System-Wide Security Auditing: General Information

MYOB Advanced can monitor and record events triggered by a user or the system with the security auditing functionality. The system can monitor different types of events, and you set up the time period for which the audit trail—which is a series of records of activities in MYOB Advanced—must be kept.

Learning Objectives

In this chapter, you will learn how to do the following:

  • Enable the auditing of specific user and system activities
  • Review the audit trails related to selected system events

Applicable Scenarios

You use system-wide security auditing in the following cases:

  • Your company must comply with auditing regulations and needs to implement the corresponding auditing procedures.
  • Your company wants to ensure accountability and the ability to track user actions in the system.

Enabling of Auditing

On the Security Preferences (SM201060) form, under the Audit section of the Summary area, you can select the types of user and system events the system will monitor. Also, you can specify the time period for which the audit trail must be kept by specifying the number of months in the Keep Audit History for x Months box.

Auditing of User Activities

On the Security Preferences (SM201060) form, under the Audit section of the Summary area, you select the following check boxes to turn on the auditing of system events related to the corresponding user activities:

  • Login: The system records every successful sign-in of a user.
  • Login Failed: The system records every unsuccessful sign-in attempt of a user.
  • Logout: The system records every sign-out of a user.
  • Screen Accessed: The system records information about a user's access of an MYOB Advanced form.
    Attention: The event is logged only once for each form during a user session (when the user first opens the form).
  • Session Expired: The system records every expiration of a user's session.
  • License Exceeded: The system records every forced user sign-out due to the maximum number of users (as specified in your company’s license) being exceeded.

Auditing of Email Processing

On the Security Preferences (SM201060) form, under the Audit section of the Summary area, you select the following check boxes to turn on the auditing of the corresponding system events related to email processing:

  • Send Email Success: The system records every successful sending of an email from the system email account.
  • Send Email Error: The system records every failed sending of an email from the system email account.

Auditing of Data Access

On the Security Preferences (SM201060) form, under the Audit section of the Summary area, you select the following check boxes to turn on the auditing of the corresponding system events related to data access:

  • OData Refresh: The system records the access of MYOB Advanced data through a generic inquiry that has been exposed by using the OData protocol. For more information on support for OData in MYOB Advanced, see Accessing the Exposed Inquiry Through OData.
  • Customization Published: The system records every publication of a customization. For more information, see the MYOB Advanced Customization Guide.

Reviewing Audit Trails

You use the Access History (SM201045) form to view the audit trails. The audit trail for each event type shows the time when the event took place, the user who performed the operation, the IP address from which the user signed in to the system, and other settings, depending on the event type. You can narrow the range of the listed events by user, date range, and operation type.