MCP HubMCP Hub
Retour aux compétences

decommission-validated-system

pjt222
Mis à jour 2 days ago
7 vues
17
2
17
Voir sur GitHub
Testsworddata

À propos

Cette compétence guide les développeurs à travers le démantèlement contrôlé d'un système validé, en garantissant la conformité aux réglementations sur la conservation des données. Elle prend en charge les étapes clés telles que la validation de la migration des données, la stratégie d'archivage et la révocation des accès. Utilisez-la lors du remplacement ou de la mise hors service d'un système en raison de sa fin de vie, de l'arrêt du support ou de changements réglementaires.

Installation rapide

Claude Code

Recommandé
Principal
npx skills add pjt222/agent-almanac -a claude-code
Commande PluginAlternatif
/plugin add https://github.com/pjt222/agent-almanac
Git CloneAlternatif
git clone https://github.com/pjt222/agent-almanac.git ~/.claude/skills/decommission-validated-system

Copiez et collez cette commande dans Claude Code pour installer cette compétence

Documentation

Decommission Validated System

Controlled retirement of validated sys + preserve data integrity + meet retention reqs.

Use When

  • Validated sys replaced
  • EOL no replacement (biz proc eliminated)
  • Vendor discontinues support
  • Consolidation → single platform
  • Reg / biz changes → obsolete

In

  • Required: Sys (name, ver, valid status)
  • Required: Retention reqs (21 CFR Part 11, GLP, GCP)
  • Required: Replacement sys (if applic) + migration scope
  • Optional: Current valid doc pkg
  • Optional: Data vol + fmt inventory
  • Optional: Biz owner + stakeholders

Do

Step 1: Retention Reqs

How long + what form:

# Data Retention Assessment
## Document ID: DRA-[SYS]-[YYYY]-[NNN]

### Regulatory Retention Requirements
| Regulation | Data Type | Retention Period | Format Requirements |
|-----------|-----------|-----------------|-------------------|
| 21 CFR 211 (GMP) | Batch records, test results | 1 year past product expiry or 3 years after distribution | Readable, retrievable |
| 21 CFR 58 (GLP) | Study data and records | Duration of study + retention agreement | Original or certified copy |
| ICH E6 (GCP) | Clinical trial records | 2 years after last marketing approval or formal discontinuation | Accessible for inspection |
| 21 CFR Part 11 | Electronic records | Per predicate rule | Original format or validated migration |
| EU Annex 11 | Computerized system records | Per applicable GxP | Readable and available |
| Tax/financial | Financial records | 7-10 years (jurisdiction-dependent) | Readable |

### System Data Inventory
| Data Category | Volume | Format | Retention Required Until | Disposition |
|---------------|--------|--------|------------------------|-------------|
| [e.g., Batch records] | [e.g., 50,000 records] | [e.g., Database + PDF reports] | [Date] | Migrate / Archive / Destroy |
| [e.g., Audit trail] | [e.g., 2M entries] | [e.g., Database] | [Same as parent records] | Archive |
| [e.g., User data] | [e.g., 200 profiles] | [e.g., LDAP/Database] | [Employment + 2 years] | Anonymise and archive |

Got: Every cat has retention + fmt + disposition.

If err: Unclear reqs → consult regulatory + legal. Default longest applic.

Step 2: Migration Plan (If Applic)

Data → replacement:

# Data Migration Plan
## Document ID: DMP-[SYS]-[YYYY]-[NNN]

### Migration Scope
| Source | Target | Data Category | Records | Migration Method |
|--------|--------|---------------|---------|-----------------|
| [Old system] | [New system] | [Category] | [Count] | ETL / Manual / API |

### Data Mapping
| Source Field | Source Format | Target Field | Target Format | Transformation |
|-------------|-------------|-------------|---------------|---------------|
| [e.g., test_result] | FLOAT(8,2) | [e.g., result_value] | DECIMAL(10,3) | Precision conversion |
| [e.g., operator_id] | VARCHAR(20) | [e.g., user_id] | UUID | Lookup table mapping |

### Validation Approach
| Check | Method | Acceptance Criteria |
|-------|--------|-------------------|
| Record count reconciliation | Source count vs target count | 100% match |
| Field-level comparison | Sample 5% of records, all fields | 100% match after transformation |
| Checksum verification | Hash source vs target for key fields | Checksums match |
| Business rule validation | Verify key calculations in target | Results match source |
| Audit trail continuity | Verify historical audit trail migrated | All entries present with original timestamps |

Got: Plan w/ mapping + transforms + validation → proves integrity.

If err: Migration valid fails → do NOT decommission. Fix + re-validate.

Step 3: Archival Strategy

Data → archive (not migrate):

# Archival Strategy

### Archive Format
| Consideration | Decision | Rationale |
|--------------|----------|-----------|
| Format | [PDF/A, CSV, XML, database backup] | [Why this format survives the retention period] |
| Medium | [Network storage, cloud archive, tape, optical] | [Durability and accessibility] |
| Encryption | [Yes/No — method if yes] | [Security vs long-term accessibility trade-off] |
| Integrity verification | [SHA-256 checksums, periodic verification schedule] | [Prove archive is uncorrupted] |

### Archive Verification
- [ ] Archived data is readable without the source system
- [ ] All required data categories are included in the archive
- [ ] Checksums recorded at time of archival
- [ ] Archive can be searched and retrieved within [defined SLA, e.g., 5 business days]
- [ ] Periodic integrity checks scheduled (annually)

### Archive Access
| Role | Access Level | Authorisation |
|------|-------------|--------------|
| QA Director | Read access to all archived data | Standing authorisation |
| Regulatory Affairs | Read access for inspection support | Standing authorisation |
| System Owner (former) | Read access for business queries | Request-based |
| External auditors | Read access, supervised | Per audit plan |

Got: Archive readable + searchable + verifiable w/o orig sys.

