IV Administration

Chapter 29 Auditing

There’s an audit-trail table which tracks (and this can’t be disabled) who changed what in the transactions you post. This table isn’t currently visible in the application; it’s not hard to make it visible. However, when we look at what auditing usually means, it is that you’re able to completely demonstrate everything that happened to your books while compiling your accounting data. That is: you can show that the invoices sent to your customers are the same as shown in the system. Also, auditors want to see completeness: that you’ve recorded all invoices sent out in the books and that all work performed has been invoiced.

For completeness, we have ”gap-less numbering” for invoices. That means the system generates invoices with numbers that are always exactly 1 apart. so when a number misses, you know the books have been tampered with.

There’s another thing with LedgerSMB that helps auditability: transactions can’t be deleted or changed once they have been posted. Some people hate that: they find mistakes and it’s a lot of work to correct those. Also, large vendors like Quickbooks, Sage and Xero allow changing transactions after they are recorded in the books (but they have a special ”auditor mode’ which shows the old versions of the same transaction).

@@@ Needs Editing