Tracking Down EPM
Track Changes with an Audit Dimension
Posted on 1/16/2007 (originally published in print on 5/1/2004)
by Andrew Spidle
Security has always been an important aspect of any application. EPM is no exception to this paradigm. After all, EPM may be your only system of record for financial statement preparation and SEC filings, crucial managerial analyses or the sole financial information warehouse. With so much riding on one set of tools, security must be tight. But security can not be so tight that users are unable to get the data they need. Whatever level of security is necessary, PeopleSoft and the major DBMS providers have developed adequate security mechanisms that fit most situations. These tools combined with appropriate policies allow users and their data to meet successfully in a properly protected environment.
There is relatively little risk in EPM from a security aspect. Most users will generate “read” type transactions that just pull the data. Sure, there are those power users who can run update processes and the applications themselves can run updates too. However, all of this “write” activity is well controlled. What I am talking about is more fundamental. It goes to the very core of the warehouse. Yes; you guessed it! The data is the answer. I know I just finished saying how well protected the system and data are already. The question is not one of who has done something to the data but what has happened to the data.
Now, I know everyone has a fully documented warehouse down to the attribute level with complete data dictionaries. Even with the most granular level of documentation, I would wager someone could extract one record from somewhere in the EPM architecture and a room full of EPM experts could not definitively state the data origin, transformations, enrichments and times of each event. By the time the data get to the fact tables, no one may know exactly where it came from or what happened to it along the way.
Nevertheless, we are somewhat lucky in one sense with EPM. Most of the processing happens in a straight-forward fashion. Data are moved from source to warehouse to fact tables with few changes in between. There might be some aggregations or blending of warehouse table information going on within the application engine processes. It should be pretty easy to unravel all the processing, if there are any questions. After all, we have all those log files from Informatica or Ascential, process scheduler, application engine, and the DBMS to guide us in our quest to win the aforementioned wager. Also, I forgot to mention one thing about the wager, it is every person for himself or herself.
The task of defining all the events happening to the data can be quite daunting even for a room full of experts. PeopleSoft did give us all the necessary information. However, they seem to have sprayed the information all over the EPM framework. Some information is contained in log files, while other needed factoids are housed in the metadata. Our expert team may know all of PeopleSoft's hiding spots, but I do not think the end user would know or should know for that matter. Anyway, we are from the EPM team and we're here to help!
To continue reading this article you must have a current VP1 Subscription.
