QJRN/400
The Auditing and Compliance Solution for IBM i
CONTEXT
Since its initial release in 1998, QJRN/400 has been widely widely used by companies that face an elevated fraud risk or are subject to strong regulatory standards, such as Sarbanes-Oxley (SOX), Basel II, Health Insurance Portability and Accountability Act (HIPAA), Code of Federal Regulations Title 21 (21-CFR), or Payment Card Industry Data Security Standards (PCI-DSS).
QJRN/400 allows companies to implement regulatory compliance and combat and detect fraudulent activity by generating accurate, relevant, and readable reports on system activity.
QJRN/400 has proven its worth in the detection of real fraud and in helping our clients prepare for and obtain excellent results for official audits of regulatory compliance.
With a low impact on system performance and a scalable nature, it can be used by companies of all sizes, from SME to large multi-nationals with complex technical environments. QJRN/400 is compatible with all the most commonly used ERP systems on the IBM i.
DESCRIPTION
QJRN/400 uses the IBM i journaling functionality to record system events and database changes. IBM i journals are the only accepted audit source for the majority of regulatory standards.
QJRN/400 includes two independent modules that can be used either separately or concurrently: Database Audit and System Audit.
The Database Audit module allows you to produce reports across the databases used on the IBM i. Examples include:
ADVANTAGES
QJRN/400 includes many unique and powerful features:
BENEFITS
CONTEXT
Since its initial release in 1998, QJRN/400 has been widely widely used by companies that face an elevated fraud risk or are subject to strong regulatory standards, such as Sarbanes-Oxley (SOX), Basel II, Health Insurance Portability and Accountability Act (HIPAA), Code of Federal Regulations Title 21 (21-CFR), or Payment Card Industry Data Security Standards (PCI-DSS).
QJRN/400 allows companies to implement regulatory compliance and combat and detect fraudulent activity by generating accurate, relevant, and readable reports on system activity.
QJRN/400 has proven its worth in the detection of real fraud and in helping our clients prepare for and obtain excellent results for official audits of regulatory compliance.
With a low impact on system performance and a scalable nature, it can be used by companies of all sizes, from SME to large multi-nationals with complex technical environments. QJRN/400 is compatible with all the most commonly used ERP systems on the IBM i.
DESCRIPTION
QJRN/400 uses the IBM i journaling functionality to record system events and database changes. IBM i journals are the only accepted audit source for the majority of regulatory standards.
QJRN/400 includes two independent modules that can be used either separately or concurrently: Database Audit and System Audit.
The Database Audit module allows you to produce reports across the databases used on the IBM i. Examples include:
- Database changes effected from outside the standard database applications.
- Events occurring outside normal business hours.
- Modification to sensitive database field values, such as credit limits, price lists, discount rates, etc.
- Modifications to system values, authorities, profiles, etc.
- Access attempts and intrusion attacks.
- Activities of power users, QSECOFR, *ALLOBJ, *SECADM, etc.
- Transfers of objects to production libraries.
- Actions on spooled files, adopted authorities, exit points, etc.
- Read access to or use of sensitive objects (file, program, menu, command, etc).
ADVANTAGES
QJRN/400 includes many unique and powerful features:
- Easy to install and set up. No need for any application modifications.
- Accepts all types of journal entries: QAUDJRN, QACGJRN, QZMF, and user-defined entries.
- Compatible with high-availability and replication software that use journaling.
- Permits separate management of journals and receivers. Ideal for customers that use hardware replication/IASP.
- A unique and powerful query engine that allows precise condition definitions.
- Large range of report output types: physical file, PDF, XLS, CSV, etc.
- Event notification (e-mail, popup, syslog).
- Report distribution by e-mail, by FTP, or onto the IFS.
- Ad hoc, periodic, and real-time reports and alerts are possible.
- Reports generated directly from journal receivers or pertinent journal data a first extracted to an intermediate file to be analyzed later.
- Can be used on demand for investigation.
- Define, back up, and restore audit models.
- Standard audit models for the most popular ERP software.
- And much more…
BENEFITS
- Significantly reduce the time and associated costs required to achieve regulatory compliance.
- Allow real segregation of duties and enforce the independence of auditors.
- Promote journaling as an audit trail.
- Solve security incidents and contentious situations quickly.
- In addition to deterring fraud activities, contribute to the implementation of best practices in the applications and system utilization.
Try it for yourself. Experience the power of Cilasoft Software for 40 days—FREE.
