1 / 36

Connecting Sarbanes to Oxley

Connecting Sarbanes to Oxley. Faye Windhorst Landauer, Inc. 14 th NATURAL Conference October, 2006. Background. 2006. 1970. ADABAS. VSAM. Background. 14:02:41 ***** NATURAL LIST COMMAND ***** 2006-08-02

xerxes
Télécharger la présentation

Connecting Sarbanes to Oxley

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ConnectingSarbanes toOxley Faye Windhorst Landauer, Inc. 14th NATURAL Conference October, 2006

  2. Background 2006 1970 ADABAS VSAM

  3. Background 14:02:41 ***** NATURAL LIST COMMAND ***** 2006-08-02 User FAYE - LIST Objects in a Library - Library FIXLIB Cmd Name Type S/C SM Version User ID Date Time --- ACCT*____ *__________ *__ * *______ *________ *__________ *________ __ ACCTDTFX Program S/C S 4.1.03 BENT 2005-05-19 09:48:56 __ ACCTFIX Program S/C R 3.1.04 TOMC 2002-10-30 15:20:31 __ ACCTFXDT Program S/C S 4.1.03 FAYE 2005-08-17 12:59:26 __ ACCTJKS Program S R 2.2.08 JKIE 1997-12-31 16:02:30 __ ACCTMAST Program S S 2.2.08 FAYE 1998-01-29 16:12:12 __ ACCTSEL1 Program S/C S 3.1.04 FAYE 2002-05-21 14:30:53 __ ACCTSEL2 Program S/C S 3.1.04 FAYE 2002-05-21 10:32:17 __ ACCTSEL3 Program S/C S 3.1.04 FAYE 2002-05-24 07:55:13 __ ACCTSERV Program S S 2.2.08 FAYE 1998-01-09 08:37:34 __ ACCTTEST Program S/C S 2.1.07 BENT 1992-05-14 11:37:23 10 Objects found Top of List. Command ===> Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- Help Print Exit Sort -- - + ++ > Canc

  4. Background 07/30/06 ***** Landauer, Inc. ***** ISMNTP1 14:16 - File Maintenance Menu 1 - ISMNTM1 Code System/Function/Explanation A Account Master (80) B Account Master Control Record (80) C Dosimeter (72) D Dosimeter Component (73) E Participant Master (81) F Process Menu H Report Master (99) I N144 Etching Tray (78) J N144 Cross Reference (79) K Credit Dosimeter Return (45) L Ship Date Table (101) Enter code: __ Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12--- help retrn main quit NxtMn flip

  5. Background

  6. Background

  7. Problem

  8. ADABAS Audit table The Solution Existing CON-STRUCT program ?

  9. The Solution 14:33:42 ***** NATURAL LIST COMMAND ***** 2006-08-02 User FAYE - List DDM ACCOUNT-MASTER-ALL - Library FIXLIB DDM DBID 0 DDM FNR 80 VSAM Name Default Sequence Page 1 T L DB Name F Leng S D Remark - - -- -------------------------------- - ---- - - ------------------------ 1 AA ACCT-NBR P 6.0 Account number 1 AB ACCT-SER-CODE A 3 Account series code 1 AC REC-DEL-IND A 1 Record deleted indicator 1 AD TERR-CODE A 1 N Account sales territory 1 AE STATE-CODE A 2 N State code. 1 AF ACCT-NAME A 23 N Account name 1 AG ACCT-LICENSEE-NAME A 16 N Account licensee name 1 AH ACCT-LICENSEE-NBR A 15 N Account licensee number 1 AI ACCT-REG-NBR A 7 N Account registration number 1 AJ ACCT-EXPOS-RPT-CPY A 2 N Account exposure report copy 1 AK ACCT-EXPOS-RPT-DUP-DEST A 1 N Account duplicate exposure report dest 1 AL ACCT-MREM-OVEXP-DEEP A 5 N Account over exposure MREM Top of List.

