23 Oct 19 Part 5: Audit Trails – It’s all in the reporting
Audit Trails – It’s all in the Reporting
You’ve satisfied your audit requirements by developing an audit trail for key configurations/setups, master data, and some abnormal transactions; you are done, right? You are almost done, but you are not quite there yet. Capturing change is obviously the most important aspect when it comes to developing an effective audit trail, but the next question is, how do you report on it?
Any good audit solution should include some reporting capabilities to allow you to get at the data stored in the audit trail. You don’t really need anything too complex, but you should be able to generate a report that allows you to selectively pull data out of the audit trail as and when required.
The main requirement for an audit trail report is that it should allow you to get an answer to the following question…
Who did what to what, and when did they do it?
So, as a minimum, your audit report should include the following information…
- The data object that was changed (i.e. the table in the database)
- The audit event…
- New data being created
- Existing data being changed
- Existing data being removed
- The date and time
- Who made the change
- A list of columns (as defined by the audit policy) and the before and after values
In addition to the basic, but essential information above, you may also need to capture additional “context” based data. For example, it is often useful to know from which responsibility in Oracle EBS a given audit trail transaction occurred.
The audit report should allow you to be fine-grained in terms of what data you include, for example…
- Specific date range or period of time (i.e., the last week, month…etc)
- Multiple tables (i.e., all supplier-related tables)
- Selection of users (i.e., all superusers)
You may also find it useful if your audit solution can do “negative selection”. So rather than asking it to report on transactions for a certain group of users, you can ask it to report on transactions for everyone, excluding a group of users.
Audit Trails often become very large, very quickly, especially if you have not been especially fine-grained when determining what goes into the audit trail. In any case, having the ability to be selective when it comes to reporting is essential.
You may also need the ability to be a little more ad-hoc or forensic when analyzing data in the audit trail. So rather than running a big report and then wading through the data, you may, in some scenarios, find it more efficient to drill into the audit trail on-screen in a more interactive way.
Documenting the “Why?”
An audit trail can answer the what, the when, and the whom, but one question it cannot answer is the “why”.
Often, the why, is tied back to a change management process, but there will be no correlation between the data in the audit trail and the change management ticket.
Your audit solution should have a means of doing this along with the ability to document why something has changed, even when there is no change ticket involved. This allows you to build up the required documentary evidence that is often needed when demonstrating to your auditors that you have control over change within the system.
Audit trail solutions are all about “capturing” change, but they can also be used as a continuous monitoring solution in some scenarios.
For example, it is useful to be able to define an audit policy for some abnormal or exceptional scenario. You can then be notified of such an event whenever it occurs.
Can your audit solution do all of this?
Want to know how we can help you build an effective, fine-grained, metadata-driven audit trail for Oracle EBS? Get in touch today and ask us about CS*Audit.
Want a quick overview of CS*Audit, check out the video below…
Next Time & Early Access
This is the final article in this series on building an effective audit trail and so we will take a break for a week or two but watch this space for the next series which is all about Oracle EBS and keeping control of your license usage.
If you want to get access to these articles before anyone else, please subscribe to our newsletter.