Is Business Central 21 CFR Part 11 Compliant?

By Thomas Brünger, Managing Partner

21-cfr-part-11 · complianceJuly 18, 2026

No — Business Central is not 21 CFR Part 11 compliant out of the box. 21 CFR Part 11 is a set of FDA requirements for electronic records and electronic signatures; a system becomes Part 11 compliant through how it is configured, controlled, and validated, not by the software alone.

What Part 11 requires

Part 11 governs the trustworthiness of electronic records and signatures. For an ERP system that means a secure, computer-generated, time-stamped audit trail; linking of signatures to their records; access controls and authority checks; and validation demonstrating the system performs consistently and as intended. The signature's meaning (approval, review, responsibility) must be clear and recorded.

How Business Central gets there

These are configuration and validation outcomes. The audit trail, permission model, and — where the process requires signed records — electronic signature controls are set up for the specific use, then validated. See 21 CFR Part 11 and Business Central for the requirement-by-requirement view, and note that EU manufacturers usually anchor the same controls to EU GMP Annex 11.

Independent architecture governance can verify the Part 11 controls and their documentation ahead of an FDA inspection.

Frequently asked questions

What does 21 CFR Part 11 require?
Controls for electronic records and electronic signatures: a secure, computer-generated audit trail, signature/record linking, access controls, and validation that the system performs as intended.
Does Part 11 apply to Business Central in the EU?
Part 11 is FDA regulation. EU manufacturers face the equivalent EU GMP Annex 11. Companies serving the US market, or their suppliers, typically address both — the underlying controls largely overlap.