	X
	Copy QNT	√	X	X	√	√	X
	Move QNT	X	X	X	√	√	X
	Manipulate Peaks	X	X	X	X	√	X
	Delete Peak Manipulations	X	X	X	X	√	X
	Customize Col Layout QNT Delete Pea	X	√	X	√	√	X
Spectra Libraries	Create LIB	√	X	X	√	√	X
	Delete LIB	X	X	X	X	X	X
	Modify LIB	√	X	X	√	√	X
	Copy LIB	√	X	X	√	√	X
	Move LIB	X	X	X	X	√	X
	Add Lib Spectra	√	X	X	√	√	X
	Delete Lib Spectra	X	X	X	X	X	X

Privileges of REPORTING – Chromeleon software

Privilege Categories	Privileges	Privilege Groups
		Analyst	Reviewer	IT Personnel	Service Engg	Administrator	QC Manager
Report Definition Files	Create RDF	X	√	X	√	√	X
	Delete RDF	X	X	X	X	X	X
	Modify RDF	X	√	X	√	√	X
	Copy RDF	√	√	X	√	√	X
	Move RDF	X	√	X	√	√	X
	Allow Plot Property Changes	√	√	X	√	√	X
	Print Export Unsaved Data	X	X	X	X	√	X
Batch	Run Print Batch	√	√	X	√	√	X
	Run Export Batch	X	√	√	√	√	X

Privileges of MISCELLANEOUS – Chromeleon software

Privilege Categories	Privileges	Privilege Groups
		Analyst	Reviewer	IT Personnel	Service Engg	Administrator	QC Manager
Workspaces	Create WSP	X	X	√	X	√	X
	Delete WSP	X	X	X	X	X	X
	Modify WSP	X	X	√	X	√	X
	Copy WSP	X	X	√	X	√	X
	Move WSP	X	X	√	X	√	X
Archive	Restore	X	√	√	√	√	X
	Backup	X	X	√	√	√	X
	Import Peak Net Data	X	X	√	X	√	X
	Import AIA	X	X	√	X	√	X
	Import Chem. Station Data	X	X	√	X	√	X

√ = Privilege given                                       X = Privilege not given

Note: cmadmin is a member of Standard Privilege Group which is a default Privilege Group created at the time of installation of Chromeleon software and is not in use.

Abbreviations

CC      :	Change Control Number	ID        :	Identification
HPLC   :	High-performance liquid chromatography	CM      :	Chromatography management system
IT         :	Information Technology	FP        :	Finished Product
STAB   :	Stability	RM       :	Raw Material
i.e.       :	That is	PC       :	Personal Computer
IPC      :	Instrument PC	CD      :	Compact Disk
WS      :	Working Standard	USB     :	Universal Serial Bus
DS       :	Data source	DIR      :	Directories
QRY     :	Queries	SEQ     :	Sequence
QNT    :	Quantification	LIB       :	Library
RDF     :	Report definition file	AIA      :	Analytical instrument association