If err: Can't read indep of src sys → not compliant. Export → open std fmt (PDF/A, CSV) pre-decomm.

Step 4: Execute

# Decommission Checklist
## Document ID: DC-[SYS]-[YYYY]-[NNN]

### Pre-Decommission
- [ ] All stakeholders notified of decommission date and data disposition
- [ ] Data migration completed and validated (if applicable)
- [ ] Data archive created and verified (if applicable)
- [ ] Final backup of complete system taken and stored separately
- [ ] All open change requests resolved or transferred
- [ ] All open CAPAs resolved or transferred to successor system
- [ ] All active users informed and redirected to replacement system (if applicable)

### Decommission Execution
- [ ] User access revoked for all accounts
- [ ] System removed from production environment
- [ ] Network connections disconnected
- [ ] Licenses returned or terminated
- [ ] System entry removed from active system inventory
- [ ] System moved to "Decommissioned" status in compliance architecture

### Post-Decommission
- [ ] Validation documentation archived (URS, VP, IQ/OQ/PQ, TM, VSR)
- [ ] SOPs retired or updated to remove references to decommissioned system
- [ ] Training records archived
- [ ] Change control records archived
- [ ] Audit trail archived
- [ ] Decommission report completed and approved

### Decommission Report
| Section | Content |
|---------|---------|
| System description | Name, version, purpose, GxP classification |
| Decommission rationale | Why the system is being retired |
| Data disposition summary | What data went where (migrated, archived, destroyed) |
| Validation evidence | Migration validation results, archive verification |
| Residual risk | Any ongoing data retention obligations |
| Approval | System owner, QA, IT signatures |

Got: Decomm = controlled + documented + approved. Not "turn it off".

If err: Any item incomplete → doc exception + QA approval before proceeding.

Check

  • Retention reqs assessed all cats
  • Migration validated w/ counts + sampling + checksums (if applic)
  • Archive in fmt readable w/o src sys
  • Archive integrity verified w/ checksums
  • All user access revoked
  • Valid docs archived w/ retention period
  • SOPs updated to remove decomm sys refs
  • Decomm report approved: sys owner + QA + IT

Traps

  • Premature decomm: Turn off pre-migration valid → permanent data loss. Complete valid first.
  • Unreadable archives: Proprietary fmt needs orig sys → defeats purpose. Use open fmts.
  • Forgotten audit trails: Archive data but not audit trail → no provenance. Always archive trails w/ parent records.
  • Orphaned SOPs: SOPs still ref decomm sys → user confusion + compliance gaps. Update / retire all.
  • No periodic archive verify: Archives degrade. No integrity checks → loss undetected until inspection.

  • design-compliance-architecture — update sys inventory post-decomm
  • manage-change-control — decomm = major change → change control
  • write-validation-documentation — migration valid follows same IQ/OQ
  • write-standard-operating-procedure — retire/update SOPs
  • prepare-inspection-readiness — archived data accessible for inspections

Dépôt GitHub

pjt222/agent-almanac
Chemin: i18n/caveman-ultra/skills/decommission-validated-system
0
agentsagentskillsai-assisted-developmentclaude-codeskillsteams

Compétences associées

evaluating-llms-harness

Tests

Cette compétence Claude exécute le lm-evaluation-harness pour évaluer les modèles de langage sur plus de 60 tâches académiques standardisées telles que MMLU et GSM8K. Elle est conçue pour permettre aux développeurs de comparer la qualité des modèles, de suivre les progrès de l'entraînement ou de rapporter des résultats académiques. L'outil prend en charge différents backends, incluant les modèles HuggingFace et vLLM.

Voir la compétence

cloudflare-cron-triggers

Tests

Cette compétence fournit une connaissance complète pour la mise en œuvre de Déclencheurs Cron Cloudflare afin de planifier des Workers à l'aide d'expressions cron. Elle couvre la configuration de tâches périodiques, de travaux de maintenance et de flux de travail automatisés, tout en traitant des problèmes courants tels que les expressions cron non valides et les problèmes de fuseau horaire. Les développeurs peuvent l'utiliser pour configurer des gestionnaires planifiés, tester des déclencheurs cron et intégrer avec Workflows et Green Compute.

Voir la compétence

webapp-testing

Tests

Cette Compétence Claude fournit une boîte à outils basée sur Playwright pour tester des applications web locales via des scripts Python. Elle permet la vérification frontend, le débogage d'interface utilisateur, la capture d'écrans et la consultation des journaux, tout en gérant les cycles de vie du serveur. Utilisez-la pour les tâches d'automatisation de navigateur, mais exécutez les scripts directement plutôt que de lire leur code source pour éviter la pollution du contexte.

Voir la compétence

finishing-a-development-branch

Tests

Cette compétence aide les développeurs à finaliser leur travail en vérifiant que les tests passent, puis en présentant des options d'intégration structurées. Elle guide le processus de fusion, de création de PRs ou de nettoyage des branches une fois l'implémentation terminée. Utilisez-la lorsque votre code est prêt et testé pour finaliser systématiquement le cycle de développement.

Voir la compétence