Automated Audit Trail Clause Examples

The Automated Audit Trail clause requires that all actions, changes, or transactions within a system or process are automatically recorded and tracked. This typically involves the use of software that logs user activities, timestamps, and modifications to data, creating a secure and tamper-evident record. By ensuring that every relevant event is documented without manual intervention, this clause helps maintain transparency, supports compliance with regulatory requirements, and facilitates the detection and investigation of unauthorized or suspicious activities.
Automated Audit Trail. (Audit and Accountability (AU) Family, NIST SP 800-53 rev. 4)
View SourceView Similar (6)
Automated Audit Trail. SSA requires EIEPs to implement and maintain a fully automated audit trail system (ATS). The system must be capable of creating, storing, protecting, and efficiently retrieving and collecting records identifying the individual user who initiates a request for information from SSA or accesses SSA-provided information. At a minimum, individual audit trail records must contain the data needed (including date and time stamps) to associate each query transaction or access to SSA-provided information with its initiator, their action, if any, and the relevant business purpose/process (e.g., SSN verification for Medicaid). Each entry in the audit file must be stored as a separate record, not overlaid by subsequent records. The Audit Trail System must create transaction files to capture all input from interactive internet applications which access or query SSA-provided information. If a State Transmission Component (STC) handles and audits the EIEP’s transactions with SSA, the EIEP is responsible for ensuring that the STC’s audit capabilities meet SSA’s requirements for an automated audit trail system. The EIEP must also establish a process to obtain specific audit information from the STC regarding the EIEP’s SSA transactions. Access to the audit file must be restricted to authorized users with a “need to know.” Audit file data must be unalterable (read-only) and maintained for a minimum of three (preferably seven) years. Information in the audit file must be retrievable by an automated method. EIEPs must have the capability to make audit file information available to SSA upon request. EIEPs must back-up audit trail records on a regular basis to ensure their availability. EIEPs must apply the same level of protection to backup audit files that apply to the original files. If the EIEP retains SSA-provided information in a database (e.g., Access database, SharePoint, etc.), or if certain data elements within the EIEP’s system indicate to users that SSA verified the information, the EIEP’s system must also capture an audit trail record of users who viewed SSA-provided information stored within the EIEP’s system. The retrieval requirements for SSA-provided information at rest and the retrieval requirements for regular transactions are identical.
View SourceView Similar (5)
Automated Audit Trail. SWA’s receiving SSA information through the ICON system must implement and maintain a fully automated audit trail system capable of data collection, data retrieval and data storage. At a minimum, data collected through the audit trail system must associate each query transaction to its initiator and relevant business purpose (i.e. the SWA client record for which SSA data was requested), and each transaction must be time and date stamped. Each query transaction must be stored in the audit file as a separate record, not overlaid by subsequent query transactions. Access to the audit file must be restricted to authorized users with a “need to know” and audit file data must be unalterable (read only) and maintained for a minimum of three (preferably seven) years. Retrieval of information from the automated audit trail may be accomplished online or through batch access. This requirement must be met before DOL will approve the SWA’s request for access to SSA information through the ICON system. If SSA-supplied information is retained in the SWA system, or if certain data elements within the SWA system will indicate to users that the information has been verified by SSA, the SWA system also must capture an audit trail record of any user who views SSA information stored within the SWA system. The audit trail requirements for these inquiry transactions are the same as those outlined above for SWA transactions requesting information directly from SSA.
View SourceView Similar (3)
Automated Audit Trail. SWA’s receiving SSA information through the ICON system must implement and maintain a fully automated audit trail system capable of data collection, data retrieval and data storage. At a minimum, data collected through the audit trail system must associate each query transaction to its initiator and relevant business purpose (i.
View Source

Related to Automated Audit Trail

  • SAO AUDIT A. The state auditor may conduct an audit or investigation of any entity receiving funds from the state directly under the Contract or indirectly through a subcontract under the Contract. The acceptance of funds directly under the Contract or indirectly through a subcontract under the Contract acts as acceptance of the authority of the state auditor, under the direction of the legislative audit committee, to conduct an audit or investigation in connection with those funds. Under the direction of the legislative audit committee, an entity that is the subject of an audit or investigation by the state auditor must provide the state auditor with access to any information the state auditor considers relevant to the investigation or audit. B. Grantee shall comply with any rules and procedures of the state auditor in the implementation and enforcement of Section 2262.154 of the Texas Government Code.

  • Single Audit Report If federal funds are used: A. The parties shall comply with the single audit report requirements stipulated in 2 CFR 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards. B. If threshold expenditures of $750,000 or more are met during the fiscal year, the Local Government must submit a Single Audit Report and Management Letter (if applicable) to TxDOT's Compliance Division, 000 Xxxx 00xx Xxxxxx, Xxxxxx, XX 00000 or contact TxDOT’s Compliance Division by email at xxxxxxxxxxxx@xxxxx.xxx. C. If expenditures are less than the threshold during the Local Government's fiscal year, the Local Government must submit a statement to TxDOT's Compliance Division as follows: "We did not meet the $ expenditure threshold and therefore, are not required to have a single audit performed for FY ." D. For each year the Project remains open for federal funding expenditures, the Local Government will be responsible for filing a report or statement as described above. The required annual filing shall extend throughout the life of the Agreement, unless otherwise amended or the Project has been formally closed out and no charges have been incurred within the current fiscal year.

  • PRICING/AUDIT The Contractor shall establish and maintain a reasonable accounting system, which enables ready identification of Contractor’s cost of goods and use of funds. Such accounting system shall also include adequate records and documents to justify all prices for all items invoiced as well as all charges, expenses and costs incurred in providing the goods for at least five (5) years after completion of this contract. The County or its designee shall have access to such books, records, subcontract(s), financial operations, and documents of the Contractor or its subcontractors, as required to comply with this section for the purpose of inspection or audit anytime during normal business hours at the Contractor's place of business. This right to audit shall include the Contractor’s subcontractors used to procure goods under the contract with the County. Contractor shall ensure the County has these same rights with subcontractors and suppliers.

  • DNS name server availability Refers to the ability of a public-­‐DNS registered “IP address” of a particular name server listed as authoritative for a domain name, to answer DNS queries from an Internet user. All the public DNS-­‐registered “IP address” of all name servers of the domain name being monitored shall be tested individually. If 51% or more of the DNS testing probes get undefined/unanswered results from “DNS tests” to a name server “IP address” during a given time, the name server “IP address” will be considered unavailable.

  • HHS Single Audit Unit will notify Grantee to complete the Single Audit Determination Form If Grantee fails to complete the form within thirty (30) calendar days after receipt of notice, Grantee maybe subject to sanctions and remedies for non-compliance.