P
PeteCresswell
I'm in a whisper-down-the-lane situation: can't talk to the guys who
really know....
Shouldn't be that way, but that's the way it is.
We are importing data from a spreadsheet every so often:
- User clicks a button,
- User navigates to a spreadsheet, and
- User clicks "Ok"
- Application deletes contents of a table
- Application copies contents of spreadsheet into resulting empty
table
SEC auditors want evidence that the import was actually performed as
of a certain date.
Lots of possibilities there.... up to and including not deleting the
old table entries and retrieving latest entries when somebody does a
search.
What I'm actually going to do is:
1) Copy the spreadsheet the user points to into an application-
specific directory that nobody can get to.
2) Do the actual import from the copied version.
3) Keep the copied versions around forever.
4) Add two fields to the table: CreatedAt and CreatedBy.
5) Generate a log of the process.
e.g.
08/26/2009 10:56:07: pcresswell STARTED Importing KLD exclusionary
data from 'D:\$$QaStage\Monthly Compliance Reports
\20081201_MonthlyComplianceReport.XLS'.
08/26/2009 10:56:07: pcresswell Copied 'D:\$$QaStage\Monthly
Compliance Reports\20081201_MonthlyComplianceReport.XLS' to 'd:\SFIM
\Kld_Import_Source\pcresswell.2009 08-26
10-56-07.20081201_MonthlyComplianceReport.XLS'.
08/26/2009 10:56:07: pcresswell Purged 625 existing table records.
08/26/2009 10:56:07: pcresswell Added 651 new table records from 'd:
\SFIM\Kld_Import_Source\pcresswell.2009 08-26
10-56-07.20081201_MonthlyComplianceReport.XLS'.
08/26/2009 10:56:07: pcresswell Updated 'CreatedAt' to '8/26/2009
10:56:07 AM'.
08/26/2009 10:56:07: pcresswell Updated 'CreatedBy' to 'pcresswell
via KLD_Import'.
08/26/2009 10:56:07: pcresswell FINISHED Importing KLD exclusionary
data.
Didn't want to go the "keep all records" route unless it was
specifically requested because then we would have introduced the
possibility that the retrieval process might contain some flaw that
makes it look at old data.
But, as above, I can't talk to these guys....
Has anybody been here with SEC auditors?
Guidelines for an auditable import process?
really know....
Shouldn't be that way, but that's the way it is.
We are importing data from a spreadsheet every so often:
- User clicks a button,
- User navigates to a spreadsheet, and
- User clicks "Ok"
- Application deletes contents of a table
- Application copies contents of spreadsheet into resulting empty
table
SEC auditors want evidence that the import was actually performed as
of a certain date.
Lots of possibilities there.... up to and including not deleting the
old table entries and retrieving latest entries when somebody does a
search.
What I'm actually going to do is:
1) Copy the spreadsheet the user points to into an application-
specific directory that nobody can get to.
2) Do the actual import from the copied version.
3) Keep the copied versions around forever.
4) Add two fields to the table: CreatedAt and CreatedBy.
5) Generate a log of the process.
e.g.
08/26/2009 10:56:07: pcresswell STARTED Importing KLD exclusionary
data from 'D:\$$QaStage\Monthly Compliance Reports
\20081201_MonthlyComplianceReport.XLS'.
08/26/2009 10:56:07: pcresswell Copied 'D:\$$QaStage\Monthly
Compliance Reports\20081201_MonthlyComplianceReport.XLS' to 'd:\SFIM
\Kld_Import_Source\pcresswell.2009 08-26
10-56-07.20081201_MonthlyComplianceReport.XLS'.
08/26/2009 10:56:07: pcresswell Purged 625 existing table records.
08/26/2009 10:56:07: pcresswell Added 651 new table records from 'd:
\SFIM\Kld_Import_Source\pcresswell.2009 08-26
10-56-07.20081201_MonthlyComplianceReport.XLS'.
08/26/2009 10:56:07: pcresswell Updated 'CreatedAt' to '8/26/2009
10:56:07 AM'.
08/26/2009 10:56:07: pcresswell Updated 'CreatedBy' to 'pcresswell
via KLD_Import'.
08/26/2009 10:56:07: pcresswell FINISHED Importing KLD exclusionary
data.
Didn't want to go the "keep all records" route unless it was
specifically requested because then we would have introduced the
possibility that the retrieval process might contain some flaw that
makes it look at old data.
But, as above, I can't talk to these guys....
Has anybody been here with SEC auditors?
Guidelines for an auditable import process?