Electronic Transaction Governance: Implementing Audit Trails

415 Image

This is the third of a series of five blog posts detailing how to implement Electronic Transaction Governance in your custom software interfaces.  We will also discuss how Wovenware implements Electronic Transaction Governance in the Wovenware Integrator. The Wovenware Integrator is an adaptable software platform that provides visibility, accountability, and governance to all electronic transaction processes. Please refer to the What is Electronic Transaction Governance blog post for a detailed explanation of the term.

Electronic Transaction Governance: Audit Trails

In this blog post we will discuss the area of Audit Trails. Audit Trails are data logs, information breadcrumbs, which allow process flows (in our context software process flows) to be tracked trough their lifecycle. The importance of audit trails is that they allow for accountability and reporting of these process flows. Specifically for software process flows they are also excellent debugging tools.

Audit Trails is the area of Electronic Transaction Governance that require proper log messages are recorded for all electronic transaction messages handled by the processing software.

An electronic message, regardless of its format ASC X12 EDI, NIEM, HL7, etc., follows a process flow. That is, the electronic transaction message is processed following a series of predetermined steps. An example of these steps could be:

Electronic Message Process Flow

To implement proper Electronic Transaction Governance, at least, one Audit Trail message should be logged for each step of the process flow. Using the example above , means we would need to log an audit message when the message is received, when it is decrypted, when its standard compliance is verified, when its data quality is tested, and finally when the electronic message is inserted into the core system. It is recommended that multiple audit messages be logged for each process flow. This way the message flow could be more thoroughly monitored.

The audit trail log must include all the necessary information to recreate the electronic message. Remember these audit logs will be your monitoring, accountability and reporting data. If log space is limited then at least all the critical information should be logged. Finally, audit trails have invaluable process flow information, as such store them in a secure environment for as long as possible.

The Wovenware Integrator logs audit trails through the configuration of its Application Services implementation and custom calls to the Wovenware Audit Log API. Application Services are customizable software processes, based on a Software Pattern developed by Wovenware Engineers, which can execute following a custom defined business workflow. Inside the implementation of an Application Service defined task, audit messages are automatically logged thorough the process flow. The audit messages are logged to the Wovenware Integrator Audit Log Database Tables. Additional audit messages can be logged by adding custom calls to the Wovenware Audit Log API.

In our next post we will discuss how to implement the Security Management area of Electronic Transaction Governance.

0 Comments
Wovenware Gravatar
  • (will not be published)