Modules Packages Quizzes About

Quizzesspocr03-compliance-audit

SPOCR03 Compliance & Audit Trail

Overview Textbook Workbook Instructor notes Knowledge check

Knowledge check

Compliance & Audit Trail

10 questions in pool · live exam draws 4

SPOCR03

10 questions · live exam draws 4

Q1 multiple-choice · shift

What changes when OCR moves from convenience to compliance?

A) The OCR engine
B) Additional discipline — chain-of-custody, audit logs, validation, access controls — bolted onto same OCR pipeline
C) Throughput requirements
D) Customer relationship

Source: SPOCR03 §1.

Explanation: Compliance is additive discipline, not different technology. Same OCR engine + additional discipline on top.

Q2 multiple-choice · frameworks

21 CFR Part 11 applies to:

A) Industrial chemicals in EU
B) Consumer electronics in JP
C) US pharmaceutical + medical device electronic records
D) Retail planogram audits

Source: SPOCR03 §2.

Explanation: 21 CFR Part 11 = FDA’s framework for electronic records + signatures in regulated pharma/medical contexts.

Q3 multiple-choice · chain-of-custody

How many steps in the standard chain-of-custody for compliance OCR records?

A) 3
B) 5
C) 7 (physical receipt, capture, OCR, routing, manual review, publish, downstream ack)
D) 10

Source: SPOCR03 §3.

Explanation: 7-step chain captures every transition from physical product to downstream record. Each transition leaves an audit log entry.

Q4 scenario · timezone

Your customer operates studios in 3 time zones. Audit log timestamps should be:

A) Local time of each studio
B) UTC for the log; local time only in UI for human convenience
C) US Eastern Time
D) Local time + audit log date format

Source: SPOCR03 §7.

Explanation: UTC eliminates time-zone ambiguity at audit. Local time in UI is convenience; UTC in the record is discipline.

Q5 multiple-choice · role-boundary

OCR Specialist’s role in regulated industry engagements vs. customer’s RA professional?

A) OCR Specialist makes regulatory interpretation decisions
B) RA professional designs the OCR pipeline
C) OCR Specialist contributes technical pipeline + records architecture; RA professional interprets regulator expectations + signs off on validation
D) No boundary; both do everything

Source: SPOCR03 §5.

Explanation: Healthy collaboration = role boundaries. Cross the boundary = expose customer + PhotoRobot to risk.

Q6 true-false · read-audit

In compliance OCR pipelines, only write-events need audit logging; read-events can be untracked.

True
False ← CORRECT

Source: SPOCR03 §7.

Explanation: Both reads + writes must be logged in compliance contexts. Auditor wants to know who saw what + when, not just what changed.

Q7 multiple-choice · validation

Which is the OCR Specialist’s role in 21 CFR Part 11 validation?

A) Author the User Requirements Specification
B) Sign off on the validation package
C) Contribute technical content to FS + DS; support OQ + PQ testing; provide threshold + dictionary + version info
D) Defend validation to FDA auditor

Source: SPOCR03 §6.

Explanation: Technical contribution to validation; sign-off + defense is RA’s role.

Q8 scenario · revalidation-trigger

Your validated pipeline’s OCR engine vendor releases a major update.

A) Update + continue without revalidation
B) Update only if performance improves
C) Treat as revalidation trigger; run OQ/PQ against new version; document; only deploy after revalidation
D) Don’t update

Source: SPOCR03 §6.

Explanation: Engine version change = revalidation trigger. Update + revalidate = healthy; update + skip = compliance citation risk.

Q9 multiple-choice · failure-modes

Which is NOT a common compliance failure mode covered in SPOCR03?

A) Audit log gaps
B) Threshold drift unmanaged
C) Reviewer changes unattributed
D) Excessive user training

Source: SPOCR03 §7.

Explanation: Common failures: log gaps, drift, unattributed changes, time-zone confusion, access without log, untested backups, re-shoot loops unaudited. Excessive training is not a failure mode.

Q10 multiple-choice · closing

Best summary of SPOCR03’s discipline:

A) Replace OCR engine with compliance-certified one
B) Skip OCR; use manual data entry
C) Same OCR pipeline + chain-of-custody + audit logs + validation + RA collaboration + drift management
D) Outsource compliance work
Total: 10 questions
Multiple choice: 9
True/False: 1
Drawn per attempt: 4

Source: SPOCR03 closing message.

Explanation: Compliance OCR is the same pipeline with discipline. Build for audit; collaborate with RA; manage drift; revalidate on change.

Ready to commit? You can review and change your answers before submitting. Once submitted, this attempt is final and we'll show you your score, correct answers, and explanations.

Previous module SPOCR02 Quality Thresholds

v0.37.0 · built 2026-05-27 20:13 UTC

Manuals · photorobot.io · photorobot.com