  10. Existing CON-STRUCT program The Solution PLOG SPATs

  11. The Solution Existing CON-STRUCT program READ For UPDATE Capture Before Image Apply changes to update view Capture After Image UPDATE

  12. The Solution User FAYE - List DDM AUDIT-LOG - Library FIXLIB DDM DBID 0 DDM FNR 139 VSAM Name Default Sequence Page 1 T L DB Name F Leng S D Remark - - -- -------------------------------- -- ---- - - ------------------------ 1 AA AUDIT-FUNC A 1 F Action or function against data 1 AB AUDIT-ACTIV A 2 F Activity effecting change 1 AC AUDIT-AUTH-CODE A 20 N 1 AD AUDIT-DATE N 8.0 N 1 AE AUDIT-PROG A 32 N 1 AF AUDIT-TIME N 7.0 N 1 AG AUDIT-USER A 32 N 1 AH AUDIT-VIEW-NAME A 32 N M 1 AJ AUDIT-IMAG A 250 Image of record being audited (30 Occur) M 1 AK AUDIT-IMAG-TWO A 250 Secondary image of record being audited (30 Occur)

  13. The Solution Code Frame ......... CUFMC22 SIZE 40000 Description ........ FILE MAINTENANCE CODE - MISC. SUBROUTINES FREE 88705 > > + ABS X X-Y _ S 500 L 325 ....+....1....+....2....+....3....+....4....+....5....+....6....+....7.. T C IF UPDATE-VIEW.&PRIME-PREFIX&LOG-COUNTER NE " &PRIME-FILE.&PRIME-PREFIX&LOG-COUNTER THEN " RESET #RECORD-DISPLAYED " BACKOUT TRANSACTION " USE-MSG-NR 3 REINPUT *8010 ALARM /* Intervening change, please try again " ELSE 3 REINPUT 'Intervening change, please try again' ALARM " RETURN-TO-CONDITION 2 END-IF " RETURN-TO-CONDITION 1 ASSIGN #UPDATE-PERFORMED = TRUE " * Landauer capturing before image AUDIT-FUNC := #ACTION AUDIT-IMAG-TYPE := 'BEFORE' PERFORM AUDIT-PURGE-MODIFY-RTN * PURGE-ACTION-SELECTED 2 ....+....1....+....2....+....3....+....4....+....5....+....6....+....7.. T

  14. The Solution ************************************************************************ DEFINE SUBROUTINE AUDIT-PURGE-MODIFY-RTN ************************************************************************ IF AUDIT-FUNC = 'M' THEN AUDIT-FUNC := 'C' END-IF IF AUDIT-FUNC = 'P' THEN AUDIT-FUNC := 'D' END-IF IF AUDIT-IMAG-TYPE = 'BEFORE' THEN /* always do this on before images AUDIT-PROG := *PROGRAM AUDIT-USER := *USER AUDIT-DATE := *DATN AUDIT-TIME := *TIMN AUDIT-VIEW-NAME := '&PRIME-FILE' AUDIT-Y := AUDIT-LOOP-LIMIT - 1 /* must stop on last full element FOR AUDIT-X = 1 TO AUDIT-Y AUDIT-IMAG (AUDIT-X) := CHUNK1 (AUDIT-X) END-FOR /* (0200) AUDIT-IMAG (AUDIT-X) := CHUNK1X END-IF

  15. The Solution IF AUDIT-IMAG-TYPE = 'AFTER' THEN /* always do this on after images AUDIT-Y := AUDIT-LOOP-LIMIT - 1 /* must stop on last full element FOR AUDIT-X = 1 TO AUDIT-Y AUDIT-IMAG-TWO (AUDIT-X) := CHUNK1 (AUDIT-X) END-FOR AUDIT-IMAG-TWO (AUDIT-X) := CHUNK1X END-IF IF AUDIT-IMAG-TYPE = 'AFTER' OR /* write audit if after image AUDIT-IMAG-TYPE = 'BEFORE' AND /* or before image on a purge AUDIT-FUNC = 'D' THEN AUDIT-ACTIV := AUDIT-ACTIV-FRZ STORE AUDIT-LOG RESET AUDIT-LOG AUDIT-X AUDIT-Y END-IF END-SUBROUTINE /* audit-purge-modify-rtn

