BOI Software Entwicklung und Vertrieb GmbH

Phone: +43 (0) 732 / 736423 - 0

Spazgasse 4

Email: office@boi.at

4040 Linz, Austria

www.boi.at

Security and Compliance

Legal regulations like SOA (*1) and Euro-SOX (*2) require companies to describe and document business processes.

(*1) Sarbanes-Oxley Act 2002
(*2) 8. EU-Richtlinie, Abschlussprüfungs-Richtlinie, 2006, in Österreich mit dem Unternehmensrechts-Änderungsgesetz 2008 -               URÄG 2008 umgesetzt und seit 1. Juni 2008 in Kraft.

The most significant demands on IT are:

  • Check and control of logical security
  • Planning for long-term preservation of the company
  • Creation of an emergency concept
  • Monitoring of system maintenance, of processing data and daily business
  • Archiving of all relevant data, documents and records

TABEX/4 fulfils all effective revision requirements through the following features.

  1. TABEX/4 applications are revision-proof through the consistent logging of all changes, which are done via the user interface and the batch table management.
     
  2. The TABEX/4 Release Procedure allows the controlled execution and the coordinated release of changes according to the principle of dual control.
     
  3. TABEX/4 offers access protection through a multi-level, internal security system. For single users and/or user groups the access to databases, tables, TABEX/4 instances, functions and menu items can be defined. External security systems can be easily embedded.
     
  4. TABEX/4 offers a consistent archiving of all active table states of the programs.
     
  5. Comfortable analysis functions ease the work for the revision.

1. TABEX/4 Logging

In TABEX/4, transparency and security in the editing of control and parameter tables is given the highest priority.

A technical mistake or a failure with regard to the content of these tables can have serious implications for a company.

This is particularly the case for banks and insurance companies where there are legal regulations concerning the traceability of data changes. SOA and Euro-SOX guidelines have to be followed rigorously.

Through the logging of all changes, both over the user interface and the batch table management functions, TABEX/4 guarantees the traceability of data changes. Useful analysis functions ease the execution of revisions.

2. TABEX/4 Release Procedure

By default TABEX/4 supports data maintenance processes with release procedures that follow the principle of dual control. In this way TABEX/4 guarantees, that changes can only take effect after a check through by a second person.

3. TABEX/4 Security System

TABEX/4 comes with its own security system. Through this system access to

  • applications
  • TABEX/4 instances
  • menu items
  • databases
  • tables and
  • other objects

can be constrained.

External security systems, for example RACF or ACF2 can be easily embedded. In these cases security checks are routed to the external system.

A mixed configuration is also possible. This allows for example that table security is checked with an external system whereas all other rights are checked within TABEX/4. Single Sign On (SSO) can be implemented, when central user control is used. Then it is enough to log on the operating system. The user can log on TABEX/4 without inputting username and password again. In order to protect the communication channel between the TABEX/4 server and the web application server, Secure Shell (SSH) can be used.

4. SHS Archiving

When SHS archiving is active, all table versions are archived, be they new table versions or table versions which were changed at the current SHS/ESA loading.

With appropriate analysis functions, it is possible at any time to reconstruct at which point in time which data was active for application programs.

5. Analysis / Reports

For both protocol and SHS archive databases, there are utility analysis functions which supply information for specified selection criteria. For TABEX databases there are in addition immediate analysis functions which supply table of contents and change logs.

Migration Packages

BOI GmbH offers migration packages for the table management systems SPITAB, TABSYS and VTAS.

 

» Migrations Packages

Success Stories

AirPlus has been using TABEX for 20 years.

Now TABEX/4 JAVA APPLICATION ENGINE has additionally been launched for audit-proof logging of the business processes by Java applications.

 

» read this success story

» more success stories