Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nash, Smith & Adler - July, 20031 Spreadsheet Auditing and Change Analysis John Nash Neil Smith Andy Adler.

Published bySusanna French Modified over 8 years ago

Similar presentations

Presentation on theme: "Nash, Smith & Adler - July, 20031 Spreadsheet Auditing and Change Analysis John Nash Neil Smith Andy Adler."— Presentation transcript:

1 Nash, Smith & Adler - July, 20031 Spreadsheet Auditing and Change Analysis John Nash (jcnash@uottawa.ca) Neil Smith (neil.f.smith@sympatico.ca) Andy Adler (adler@site.uottawa.ca)

2 Nash, Smith & Adler - July, 20032 Initial Motivations Course mark management: – Multiple teaching assistants submit marks as spreadsheet files after each assignment – Merge into master – Re-submissions after the merge Easier methods to review and check spreadsheet models for “bugs”

3 Nash, Smith & Adler - July, 20033 Spreadsheet Auditing - a 2-part task A tool and technique that presents the status and changes in a spreadsheet file A Server-based system to ensures overall integrity and continuous record of changes in all relevant files

4 Nash, Smith & Adler - July, 20034 SSScan – the audit tool Tool for auditing spreadsheet files – Change tracking + content analysis Reads OpenOffice.org Calc file format – Underlying XML structure – Calc Reads/writes Excel files (up to 97/2000) – Open Source taking hold in various industry sectors – Java stand-alone program Multi-platform operation (Windows/Mac/Unix) Auditor / user not required to have Calc

5 Nash, Smith & Adler - July, 20035 Change display panel

6 Nash, Smith & Adler - July, 20036 Filter panel

7 Nash, Smith & Adler - July, 20037 Spreadsheet content panel

8 Nash, Smith & Adler - July, 20038 Spreadsheet Report panel

9 Nash, Smith & Adler - July, 20039 Server-based system Need to protect the file(s), control access Many issues – Efficient operation – Minimal fuss and bother for user – Maximal security and freedom from errors – Version history and checkpointing – Cross-platform usage

10 Nash, Smith & Adler - July, 200310 Server architecture Graphics in VNC (virtual networked computing) Apache server Highly customized configuration of oocalc Perl scripts to configure and glue together components Web based interface to allow cross-platform use

11 Nash, Smith & Adler - July, 200311 Server architecture (cont.) Runs own password/user base CVS back-end to provide for versioning and checkpointing DB_File::Lock file locking Many “fixes” needed to components Advantages and obstacles with each choice made in the implementation…

12 Nash, Smith & Adler - July, 200312

13 Nash, Smith & Adler - July, 200313

14 Nash, Smith & Adler - July, 200314

15 Nash, Smith & Adler - July, 200315

16 Nash, Smith & Adler - July, 200316 Status and prognosis SSScan is working and quite stable – But filter customization is important to make audit efficient for particular situations Server configuration and setup is tricky – Large number of disparate components – Many customizations for efficiency – Interaction with OS and network – Some weaknesses, but with known “fixes”

17 Nash, Smith & Adler - July, 200317 Status (cont.) Need a viable business model Current view: – “Package” customization of SSScan and configured server hardware – Release each customization as Open Source, but delay installer until experience is gained

18 Nash, Smith & Adler - July, 200318 Structure: Apache – SSL Config – SSL – Directories – httpd.conf Runs as www-data, member of group ssheet Cookies Login --> database of users/passwords & files/permissions

19 Nash, Smith & Adler - July, 200319 Apache-SSL cont. File locking & versioning » --> ssheet userdb {users & shuids & files} » ssheet-userdb.lock – Copy file to indir – Grow user name – (select new random password) – Create web page » Active content for vnc » Custom vncviewer.jar – Check in file in outdir (CVS manages “real” changes

20 Nash, Smith & Adler - July, 200320 SHUIDs: a “farm” of pseudo-users – Runs as ssheet-uid**** (start-ssheet.sh opens m sshuid's) – Member of www-data – Start vncserver --> xstartup (perl script) – Wait on indir (group read) – Copy to procdir (shuid only) – Edit user – (insert new password for vnc) – Oocalc initiated with special profile – (mechanism to kill oocalc) – Move file to outdir – (kill password)

21 Nash, Smith & Adler - July, 200321 CVS Server – /var/www/ssheet/repository – INIT: » Take each file and check in – CHECKIN by shuids » Comment string from www-data – Web interface to versioning » Modified CVSWeb accesses repository

22 Nash, Smith & Adler - July, 200322 Admin Interface (to do) – Add new files to repository » Verify change recording is “on” – Sophisticated import » Set user name » Set previous history – Handling of “duplicate” files – Handling of different permissions for different users – User creation, modification, deletion

Download ppt "Nash, Smith & Adler - July, 20031 Spreadsheet Auditing and Change Analysis John Nash Neil Smith Andy Adler."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
1 jNIK IT tool for electronic audit papers 17th meeting of the INTOSAI Working Group on IT Audit (WGITA) SAI POLAND (the Supreme Chamber of Control)

1 jNIK IT tool for electronic audit papers 17th meeting of the INTOSAI Working Group on IT Audit (WGITA) SAI POLAND (the Supreme Chamber of Control)
A Toolbox for Blackboard Tim Roberts

A Toolbox for Blackboard Tim Roberts
Unveiling ProjectWise V8 XM Edition. ProjectWise V8 XM Edition An integrated system of collaboration servers that enable your AEC project teams, your.

Unveiling ProjectWise V8 XM Edition. ProjectWise V8 XM Edition An integrated system of collaboration servers that enable your AEC project teams, your.
Microsoft Excel 2003 Illustrated Complete Excel Files and Incorporating Web Information Sharing.

Microsoft Excel 2003 Illustrated Complete Excel Files and Incorporating Web Information Sharing.
4 1 4 C H A P T E R Software: Systems and Application Software.

4 1 4 C H A P T E R Software: Systems and Application Software.
Software Configuration Management Donna Albino LIS489, December 3, 2014.

Software Configuration Management Donna Albino LIS489, December 3, 2014.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Access 2007 Product Review. With its improved interface and interactive design capabilities that do not require deep database knowledge, Microsoft Office.

Access 2007 Product Review. With its improved interface and interactive design capabilities that do not require deep database knowledge, Microsoft Office.
CVS Selim Çıracı Ahmet Kara Metin Tekkalmaz. CVS – Open Source Version Control System Outline What are Version Control Systems? And why do we need them?

CVS Selim Çıracı Ahmet Kara Metin Tekkalmaz. CVS – Open Source Version Control System Outline What are Version Control Systems? And why do we need them?
Nu Project Management Office A web based tool to Manage Projects.

Nu Project Management Office A web based tool to Manage Projects.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Microsoft Visual Source Safe 6.01 Microsoft Visual Source Safe (MVSS) Presented By: Rachel Espinoza.

Microsoft Visual Source Safe 6.01 Microsoft Visual Source Safe (MVSS) Presented By: Rachel Espinoza.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.

Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Distributed Software Development

Distributed Software Development
Definitions Collaboration – working together on team projects and sharing information, often through ad-hoc processes, to accomplish project goals. Document.

Definitions Collaboration – working together on team projects and sharing information, often through ad-hoc processes, to accomplish project goals. Document.
Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.

Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.
Presented By: Shashank Bhadauriya Varun Singh Shakti Suman.

Presented By: Shashank Bhadauriya Varun Singh Shakti Suman.
Linux Operations and Administration

Linux Operations and Administration

Similar presentations

Ads by Google