  16. The Solution ************************************************************************ DEFINE SUBROUTINE AUDIT-ADD-RTN ************************************************************************ AUDIT-PROG := *PROGRAM AUDIT-USER := *USER AUDIT-DATE := *DATN AUDIT-TIME := *TIMN AUDIT-FUNC := 'A' AUDIT-VIEW-NAME := '&PRIME-FILE' AUDIT-Y := AUDIT-LOOP-LIMIT - 1 /* must stop on last full element FOR AUDIT-X = 1 TO AUDIT-Y AUDIT-IMAG-TWO (AUDIT-X) := CHUNK (AUDIT-X) END-FOR AUDIT-IMAG-TWO (AUDIT-X) := CHUNKX AUDIT-ACTIV := AUDIT-ACTIV-FRZ STORE AUDIT-LOG RESET AUDIT-LOG AUDIT-X AUDIT-Y END-SUBROUTINE /* audit-add-rtn

  17. The Solution * Primary file being maintained on the INPUT statement. 01 &PRIME-FILE VIEW OF &PRIME-DDM PRIME1 U NOT PRIME-FILE-IS-DB2 OR NOT KEY-IS-A-SUPER 1 NEXT-ACTION-SELECTED OR ADD-ACTION-SELECTED 2 * Landauer Sarbanes-oxley audit changes capture data 01 REDEFINE &PRIME-FILE LDRAUDIT1 U * View which gets held during updates. 01 UPDATE-VIEW VIEW OF &PRIME-DDM PRIME2 U LOGGING-UPDATES 1 * Landauer Sarbanes-oxley audit changes capture data LDRAUDIT2 U * " * View used to store audit trail logs. " 01 &LOG-FILE VIEW OF &LOG-DDM " Subprogram: CUFMGFIL Parameter: LOG N " SECONDARY-FILE-USED 1 * " * Secondary file view. "

  18. The Solution CSMUSEX Natural Construct Jul 30 Maintain User Exit 1 of 1 User exit name ......... LDRAUDIT2 Code frame name ........ CUFMDA2 Conditional N User exit required ..... X Generate as subroutine . _ Sample subprogram ...... ________ GUI sample subprogram .. ________ Default user exit code . 01 REDEFINE UPDATE-VIEW_______________________________________________ 2 CHUNK1 (A250/1:21) /* most of record - resize as needed________ 2 CHUNK1X (A250) /* final segment - resize as needed_________ * Correct above values (field sizes only) to exactly match the__________ * update-view of your data. Use these sizes to adjust the audit______ * processor program when adding the routine for this view.____________ * Example: ACCOUNT-MASTER-ALL is 20 elements of A250, plus A228___________ * ..................................................................____ ________________________________________________________________________ ________________________________________________________________________ Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF1 help retrn

  19. DEFINE EXIT LDRAUDIT1 2 CHUNK (A250/1:5) /* MOST OF RECORD - RESIZE AS NEEDED 2 CHUNKX (A57) /* FINAL SEGMENT - RESIZE AS NEEDED 1 AUDIT-LOOP-LIMIT (P5) INIT <6> /* SET TO MATCH CHUNK LIMIT+CHUNKX * Correct above values (field + array sizes) to exactly match the * prime-view of your data. Use these sizes to adjust the audit * processor program when adding the routine for thie view. * Example: ACCOUNT-SERVICES is 21 elements of A187, plus A3. * Be sure to set correct audit-loop-limit to match array size. * You may use a maximum of 30 occurrences as specified in the LDA.. 1 AUDIT-ACTIV-FRZ (A2) INIT <'A '> /* Set this to the correct activity END-EXIT The Solution

  20. The Solution MULTIPLE-WINDOWS * Landauer code to pop up a window to capture authorization code FORMAT IP=OFF DEFINE WINDOW AUTHWIN SIZE 4 * 25 TITLE 'Authorization Code' FRAMED ON (CD=YE) /* Only pop the window up if the Y has been keyed and no /* authorization has been keyed yet. /* 03/09/05 change - glcae IF #CONFIRM-FLG = 'Y' AND AUDIT-AUTH-CODE = ' ' THEN SET KEY OFF SET WINDOW 'AUTHWIN' INPUT WINDOW='AUTHWIN' AUDIT-AUTH-CODE (AD=ULAE'_') SET WINDOW OFF SET KEY ON

