Difference between revisions of "Audits"
| (4 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | Changes made by users are fully audited. The audit data is maintained within the database through the use of dedicated columns in every table, and a dedicated audit table. | |
Two types of auditing records are maintained: | Two types of auditing records are maintained: | ||
| − | 1. Every record in every table of the database maintains six items of information: created by, created date and time, updated by, updated date and time, deleted by and deleted date and time. | + | 1. Every record in every table of the database maintains six items of information: created by, created date and time, updated by, updated date and time, deleted by and deleted date and time. Additionally, the software used a "soft delete" mechanism where the software treats deleted records as if they do not exist, except for auditing purposes. Maintaining the created, updated and deleted fields allows the quick pinpointing of when a record was created, updated or deleted, but it does not give specifics of what was changed. |
2. An audit log maintained in a separate database table maintains: | 2. An audit log maintained in a separate database table maintains: | ||
| Line 16: | Line 16: | ||
* The software's user | * The software's user | ||
| − | This log | + | This log gives user specific information down to the individual column in the database. This log can become large over time and does require periodic purging, but can be reloaded back into the software if you need historical auditing information from previous years. |
The system itself makes the majority of changes to the data as it gets punches from the time clock, creates the time cards and schedules, and calculates the time cards creating hours and exceptions. It is not practical to maintain an audit log of every change made in this process, because the database would grow to an excessive size within a few days. | The system itself makes the majority of changes to the data as it gets punches from the time clock, creates the time cards and schedules, and calculates the time cards creating hours and exceptions. It is not practical to maintain an audit log of every change made in this process, because the database would grow to an excessive size within a few days. | ||
| Line 22: | Line 22: | ||
The majority of the audit information that is maintained is through the actions of the users of the software, as they perform the following types of actions: | The majority of the audit information that is maintained is through the actions of the users of the software, as they perform the following types of actions: | ||
| − | * Logging In | + | * [[Login|Logging In]] |
* Logging Out | * Logging Out | ||
| − | * Adding or editing employees | + | * [[Employees#Add Employees|Adding or editing employees]] |
* Adding, editing or deleting punches, hours, schedules and placeholders | * Adding, editing or deleting punches, hours, schedules and placeholders | ||
* Adding or editing the configuration items, e.g. changing a pay rules | * Adding or editing the configuration items, e.g. changing a pay rules | ||
Latest revision as of 18:34, 22 June 2015
Changes made by users are fully audited. The audit data is maintained within the database through the use of dedicated columns in every table, and a dedicated audit table.
Two types of auditing records are maintained:
1. Every record in every table of the database maintains six items of information: created by, created date and time, updated by, updated date and time, deleted by and deleted date and time. Additionally, the software used a "soft delete" mechanism where the software treats deleted records as if they do not exist, except for auditing purposes. Maintaining the created, updated and deleted fields allows the quick pinpointing of when a record was created, updated or deleted, but it does not give specifics of what was changed.
2. An audit log maintained in a separate database table maintains:
- The creation, update and deletion information
- A record of each field value as it is updated
- A record of the previous value before the update
- The computer date and time
- The database server's date and time
- The computer name
- The computer's logged in user
- The software's user
This log gives user specific information down to the individual column in the database. This log can become large over time and does require periodic purging, but can be reloaded back into the software if you need historical auditing information from previous years.
The system itself makes the majority of changes to the data as it gets punches from the time clock, creates the time cards and schedules, and calculates the time cards creating hours and exceptions. It is not practical to maintain an audit log of every change made in this process, because the database would grow to an excessive size within a few days.
The majority of the audit information that is maintained is through the actions of the users of the software, as they perform the following types of actions:
- Logging In
- Logging Out
- Adding or editing employees
- Adding, editing or deleting punches, hours, schedules and placeholders
- Adding or editing the configuration items, e.g. changing a pay rules
