Reviewing Table Audits in the Universal Audit

• Reviewing Table Audits in the Universal Audit
  • Overview
  • Process
    • Sign In to the Universal Audit
    • Search for audited tables in the connected CCLAS 6 instance

Overview

Laboratories are configured with significant data that needs to be monitored to confirm correct business process is followed around the data modification. For example, if a scheme is changed, the testing regime in a job can be significantly different. Therefore, restrictions are placed upon changing such data, and when it is changed, those changes are audited. The CCLAS auditing capability allows organisations to determine which data is important for audit requirements by establishing audit rules.

As part of ISO17025 and Good Laboratory Practices (GPL), any changes to reference data, that is, the laboratory's analytical configuration, as compared to job/sample-centric dynamic data), must be protected and changes audited. This is important as many users may have access to this sensitive content and inadvertently make editing errors and want to revert back to the previous content.

A laboratory head or QC manager may want to keep track of which staff are changing what data.

Process

Where CCLAS 6 is configured for Writing Audits to the Universal Audit, then job audits are viewed using the Universal Audit Web application, external to CCLAS 6.

The data for these table audits comes from two sources. The first source is Oracle, which provides base information on tables lists. The second source is the Universal Audit API, which serves as the back-end for Elasticsearch searches. The Universal Audit Web interface allows users to customise their search criteria using a variety of field conditions in combination.

Azure authorisation is required to ensure both the Universal Audit Web application and API are secured. That is, a user must log in with valid Azure credentials as only authorised requests can be processed.

Sign In to the Universal Audit

The Universal Audit can be accessed by entering the Web address of the Universal Audit repository using any standard Web browser, and selecting a Windows account that is configured for access to the repository.

Users who access the Universal Audit do not need to be users of CCLAS 6.

Access the Universal Audit

Search for audited tables in the connected CCLAS 6 instance

Once you are signed in to the Universal Audit, you can select a CCLAS 6 table and optional field and search for audit events that exist for that table.

Search table audit events in the Universal Audit

The table audit event search page is laid out as follows:

• Search criteria, comprising:

  • SEARCH button

  • RESET button

  • One or more groups. The first group is the parent group. Subsequent groups are children of the parent group. The first group's operator denotes how the parent group's rules and child groups are conditioned. The first group's rules are overarching rules. A child group's operator denotes how the child group's rules are conditioned.

    Note: It can be misleading if rules are added to the parent group and they appear at the end. Although it looks like they belong to the last group, they are still parent group rules.

    For each group:

    • Operator—AND (default) or OR
    • +Rule button

    • +Group button

    • (Clone group) button, for child groups only

    • (Delete group) button, for child groups only

    • Group rules. For each rule:

      • The rule that comprises job field, operator, value
      • (Clone rule) button
      • (Delete rule) button.

      • (Clone group) button

      • (Delete group) button

• Search results grid containing the table audit events returned from the search.

For a rule in the table audit event search:

Audit event field	Operator	Value
Event Date	Between	From Date and To Date of the audited event, entered or selected from a date-picker. If an event date range is not defined, then the audit events from the last three months are returned, by default.
User	Indicates how the table audit are searched by the user against the value: = != (does not equal) contains begins with ends with does not contain does not begin with does not end with is null is not null in—Provide the values as a comma-separated list. not in—Provide the values as a comma-separated list.	Free text entry of the user code.
OP	Indicates how the table audit is searched by the operation associated with the audit event: = != (does not equal) in—Provide the values as a comma-separated list. not in—Provide the values as a comma-separated list.	Selected from create, update and delete.
Field	Depends on the selected field's data type.	Value, either entered or selected, depending on the selected field's data type.

Note that, for any delete event, the audit event will contain the field values as they were prior to the delete event.