  21. The Solution

  22. The Solution Define data 1 view of actual data 1 view of clone of actual data 1 view of audit detail – contains raw before & after images READ for update copy actual data to clone call audit-capture routine - reformats clone data to fit copy screen changes to the actual data view copy actual data to clone again call audit-capture again - reformat changed clone data to fit write audit record.

  23. ADABAS Audit table The Solution Existing CON-STRUCT program

  24. ADABAS Detail Audit table ADABAS Historical Audit table The Solution Audit-Log Audit-History

  25. The Solution 10:45:12 ***** NATURAL LIST COMMAND ***** 2006-08-03 User FAYE - List DDM AUDIT-HISTORY - Library ISDL DDM DBID 0 DDM FNR 138 VSAM Name Default Sequence Page 1 T L DB Name F Lg S D Remark - - -- -------------------------------- - ---- - - ------------------------ 1 AA AUDIT-FUNC A 1 F Action or function a 1 AB AUDIT-ACTIV A 2 F D Activity effecting change 1 AC CUST-NBR N 6.0 Customer Number 1 AD ACCT-NBR P 6.0 Account number 1 AE SER-CODE A 3 Series Code 1 AF PART-NBR A 5 Participant number. 1 AG DOSI-SN P 7.0 N Dosimeter serial number 1 AH DOSI-SN-SUFX A 1 N Dosimeter serial suffix 1 AI GENERIC-SEARCH-DATA A 64 N D 1 AJ AUDIT-DATE N 8.0 1 AK AUDIT-PROG A 32 N 1 AL AUDIT-TIME N 7.0 N 1 AM AUDIT-AUTH-CODE A 64 N D 1 AN AUDIT-USER A 32 N D 1 AO AUDIT-VIEW-NAME A 64 N D 1 AP AUDIT-FIELD-NAME A 64 N D 1 AT AUDIT-FIELD-OCCUR N 7.0 N 1 AU AUDIT-FIELD-OCCUR-MAX N 7.0 N 1 AV AUDIT-SUB-FIELD-OCCUR N 7.0 N 1 AW AUDIT-SUB-FIELD-OCCUR-MAX N 7.0 N 1 AQ AUDIT-FIELD-DESCRIPTION A 64 N Business description M 1 AR BEFORE-IMAG A 128 N M 1 AS AFTER-IMAG A 128 N

  26. The Solution Audit Converter Program View Handler Subroutine View Handler Subroutine View Handler Subroutine …

  27. The Solution ** Program: AXAUDTP0 ** Author: Faye Windhorst ** Date Written: 12/22/04 ** Description: This program is the driver for moving records from the ** Audit-Log to the Audit-History file. ** Records on the Audit-Log are unformatted and contained in ** a "chunk of data". This program performs subroutines for ** each Adabas view to format the raw audit data into a ** useable format on the Audit-History file. As records are ** processed and written to Audit-History, they are ** physically deleted from Audit-Log. ** DEFINE DATA GLOBAL USING AXAUDTG0 LOCAL USING AXJCLA1 LOCAL 01 COUNTERS 02 #READ-CTR (N7) 02 #DELETE-CTR (N7) 01 INDICES 02 #MAX-AUTH-IX(N3) INIT <100> 02 #AX-IX (N3) 02 #IX (N3) END-DEFINE (More...)

