Ensuring the Integrity of the Database - High-Performance Web Databases: Design, Development, and Deployment - page 458

Databases Reference

In-Depth Information

• The hardware vendors involved.

• The software vendors involved.

• An inventory of hardware platforms.

• An inventory of software systems.

• An assessment of the incompatibility of the platforms (The auditor

may need to perform this step with the manager of the client/server

environment.)

STEP 2: Review the Potential Usage of Data by Clients

The auditor should identify the potential uses of data in a client/server

environment by talking to a representative number of system clients. The

objective of this step is to determine the level of risk to data integrity due

to the high-risk usage of data. To perform this step the auditor should ask

the following questions:

• Will the client add, delete, or modify data before producing reports that

may need to be reconciled by other uses of data from the same database?

• Is the client processing data with unproven software and then using

the results to make business decisions?

STEP 3: Determine the Number of Databases in a Client/Server

Environment

Having a single database in a client/server environment involves a simi-

lar risk relationship as with a traditional database. If additional databases

exist, the auditor should ask the following questions:

• Will the databases be used independently or with one another? (If

used together, the data integrity risk is increased.)

• Are the additional databases subsets of the main database? (If so, the

auditor should explore how the integrity of the extracted database will

be maintained.)

STEP 4: Modify the Audit Program

The audit program should be modified on the basis of conclusions

drawn in steps 1 through 3. If multiple platforms pose additional risks, user

processing characteristics pose additional risks, or multiple databases

exist, the audit program should be adjusted.

The auditor should view himself or herself as a client of the client/server

system. In this way, the auditor can perform the needed audit processing to

evaluate the client/server risk.

RECOMMENDED COURSE OF ACTION

The proper functioning of application systems in a database environ-

ment depends on the ongoing integrity of the database. Without verifying

Next Page

High-Performance Web Databases: Design, Development, and Deployment

Search WWH ::

Custom Search

Home