Entelik
Book Demo
Compliance

21 CFR Part 11. GAMP 5. Audit-ready.

Last updated: 2026-05-27

21 CFR Part 11 conformance

Entelik is designed to support 21 CFR Part 11 compliance for electronic records and electronic signatures in regulated pharmaceutical manufacturing. The platform supplies the controls; your organisation supplies the procedures and SOPs around them. Compliance is a joint responsibility — we make it achievable, you operationalise it.

Electronic records (§11.10)

  • System validation: Entelik is qualified per GAMP 5. IQ/OQ/PQ protocols are part of the validation pack.
  • Records are not deletable. Amendments create new versions; originals are preserved.
  • Audit trail captured on every record-modifying event: who, when, what, why, before, after.
  • Sequenced step execution is enforced on eBMR — operators cannot skip steps or backdate entries.
  • Role-based access enforces authority checks at every API boundary.
  • Time-stamping is server-assigned in UTC; display is in IST or operator's configured timezone.

Electronic signatures (§11.50, §11.70, §11.100, §11.200)

  • Every signature event re-prompts for username and password. No SSO passthrough on GMP-significant signatures.
  • Every signature carries an explicit meaning ("approved," "reviewed," "released," etc.) stored alongside the credential.
  • Three-strike server-side lockout on signature attempts.
  • Signatures are inseparably linked to the underlying record. Tampering with the record invalidates the signature.
  • No PIN-only signatures. No checkbox-as-signature.

Open systems (§11.30)

TLS 1.2+ on all client-server connections. AES-256 encryption at rest. See /security for the full posture.

GAMP 5 alignment

Entelik is treated as a GAMP Category 4 (configurable) product. Configuration of recipes, roles, SOPs, and integrations is your responsibility and is validated under your QMS. Core platform logic — execution, signatures, audit trail — is validated by us under our Software Development Lifecycle, which follows GAMP 5 principles.

The full validation pack — URS, IQ, OQ, PQ, PV, CFR Part 11 conformance matrix, and the Software Quality Plan — is included with every Full Platform deployment and available on request for Entelik Calibrate customers.

What's your responsibility

  • SOPs governing the use of Entelik in your plant.
  • Training records confirming users have been trained on the SOPs and on Entelik itself.
  • Configuration decisions: which roles approve what, signature meanings used, tolerance ranges, recipe content.
  • Periodic review of audit trails and user access lists.
  • Notifying us of any deviation in system behaviour that you believe affects compliance.

What's ours

  • Platform validation evidence (IQ/OQ/PQ protocols, test scripts, traceability matrix, conformance matrix).
  • Change control on platform releases — every release ships with a release impact statement.
  • Audit support during regulatory inspections, included.
  • Notification within 24 hours of any platform behaviour change that may affect a validated function.

Requesting the validation pack

Email compliance@entelik.com from your work address. We send a 47-page zip within 24 hours.