  28. The Solution READAUDT. READ AUDIT-LOG BY ISN ADD 1 TO #READ-CTR DECIDE FOR FIRST CONDITION WHEN AUDIT-LOG.AUDIT-VIEW-NAME = 'ACCOUNT-CONTRACT-INFO' PERFORM AXACONS0-ACCOUNT-CONTRACT-INFO WHEN AUDIT-LOG.AUDIT-VIEW-NAME = 'ACCOUNT-CONTRACT-PO-INFO' PERFORM AXACPOS0-ACCOUNT-CONTRACT-PO-INFO WHEN AUDIT-LOG.AUDIT-VIEW-NAME = 'ACCOUNT-MASTER-ALL' DECIDE ON FIRST AUDIT-LOG.AUDIT-PROG VALUES 'ISACCTP1', 'ISCNUPP1' PERFORM AXAMALS4-ACCOUNT-MASTER-ACCT * INCLUDES AXAMALS5, AXAMALS6 & AXAMALS7 VALUE 'ISADDRP1' PERFORM AXAMALS8-ACCOUNT-MASTER-ADDRESS NONE PERFORM AXAMALS0-ACCOUNT-MASTER-ALL * INCLUDES AXAMALS1, AXAMALS2 & AXAMALS3 END-DECIDE WHEN AUDIT-LOG.AUDIT-VIEW-NAME = 'ACCOUNT-MASTER-CTL' PERFORM AXAMCTS0-ACCOUNT-MASTER-CTL (MORE…) WHEN AUDIT-LOG.AUDIT-VIEW-NAME = 'STATE-CODE-TABLE' PERFORM AXCTSTS0-STATE-CODE-TABLE WHEN ANY IF AUDIT-ET-CTR > 0 ADD 1 TO #DELETE-CTR DELETE (READAUDT.) END TRANSACTION RESET AUDIT-ET-CTR * (MORE…)

  29. The Solution * IF AUDIT-LOG.AUDIT-AUTH-CODE = MASK (999999'-'999999) OR AUDIT-LOG.AUDIT-AUTH-CODE = MASK ('F'999999'-'999999) OR AUDIT-LOG.AUDIT-AUTH-CODE = MASK ('S'999999'-'999999) OR AUDIT-LOG.AUDIT-AUTH-CODE = MASK ('UK OFFICE'...........) EXAMINE AXJCLA1.#AUDIT-AUTH-ARRAY(*) FOR AUDIT-LOG.AUDIT-AUTH-CODE GIVING INDEX #IX IF #IX = 0 #AX-IX := #AX-IX + 1 AXJCLA1.#AUDIT-AUTH-ARRAY (#AX-IX) := AUDIT-LOG.AUDIT-AUTH-CODE END-IF * * if the auth-code-array is full - stop processing and * get the remaining audit-log records on the next pass * IF #AX-IX = #MAX-AUTH-IX ESCAPE BOTTOM END-IF END-IF * END-IF WHEN NONE WRITE 'No audit subroutine for ' AUDIT-LOG.AUDIT-VIEW-NAME '.' END-DECIDE * END-READ * IF #AX-IX > 0 AXJCLA1.#NAT-LIBRARY := 'ISDL' AXJCLA1.#NAT-SOURCE-NAME := 'AXAHJCC1' AXJCLA1.#AUDIT-ARRAY-IX := #AX-IX CALLNAT 'AXJCLN1' AXJCLA1 END-IF * WRITE 15T 'RECORDS READ ' #READ-CTR (EM=Z,ZZZ,ZZ9) / 15T 'RECORDS DELETED' #DELETE-CTR (EM=Z,ZZZ,ZZ9) /// 15T ' *** END OF REPORT *** ' END

  30. The Solution ** MODULE NAME: AXAMALS3 ** AUTHOR: FAYE WINDHORST ** DATE WRITTEN: 12-27-04 ** DESCRIPTION: THIS SUBROUTINE IS PERFORMED AS PART OF AXAUDTP0 TO FORMAT ** ACCOUNT-MASTER-ALL AUDIT DATA FROM AUDIT-LOG INTO A USEABLE ** FORMAT ON AUDIT-HISTORY ** DEFINE DATA GLOBAL USING AXAUDTG0 /* AUDIT-LOG LOCAL USING FXSDELA0 /* SYSDIC-EL (PREDICT FIELD NAME DESCR) LOCAL USING FXAUDHA0 /* AUDIT-HISTORY LOCAL 01 ACTMST-ALL-BEFORE 02 ACCT-NBR (P6) 02 ACCT-SER-CODE (A3) 02 REC-DEL-IND (A1) 02 TERR-CODE (A1) 02 STATE-CODE (A2) 02 ACCT-NAME (A23) (MORE...) 01 REDEFINE ACTMST-ALL-BEFORE 02 BEFORE-CHUNK (A250/1:20) 02 BEFORE-CHUNKX (A228) * 01 ACTMST-ALL-AFTER 02 ACCT-NBR (P6) 02 ACCT-SER-CODE (A3) 02 REC-DEL-IND (A1) 02 TERR-CODE (A1) 02 STATE-CODE (A2) 02 ACCT-NAME (A23) (MORE...) 01 REDEFINE ACTMST-ALL-AFTER 02 AFTER-CHUNK (A250/1:20) 02 AFTER-CHUNKX (A228) END-DEFINE

