Continuous Auditing of Database Applications: An Embedded Audit Module Approach¹

This paper demonstrates an approach to address the unique control and security concerns in database environments by using audit modules embedded into application programs. Embedded audit modules (EAM) are sections of code built into application programs that capture information of audit significance on a continuous basis. The implementation of EAMs is presented using INGRESS a relational database management system. An interface which enables the auditor to access audit-related information stored in the database is also presented. The use of EAMs as an audit tool for compliance and substantive testing is discussed. Advantages and disadvantages of employing EAMs in database environments and future directions in this line of research are discussed.