Modifications unauthorized

It is not sufficient to issue instructions about (1) and the aid described in (2). We must convince all concerned, particularly foremen, that they should not carry out unauthorized modifications. This can be done by discussing typical incidents, such as those described here those illustrated in the Institution of Chemical Engineers (UK) Safety Training Package No. 025, Modifications—The Management of Change or better still, incidents that have occurred in your own company. 

Chapter 2 stressed the need to consider the results of plant modifications before they are made and to prevent unauthorized ones. This applies to computers as well as traditional plant. No change should be made to hardware or software unless authorized by a professionally competent person who has carried out a systematic survey of possible consequences. It is easier to change a software control system than a traditional one and therefore harder to control the changes, but it is just as important to do so. Section 20.5 describes an unauthorized change to hardware that could have had serious results. 

Safety Rc icw - to ensure that the EHS facility is operated as designed, that no unauthorized modifications were performed, mid that new facilities and modifications arc designed according to state of the art technology... 

Check the DA original design drawing. Check the position of all inlets, outlets, and baffles. Check to see if any unauthorized modifications have taken place, such as additional vent openings. The vent... 

Unauthorized modification of the system clock must be prevented (Part 11.10(d)). 

Records must remain complete during transmission. An authentic record is one that is proven to be what it purports to be and to have been created or sent by the person who purports to have created and sent it. Records/messages authentication provides the means to evaluate the integrity of the data/message. It involves technical and procedural controls to detect unauthorized modifications to data/messages. 

Audit Trail An electronic means of auditing the interactions between records within an electronic system, so that any access to the system can be documented as it occurs, to identify unauthorized actions in relation to the records, e.g., modification, deletion, or addition (DOD 5015.2-STD). 

In one modification of the Purex process, the plutonium is not separated from the uranium. In this version, the first cycle has only two columns instead of three. In addition to reducing the criticality risk, this modification reduces the risk of unauthorized diversion of the plutonium. 

There are no unauthorized modifications There are no visible unauthorized X X X... 

The initial inspection shall ensure that the type of protection of the apparatus and its installation are appropriate. As a rule, initial inspections shall be detailed inspections. Periodic inspections are of the visual or close type. They shall detect all the factors effecting the deterioration of apparatus, e.g. corrosion, exposure to chemicals or solvents, accumulation of dust or dirt, water ingress, exposure to excessive ambient temperature, mechanical damage, unauthorized modifications or adjustments and inappropriate maintenance. 

Batch Traceability Lost Unauthorized data modification leading to erroneous batch data Medium 4 4 4 64... 

It is important to appreciate that some data may be transient and will never be stored to durable media, while other transient data may be processed to derive data before being stored. Both transient and stored data must be protected from unauthorized, inadvertent, or malicious modification. It is expected that a register of authorized users, identification codes, and scope of authority of individuals to input or change data is maintained. Some computer systems lock-down data, denying all write-access. Secnrity arrangement is discussed in detail elsewhere in this chapter. 

The application of timestamps should be periodically reviewed. Checks should be made to verify that authorized clock changes such as the change between summertime and wintertime, have been correctly implemented. Checks should also be made for unauthorized modification of system clocks and drift. Networked computer systems can be used to synchrotuze clocks. Procedural controls should be established to prevent unauthorized system clock changes in the absence of techrucal means. 

Protecting data from unauthorized modification and destruction. 

Data Historians should be vahdated. Data must be protected from unauthorized and unintentional modification. This might be achieved through locking down data (i.e., no subsequent write permissions given after data created). The requirement for any audit trails needs to be specified. Data retention requirements need to be defined in accordance with company policy and regulatory requirements. Software used to retrieve data should be validated. Any dependencies on storage media need to be understood and managed. Backup and restore are key processes. System interfaces should also be specified and tested. 

Prevent unauthorized, inappropriate, or poorly done modifications as they are the major cause of accidents ... 

All records must be readily retrievable, and be stored and retained using facilities that are safeguarded against unauthorized modification, damage, deterioration and/or loss of documentation. 

Work instructions and SOPs define the operations required to start up, operate, monitor, shutdown and maintain systems. These work instructions and SOPs must be controlled in order to prevent inadvertent and unauthorized modification and to ensure access to only the latest revision of the document. Work instructions and SOPs must therefore be held in accessible but secure areas that are periodically backed up and archived. IS access must be controlled by a hierarchical security system that constrains system operations in accordance with the role, responsibilities and competency of the user. Access to and modification of the information supporting such work instructions and SOPs, for example, engineering drawings and specifications must be equally controlled. 

---