  31. The Solution DEFINE SUBROUTINE AXAMALS3-ACCOUNT-MASTER-BEFORE-AFTER * ------------------------------------------------------------------------------------------------- ** AUDIT-IMAG = BEFORE IMAGE ** AUDIT-IMAG-TWO = AFTER IMAGE ** MOVE FROM AUDIT FILE INTO VIEW LAYOUTS ** BEFORE-CHUNK (1:20) := AUDIT-IMAG(1:20) BEFORE-CHUNKX := AUDIT-IMAG(21) AFTER-CHUNK (1:20) := AUDIT-IMAG-TWO(1:20) AFTER-CHUNKX := AUDIT-IMAG-TWO(21) RESET FXAUDHA0 MOVE BY NAME AUDIT-LOG TO FXAUDHA0-RECORD FXAUDHA0.ACCT-NBR := ACTMST-ALL-BEFORE.ACCT-NBR FXAUDHA0.SER-CODE := ACTMST-ALL-BEFORE.ACCT-SER-CODE FXAUDHA0.CUST-NBR := ACTMST-ALL-BEFORE.CUST-NBR DECIDE FOR EVERY CONDITION WHEN ACTMST-ALL-BEFORE.TERR-CODE NE ACTMST-ALL-AFTER.TERR-CODE MOVE 'TERR-CODE' TO FXAUDHA0.AUDIT-FIELD-NAME PERFORM LOOKUP-FIELD-DESCRIPTION MOVE ACTMST-ALL-BEFORE.TERR-CODE TO FXAUDHA0.BEFORE-IMAG (1) MOVE ACTMST-ALL-AFTER.TERR-CODE TO FXAUDHA0.AFTER-IMAG (1) PERFORM STORE-AUDIT-HISTORY-RECORD WHEN ACTMST-ALL-BEFORE.STATE-CODE NE ACTMST-ALL-AFTER.STATE-CODE MOVE 'STATE-CODE' TO FXAUDHA0.AUDIT-FIELD-NAME PERFORM LOOKUP-FIELD-DESCRIPTION MOVE ACTMST-ALL-BEFORE.STATE-CODE TO FXAUDHA0.BEFORE-IMAG (1) MOVE ACTMST-ALL-AFTER.STATE-CODE TO FXAUDHA0.AFTER-IMAG (1) PERFORM STORE-AUDIT-HISTORY-RECORD WHEN ACTMST-ALL-BEFORE.ACCT-NAME NE ACTMST-ALL-AFTER.ACCT-NAME MOVE 'ACCT-NAME' TO FXAUDHA0.AUDIT-FIELD-NAME PERFORM LOOKUP-FIELD-DESCRIPTION MOVE ACTMST-ALL-BEFORE.ACCT-NAME TO FXAUDHA0.BEFORE-IMAG (1) MOVE ACTMST-ALL-AFTER.ACCT-NAME TO FXAUDHA0.AFTER-IMAG (1) PERFORM STORE-AUDIT-HISTORY-RECORD (MORE...) WHEN NONE IGNORE END-DECIDE

  32. And finally…

  33. And finally…

  34. Connecting Sarbanes to Oxley Questions??? Faye Windhorst Landauer, Inc. 14th NATURAL Conference October, 2006

More Related