Have a question about this requirement?

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Requirement

Audit trail usage can be setup by an admin, allowing them to decide what to track

Functional Area

Administration

Industries
All
Tags
DETAILS

Description

An audit trail is a secure, immutable record of all activities performed within a system. In this context, it allows the admin to choose what should be tracked within the CPM software such as logins, specific edits, deletions, security actions and so on. This allows for a balance of storage vs detail for an audit log.

Example Use Case

Scenario: A business uses CPM software for financial consolidation of their varies entities. Given the high risks and regulatory requirements associated with financial data, maintaining a comprehensive and secure audit trail is critical.

Solution: The CPM software allows the admin to set up what needs to be tracked in the audit trail. For instance, all changes to intercompany transactions, modifications, deletions, or additions can be tracked and setup by the admin. Every time a change is made, the system records who made it, when, and what exactly was changed. This information aids in maintaining regulatory compliance, identifying discrepancies, and resolving any potential disputes or issues.

Considerations

We include this requirement because some CPM systems will track only basic changes to the data, especially on the SMB side of the market. This usually includes:

  • Add / edit / delete values
  • Original value and new value
  • Time of change
  • Username

For most use cases, this is adequate. As a result many CPM systems do not offer configuration in the audit trail, they lock in the list above as go no further. Now, consider additional audit trail configuration abilities in an enterprise system:

  • Adding, moving, removing, editing dimensions or their members
  • Adding or removing currencies
  • Executing batch processes
  • Making versions or scenarios, or deleting them
  • Adding users, editing users, deleting users or their groups
  • Exporting data to CSV

As you can see, much more goes on in a CPM system than simply editing data. If all of these audit trail capabilities are enabled, the audit database could grow beyond the capabilities of the product sometime in the future, hence the ability to select what the admin needs to track.

Questions to Ask a Vendor

  • Setup Ease and Granularity: How easily can an admin set up the audit trail, and how granular can the tracking be?
  • Security Measures: What security measures are in place to protect the audit trail data?
  • Reporting Capabilities: What kind of reporting functionalities does your system provide for audit trails?
  • Compliance Management: Does your system support compliance with regulations like the Sarbanes-Oxley Act that have specific requirements for audit trails?