Issue No. 06 - June (1987 vol. 13)
R.D. Schultz , Abacus Programming Corporation
An architectural approach and a software mechanism is presented to enhance the auditability and testability of advanced transaction processing EDP systems. A high degree of auditability can be achieved through integrated support of auditability mechanisms as opposed to the traditional after-the-fact, ad hoc, add-on audit and test approaches. A programmable audit evidence gathering mechanism called an audit probe is proposed. A generic model of the audit probe is presented and its major features outlined. Audit hooks are proposed as standard probe interfaces for audit software. An overview of a high level audit-oriented audit probe definition language (APDL) for specifying the evidence gathering requirements for audit is highlighted. Audit test concurrent with the normal operation of the system and the capability of filtering only selected audit data are advocated. An example is presented illustrating the use of APDL and its value to auditing and quality control.
transaction processing system, Audit, auditability, audit definition language, audit hook, audit probe, quality control, software testing
R. Schultz and A. Cardenas, "An Approach and Mechanism for Auditable and Testable Advanced Transaction Processing Systems," in IEEE Transactions on Software Engineering, vol. 13, no. , pp. 666-676, 1987.