No audit trail in PHX (what about SAS?) [Software]

posted by Helmut Homepage – Vienna, Austria, 2015-11-01 15:01 (3393 d 13:16 ago) – Posting: # 15595
Views: 9,146

Hi ElMaestro,

❝ All this is based on 'the project', which may imply that you know it exists.


In Phoenix a collection of data, methods, transformations, results, plots, :blahblah: (objects) is called a “pro­ject”. Hence, the filename extension phxproj. Has nothing to do with projects in the real world, which may consist of many PHX-projects.
If a project doesn’t exist, on which button would you click? ;-)

❝ I guess you could call the xml a naïve […] type of project audit trail. Perhaps not so much who did what when but at least a tool for secondary result verification.


Yes. There is an implementation of “who–what–when” within Phoenix-projects (but not given in the XML). Every object has three tabs, called
  1. Proporties
    The data, specifications of the data format of variables (numeric, text), and associated units.
  2. Information
    Created, saved (timestamp in UTC)
    Status (Current or Out of Date). The latter appears only if something was changed and not exe­cuted.
    Created with, last executed with, last saved with: PHX release(s) and build(s).
  3. History
    Screenshot
    [image]
    The “when”, “by whom”, and “what” is automatically tracked and can’t be switched off. In the last column one could (but not must!) add the “why”. Giving a reason could be handled by SOPs.
However, there are some problems with the History-tab:If one wants to be fully 21 CFR Part 11 compliant the Phoenix Knowledgebase Server is a must. Costly…

❝ I recall Certara recently went from a yearly license to one that is basically "pay per view". This implies that the software keeps track of and counts the projects,


Talked about it with Certara. They claimed that no “tracker” exists in the software. Essentially I believe them since the software was released well before the new license model came out. The new license model is based on projects in the “real world”, not Phoenix-projects. Users are asked to submit the number of projectsb evaluated per year. How that practically will work, no idea.

❝ and therefore I wonder if we can generate an xml detailing the (all!) projects,


With an in-depth (!) knowledge of XML, yes. F.i. one of my TSDs (two enantiomers, PK and PD data) resulted in 1,012 (!) files linked from the XML-file. If one uses templates, common parts of different pro­jects will have the same names. Doable, but no fun.

❝ like the equivalent of an instrument (work station) audit trail?


:-D


  1. By reviewer I mean the usual suspects wanting to gain insight about what was done (monitors, auditors, inspectors, agents of the NSA, …).
  2. According to Certara’s definition the entirety of studies performed on a particular drug for a given company. Therefore, if you performed five studies (each evaluated by three Phoenix-projects) on drug A for company B, the number will be 1 (not 5 or 15). Given that, the license model is cheap for inno­va­tors and generic companies, but expensive for CROs.


PS: IMHO, Phoenix’ History is better than nothing. What do we get in SAS? A plain txt-file with a footer like:

Program: X:\foo\bar\blup.sas      Date/Time generated: DDMMMYYYY hh:mm
Datasets used: a,b,c

Any dummy can change 125.01 to 125.00 in a simple editor, safe, and modify the properties of the file (in UNIX-flavours the touch-command; similar stuff exists for other OSs). Now what? If one wants to be sure that no fraudulent action has taken place the study has to be re-calculated from raw data – as the FDA does.
Is anybody aware of a wrapper of SAS implementing an audit trail?

In “classical” WinNonlin (i.e., up to v5.3) it was possible to call functions (stated in “Win­Non­lin’s object-oriented scripting language”) from a batch file (pre­vent­ing any user-interaction). From a PK-perspective this was not optimal, since it relied solely on auto­matic methods (e.g., selection of time points for the estimation of λz). Some big players told me “It is more important for us to have reproducible results than optimal ones. We want to avoid discussions with regulators.” Bayer was pissed when Pharsight removed scripts in Phoenix. They had a validated system (data import, evaluation, report generation including audit trails) which they trashed at the end. Since Phoenix is based on .NET Framework 4.5, gifted C++ coders should be able to come up with a wrapper. ;-)

Dif-tor heh smusma 🖖🏼 Довге життя Україна! [image]
Helmut Schütz
[image]

The quality of responses received is directly proportional to the quality of the question asked. 🚮
Science Quotes

Complete thread:

UA Flag
Activity
 Admin contact
23,380 posts in 4,914 threads, 1,665 registered users;
81 visitors (0 registered, 81 guests [including 11 identified bots]).
Forum time: 04:18 CET (Europe/Vienna)

When people learn no tools of judgment
and merely follow their hopes,
the seeds of political manipulation are sown.    Stephen Jay Gould

The Bioequivalence and Bioavailability Forum is hosted by
BEBAC Ing. Helmut Schütz
HTML5