Yes, that was the point. A record counter contains no information about
the record; it is an arbitrary pointer to the information. Our U2 (and
other MV) databases do not provide for a key that is, to use some SQL
implementation terms, AUTO_INCREMENT or INTEGER GENERATED AS IDENTITY.
So we fake it with a &NEXT.AVAILABLE& style of counter. These should
not be considered information, nor should they be used to verify during
an audit. Think of them as disk addresses in the old sequential sector
address scheme. Saying that transaction key 12345 has meaning is about
as meaningful as an auditor saying, "Why isn't there a transaction
record at track 99AEF?" (Yes, I meant the double meaning of meaning in
that last sentence. This is English, a language that makes up in
obscurity what it lacks in style.)
So I maintain that a sequentially assigned RECORD COUNTER, is not
something an auditor should ascribe any meaning to. In fact, record
ID's used in this manner should be able to change from day to day,
assuming referential integrity is maintained; and the auditor should
not have an issue with that. It just a "disk address," after all.
Control numbers, on the other hand, are a completely different issue.
Even though they may be sequentially assigned, they contain information
about the record. Check number was a good example. These may be used as
the key to a file. But the absence or presence of a single record in a
single file should not be the sole auditing criteria. Just because
there is a record with key "2045" in the CHECKS file doesn't mean
squat. I could have put that record in there with the Editor. Any
auditor who simply accepts that the record "proves" check 2045 was
issued is the one to be flogged. Conversely, the absence of record with
key 2045 cannot be construed to mean the check was not issued. I am not
an accountant, but I think this falls under the category of single
entry vs double entry accounting.
That being said, we also need to recognize differences in the term
"audit." Accounting audits are different from information system
audits. So when we use the term "the Auditors" we really should specify
whether we are talking about accounting audits with an emphasis on
fraud or information systems audits with an expanded scope of
correctness.
As always, just my opinion.
Anyone want to discuss why most MultiValue systems don't know the
concept of check digits on control numbers as a way to assist in
information correctness? <evil grin>
--
Regards,
Clif
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
W. Clifton Oliver, CCP
CLIFTON OLIVER & ASSOCIATES
Tel: +1 619 460 5678 Web: www.oliver.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On Jun 16, 2005, at 12:50 PM, Drew Henderson wrote:
I would think the key phrase is "non-information content". Sequential
numbers that have meaning, such as check numbers, would not, in my
mind, fall under this category. Sequential numbers used for assigning
ids to people, however, would likely fall into this category.
Of course, a lot of it depends on the organization's use of that
number, as to whether it is informational or not.
Drew
Bill Haskett wrote:
-------
u2-users mailing list
[email protected]
To unsubscribe please visit http://listserver.u2ug.org/
