SOCRA CCRP Certification questions and
answers 2025\2026 A+ Grade
CFR Title 21: Part 11
- correct answer Electronic Records; Electronic Signatures
Part 11, Subpart A: General Provisions
- correct answer -must be trustworthy, reliable, and generally equivalent to paper records
-applies to electronic forms that are created, modified, maintained, archived, retrieved, or transmitted
-where records meet requirements, it will be considered equivalent to full handwritten signatures,
initials, etc.
-must be available and subject to FDA inspection
-may be in lieu of paper records or traditional signatures if they meet the above requirements and have
been identified in public docket (making it official)
Part 11: Closed system
- correct answer an environment in which system access is controlled by persons who are responsible
for the content of electronic records that are on the system.
Part 11: Digital signatures
- correct answer an electronic signature based upon cryptographic methods of originator authentication,
computed by using a set of rules and a set of parameters such that the identity of the signer and the
integrity of the data can be verified.
Part 11: Electronic record
- correct answer any combination of text, graphics, data, audio, pictorial, or other information
representation in digital form that is created, modified, maintained, archived, retrieved, or distributed
by a computer system.
,Part 11: Electronic signature
- correct answer A computer data compilation of any symbol or series of symbols executed, adopted, or
authorized by an individual to be the legally binding equivalent of the individual's handwritten signature.
Part 11: Handwritten signature
- correct answer the scripted name or legal mark of an individual handwritten by that individual and
executed or adopted with the present intention to authenticate a writing in a permanent form. The act
of signing with a writing or marking instrument such as a pen or stylus is preserved. The scripted name
or legal mark, while conventionally applied to paper, may also be applied to other devices that capture
the name or mark.
Part 11: Open system
- correct answer an environment in which system access is not controlled by persons who are
responsible for the content of electronic records that are on the system.
Part 11, Subpart B: Electronic Records
Controls for closed systems
- correct answer Persons who use closed systems to create, modify, maintain, or transmit electronic
records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when
appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily
repudiate the signed record as not genuine.
Includes:
-validation of system
-ability to generate accurate and complete copies of records for inspection, review, etc.
-Protection
-limiting system to auth. individuals
-secure, time-stamped, audit trails
-enforcement of permitted sequencing of steps
-authority checks to make sure only auth. people using
-establishment and adherence to policies for accountability and deterrence of sig falsification
Part 11, Subpart B: Electronic Records
,Controls for opens systems
- correct answer Persons who use open systems to create, modify, maintain, or transmit electronic
records shall employ procedures and controls designed to ensure the authenticity, integrity, and, as
appropriate, the confidentiality of electronic records from the point of their creation to the point of
their receipt. Such procedures and controls shall include those identified in §11.10, as appropriate, and
additional measures such as document encryption and use of appropriate digital signature standards to
ensure, as necessary under the circumstances, record authenticity, integrity, and confidentiality.
Part 11, Subpart B: Electronic Records
Signature manifestations
- correct answer Must contain:
(1) The printed name of the signer;
(2) The date and time when the signature was executed; and
(3) The meaning (such as review, approval, responsibility, or authorship) associated with the signature.
Part 11, Subpart B: Electronic Records
Signature/record linking
- correct answer Electronic signatures and handwritten signatures executed to electronic records shall
be linked to their respective electronic records to ensure that the signatures cannot be excised, copied,
or otherwise transferred to falsify an electronic record by ordinary means.
Part 11, Subpart C: Electronic Signatures
General requirements
- correct answer -shall be unique
-organization shall verify identity of person providing electronic signature before making it official
-person using electronic signature should acknowledge that is is legally binding
-Persons using electronic signatures shall, upon agency request, provide additional certification or
testimony that a specific electronic signature is the legally binding equivalent of the signer's handwritten
signature.
Part 11, Subpart C: Electronic Signatures
Electronic signature components and controls
- correct answer (a) Electronic signatures that are not based upon biometrics shall:
(1) Employ at least two distinct identification components(i.e., ID code and password)
, (i) When an individual executes a series of signings during a single, continuous period of controlled
system access, the first signing shall be executed using all electronic signature components; subsequent
signings shall be executed using at least one electronic signature component that is only executable by,
and designed to be used only by, the individual.
(ii) When an individual executes one or more signings not performed during a single, continuous period
of controlled system access, each signing shall be executed using all of the electronic signature
components.
(2) Be used only by their genuine owners; and
(3) Be administered and executed to ensure that attempted use of an individual's electronic signature by
anyone other than its genuine owner requires collaboration of two or more individuals.
(b) Electronic signatures based upon biometrics shall be designed to ensure that they cannot be used by
anyone other than their genuine owners.
Part 11, Subpart C: Electronic Signatures
Controls for identification codes/passwords
- correct answer (a) Maintaining the uniqueness of each combined identification code and password
(b) Ensuring that identification code and password issuances are periodically checked, recalled, or
revised
(c) Following loss management procedures to electronically deauthorize lost, stolen, missing, or
otherwise potentially compromised tokens, cards, and other devices that bear or generate identification
code or password
(d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes,
and to detect and report in an immediate and urgent manner any unauthorized attempts
(e) Initial and periodic testing of devices, such as tokens or cards, that bear or generate identification
code or password information to ensure that they function properly and have not been altered
Part 50
- correct answer Protection of human subjects
Part 50, Subpart A: General Provisions
- correct answer (1) A color additive petition
answers 2025\2026 A+ Grade
CFR Title 21: Part 11
- correct answer Electronic Records; Electronic Signatures
Part 11, Subpart A: General Provisions
- correct answer -must be trustworthy, reliable, and generally equivalent to paper records
-applies to electronic forms that are created, modified, maintained, archived, retrieved, or transmitted
-where records meet requirements, it will be considered equivalent to full handwritten signatures,
initials, etc.
