Auditability
- Auditability
- the quality factor representing the degree to which a business
enterprise,
application, or
component
keeps sufficient adequate records to support one or more specified financial audits
As illustrated in the preceding figure, Auditability is part of the following inheritance hierarchy:
The typical responsibilities of auditability are to:
- Model the degree to which financial audits are supported.
- Support the analysis and specification of
auditability requirements.
- Provide a foundation for evaluating the quality of an architecture.
Auditability is typically decomposed into the following aggregation hierarchy of subfactors:
Auditability is typically measured in terms of:
- Number of specified transactions that are auditable.
- Percentage of transactions of a specified type that are auditable.
Typical mechanisms for achieving auditability include:
- Audit logs.
- Transaction records.
The following guidelines have been found to be useful regarding auditability:
- Ensure that all auditable financial information is stored.
- Ensure that such information is stored for an adequate period of time.
- Check with the subject matter experts in the legal
department of the customer organization to determine what
information to store and how long it should be stored.
- All of the information may need not to be stored using
the same mechanism. For example, recent information is more
likely to be accessed than older information, which can be archived off site.
- This quality factor is related to safety and
security because the integrity of the records must be maintained
from accidental and malicious corruption.
