Audit Trail Management - Premier Validation Presentation

TEMPLATES & PRESENTATIONS PRESENTATIONS
1

[b]Audit Trail Management:

This presentation has been generated by Premier Validation in order to explain the importance of Audit Trails in regulated environments.

This presentation contains the following information:

  • What are Audit Trails
  • Planning and Strategy - Who should be involved
  • What does Planning and Strategy go wrong?
  • How can risk be mitigated
  • Planning and Strategy – Two sides to every story
  • Planning and Strategy – The IT way
  • Calculate Disk Space in Advance
  • Tips for IT – Auditing Efficiency
  • Planning and Strategy – The Quality Way
  • We have an audit trail – everything is fine!
  • Tips to constructing a Compliance Strategy
  • What data needs to be audited
  • Tips for Reducing Auditable Data
  • Reduce Auditable Data – Reduce Cost of Analysis
  • Audit Control Vs Version Control
  • 15 Tips for Testing Audit Trails
  • Precision of Data and Time expression
  • 7 steps to take when an audit trail doesn’t work successfully
  • Benefits of an Audit Trail
  • Why is reporting so important with an Audit Trail
  • Reporting on Audit Trails
  • When do Audit Trails not apply
  • What systems should have audit trails
  • What systems are less likely to have Audit Trails

See attached presentation.

Best Regards[/b]

Link to download:
https://www.sugarsync.com/pf/D790402_258092_857449

Premier Validation - Audit Trail Management.ppt (0 Bytes)

2

Graham,

Really good stuff. I especially like the different views. It’s quite important to understand the goals, constraints, and challenges from all the angles.

I (admittedly) only scanned through it so I may have missed these, but if not, you may want to consider addressing:

  • validation of archival / retrieval tools / process
  • validation of any add-ons / plug-ins used to support the system
  • when data can be purged

One of the more common issues I run into is DBMS access. Typically, DBMs are able to make changes that don’t trigger an audit trail record. Have you encountered this? Do you have suggestions on how to manage it?

3

[quote=yodon]
One of the more common issues I run into is DBMS access. Typically, DBMs are able to make changes that don’t trigger an audit trail record. Have you encountered this? Do you have suggestions on how to manage it?[/quote]

Good question and valid point, its not an issue I have come up against before, have you considered some kind of control like an SOP thats states all changes implemented by a DBM must be controlled perhaps through screenshots all of changes.

Its just an idea maybe other people will have suggestions.

4

That would work for “managed” changes but would not prevent or detect malicious changes. I had one client put a layer on top of SQL - OmniAudit, I believe. At least that can be used to detect malicious (“unmanaged”) changes. Of course, that too requires validation.

5

Thats good information thanks Yodon

6

Very good and helpful information. I am on the implementation team of a new electronic batch record and documentation system (Pilgrim), and this will come in when dealing with audit trails. It definitely brings up some good points that we need to keep in mind. THANKS FOR SHARING GRAHAM! :slight_smile:

7

Thank you Graham & Yodon.
Its very informative. This is excellent material.

8

No problem guys, glad to help!

9

Much appreciated, thank you for sharing the valuable presentation.:slight_smile:

10

Thank you Graham. Very good presentation !