Hello all, Recently this year the FDA publishes a new 21 CFR 11 guideline. For those that don't know, this standard primarily deals with security regarding electronic documents and signatures. One of the recent additions/clarifications is that an electronic signature cannot be falsified by a single person. Most software that claims to be 21 CFR 11 compliant do not do this. After all, many of this software has a root account that has full access to the system and do not implement any safeguards against root forging signatures. I was contemplating how it would be done and I was thinking perhaps using PGP signatures.
I have two questions, what do you guys think? and does Compiere have the feature to somehow PGP sign (or something equivalent) actions done by a user? The reason why I am interested in Compiere is that I know that it is being used in an FDA regulated environment and it seems to be the only open source ERP software in that environment. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