-must be available and subject to FDA inspection
-may be in lieu of paper records or traditional signatures if they meet the above requirements and have
been identified in public docket (making it official)
Part 11: Closed system
- correct answer an environment in which system access is controlled by persons who are responsible
for the content of electronic records that are on the system.
Part 11: Digital signatures
- correct answer an electronic signature based upon cryptographic methods of originator authentication,
computed by using a set of rules and a set of parameters such that the identity of the signer and the
integrity of the data can be verified.
Part 11: Electronic record
- correct answer any combination of text, graphics, data, audio, pictorial, or other information
representation in digital form that is created, modified, maintained, archived, retrieved, or distributed
by a computer system.
,Part 11: Electronic signature
- correct answer A computer data compilation of any symbol or series of symbols executed, adopted, or
authorized by an individual to be the legally binding equivalent of the individual's handwritten signature.
Part 11: Handwritten signature
- correct answer the scripted name or legal mark of an individual handwritten by that individual and
executed or adopted with the present intention to authenticate a writing in a permanent form. The act
of signing with a writing or marking instrument such as a pen or stylus is preserved. The scripted name
or legal mark, while conventionally applied to paper, may also be applied to other devices that capture
the name or mark.
Part 11: Open system
- correct answer an environment in which system access is not controlled by persons who are
responsible for the content of electronic records that are on the system.
Part 11, Subpart B: Electronic Records
Controls for closed systems
- correct answer Persons who use closed systems to create, modify, maintain, or transmit electronic
records shall employ procedures and controls designed to ensure the authenticity, integrity, and, when
appropriate, the confidentiality of electronic records, and to ensure that the signer cannot readily
repudiate the signed record as not genuine.
Includes:
-validation of system
-ability to generate accurate and complete copies of records for inspection, review, etc.
-Protection
-limiting system to auth. individuals
-secure, time-stamped, audit trails
-enforcement of permitted sequencing of steps
-authority checks to make sure only auth. people using
-establishment and adherence to policies for accountability and deterrence of sig falsification
Part 11, Subpart B: Electronic Records
,Controls for opens systems
- correct answer Persons who use open systems to create, modify, maintain, or transmit electronic
records shall employ procedures and controls designed to ensure the authenticity, integrity, and, as
appropriate, the confidentiality of electronic records from the point of their creation to the point of
their receipt. Such procedures and controls shall include those identified in §11.10, as appropriate, and
additional measures such as document encryption and use of appropriate digital signature standards to
ensure, as necessary under the circumstances, record authenticity, integrity, and confidentiality.
Part 11, Subpart B: Electronic Records
Signature manifestations
- correct answer Must contain:
(1) The printed name of the signer;
(2) The date and time when the signature was executed; and
(3) The meaning (such as review, approval, responsibility, or authorship) associated with the signature.
Part 11, Subpart B: Electronic Records
Signature/record linking
- correct answer Electronic signatures and handwritten signatures executed to electronic records shall
be linked to their respective electronic records to ensure that the signatures cannot be excised, copied,
or otherwise transferred to falsify an electronic record by ordinary means.
Part 11, Subpart C: Electronic Signatures
General requirements
- correct answer -shall be unique
-organization shall verify identity of person providing electronic signature before making it official
-person using electronic signature should acknowledge that is is legally binding
-Persons using electronic signatures shall, upon agency request, provide additional certification or
testimony that a specific electronic signature is the legally binding equivalent of the signer's handwritten
signature.
Part 11, Subpart C: Electronic Signatures
Electronic signature components and controls
- correct answer (a) Electronic signatures that are not based upon biometrics shall:
(1) Employ at least two distinct identification components(i.e., ID code and password)
, (i) When an individual executes a series of signings during a single, continuous period of controlled
system access, the first signing shall be executed using all electronic signature components; subsequent
signings shall be executed using at least one electronic signature component that is only executable by,
and designed to be used only by, the individual.
(ii) When an individual executes one or more signings not performed during a single, continuous period
of controlled system access, each signing shall be executed using all of the electronic signature
components.
(2) Be used only by their genuine owners; and
(3) Be administered and executed to ensure that attempted use of an individual's electronic signature by
anyone other than its genuine owner requires collaboration of two or more individuals.
(b) Electronic signatures based upon biometrics shall be designed to ensure that they cannot be used by
anyone other than their genuine owners.
Part 11, Subpart C: Electronic Signatures
Controls for identification codes/passwords
- correct answer (a) Maintaining the uniqueness of each combined identification code and password
(b) Ensuring that identification code and password issuances are periodically checked, recalled, or
revised
(c) Following loss management procedures to electronically deauthorize lost, stolen, missing, or
otherwise potentially compromised tokens, cards, and other devices that bear or generate identification
code or password
(d) Use of transaction safeguards to prevent unauthorized use of passwords and/or identification codes,
and to detect and report in an immediate and urgent manner any unauthorized attempts
(e) Initial and periodic testing of devices, such as tokens or cards, that bear or generate identification
code or password information to ensure that they function properly and have not been altered
Part 50
- correct answer Protection of human subjects
Part 50, Subpart A: General Provisions
- correct answer (1) A color additive petition
