Collaborative audit framework
First Claim
1. An auditing method for capturing audit data from various applications in collaborative business processes spanning several enterprises not under common control such as sharing the same network or security regime, comprisingestablishing a central audit warehouse as a repository for audit data from the various applications associated with respective business processes comprising one or more commercial transactions each composed of a series of interrelated components created on applications in two or more of said independent enterprises, the corresponding audit data making up an audit trail for a series of events that transpired to carry out a given commercial transaction,predefining a standardized format and communication protocol for communicating audit data of various types associated with an application to the audit warehouse,extracting audit data at the application level in a native format different from said standardized format;
- converting the audit data in said native format to the corresponding standardized format for the type of audit data,transferring the audit data in the standardized format via an interface to the audit warehouse using the predefined communication protocol,sorting standardized audit data by the individual commercial transaction to which the audit data relates; and
storing the sorted audit data at the audit warehouse according to the respective commercial transaction to which the audit data relates so that audit data relating to a given commercial transaction can subsequently be retrieved together to check for compliance with required procedures.
2 Assignments
0 Petitions
Accused Products
Abstract
A framework for comprehensive auditing of applications involved in business processes in distributed application landscapes, including local, distributed and collaborative audit, is based on the concept of a collaborative “audit warehouse” that enables a central, tool-supported audit of cross-enterprise business processes. The interface for the audit data warehouse is defined in an intermediate format language with verification capabilities, such as XML (Extensible Markup Language). Applications in effect write audit data to audit data pools in the warehouse, e.g., in XML format transferred via http over the Internet. Alternatively, data is pulled from the applications by the warehouse automatically or on command. In one preferred paradigm individual enterprises have their own central audit data warehouses, each collecting data from applications both within and outside of the enterprise that owns the warehouse, in order to aggregate audit data for a given business process spanning potentially several distinct enterprises.
-
Citations
24 Claims
-
1. An auditing method for capturing audit data from various applications in collaborative business processes spanning several enterprises not under common control such as sharing the same network or security regime, comprising
establishing a central audit warehouse as a repository for audit data from the various applications associated with respective business processes comprising one or more commercial transactions each composed of a series of interrelated components created on applications in two or more of said independent enterprises, the corresponding audit data making up an audit trail for a series of events that transpired to carry out a given commercial transaction, predefining a standardized format and communication protocol for communicating audit data of various types associated with an application to the audit warehouse, extracting audit data at the application level in a native format different from said standardized format; -
converting the audit data in said native format to the corresponding standardized format for the type of audit data, transferring the audit data in the standardized format via an interface to the audit warehouse using the predefined communication protocol, sorting standardized audit data by the individual commercial transaction to which the audit data relates; and storing the sorted audit data at the audit warehouse according to the respective commercial transaction to which the audit data relates so that audit data relating to a given commercial transaction can subsequently be retrieved together to check for compliance with required procedures. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An auditing method for capturing audit data from various applications in collaborative business processes spanning several enterprises not under common control such as sharing the same network or security regime, comprising
establishing a first central audit warehouse, under the control of one enterprise or of one group of interrelated enterprises as a repository for audit data from the various applications both within the one enterprise or one group of interrelated enterprises and also in distinct enterprises associated with one or more respective business processes, each comprising one or more distinct individual commercial transactions composed of a series of interrelated components created on applications in two or more of said enterprises, the corresponding audit data together making up an audit trail for a series of events that transpired to carry out a given commercial transaction transferring audit data to the first warehouse from an application in a distinct enterprise, which has more limited access to data in the first warehouse than the one enterprise or one group of related enterprises, in a standardized format via an interface to the first audit warehouse using a predefined communication protocol, and sorting standardized audit data by the commercial transaction to which the audit data relates; - and
storing the sorted audit data at the audit warehouse according to the respective commercial transactions to which the audit data relates so that audit data relating to a given commercial transaction can subsequently be retrieved together to check for compliance with required procedures. - View Dependent Claims (21, 22, 23, 24)
- and
Specification