Amending an existing AS400 application in order that it produces audit trails of changes to sensitive data, is an expensive task. There are three ways of carrying out these amendments.
1) Modify the relevant update programs so that they print (typically, one-page) reports that detail updates as they happen.
2) Modify the relevant update programs so that they write to an audit file which is a copy of the file being updated with date/time/user details added. Write new programs which read the audit files overnight, printing the details of data changes.
3) Journal the physical files so that updates are captured by system files known as journal receivers. In the same way as (2), write new programs which read the receiver entries and print audit trails.
All of these solutions are expensive in programmer time, so at Anchormoor, in 1990, we came up with a method/product that reduces the process to a matter of minutes.
Just like option (3), the files you are interested in must be journalled. However, no changes are necessary to any existing application. We developed a product, AUDIT/400, that reads journal entries for a file or set of files and produces formatted audit trail reports that can be customised to look like other output produced by your application(s). For the cost of two weeks of a contractor's time, you end up with a product where a file can be set up to be monitored within five minutes.
Our customers have included Lloyds Bank, IBM Consulting, Standard Chartered Bank, Sears Womenswear (Miss Selfridge and Warehouse), Abbot Laboratories and AMP. We came within a whisker of selling 200 licences to a very well known soft drinks manufacturer.
|