User:Lafeber/sandbox: Difference between revisions
Initial creation, for review only, to be used on the official BWIse page later after review and revision |
No edit summary |
||
| Line 1: | Line 1: | ||
=== Summary === |
|||
This will be the summary. |
This will be the summary. |
||
| Line 7: | Line 7: | ||
In 2004, with the introduction of the [Sarbanex-Oxley Act] in the United States, a decision was made to focus more specifically on internal control related software, to support the administrative processes that were aimed at demonstrating that the organization is in control of its activities and risks that would impact financial reporting. Besides the process modeling functionality, functionality was added to document and link risks and controls to create frameworks that can be monitored and over which reporting would be possible. This was modeled after the [COSO] model. |
In 2004, with the introduction of the [Sarbanex-Oxley Act] in the United States, a decision was made to focus more specifically on internal control related software, to support the administrative processes that were aimed at demonstrating that the organization is in control of its activities and risks that would impact financial reporting. Besides the process modeling functionality, functionality was added to document and link risks and controls to create frameworks that can be monitored and over which reporting would be possible. This was modeled after the [COSO] model. |
||
=== Architecture === |
|||
The BWise software these days is largely based on Java. All interaction is done via the web pages. They are generated using HTML 6, supported with [Javascript] jspx files. The software comes with a free [TomCat] web server to be able to run the website independently. The data is stored in an MS SQL Server database. Reports can be generated from the information in the database using either [Crystal reports], or [SAP] [Business Objects]. The latter is built to get information from a concept called 'universes'. The BWise data is stored in both the BWise proprietary database as in a datawarehouse that is recognised as a universe by Business Objects so that the information can be read real-time by the reports. |
The BWise software these days is largely based on Java. All interaction is done via the web pages. They are generated using HTML 6, supported with [Javascript] jspx files. The software comes with a free [TomCat] web server to be able to run the website independently. The data is stored in an MS SQL Server database. Reports can be generated from the information in the database using either [Crystal reports], or [SAP] [Business Objects]. The latter is built to get information from a concept called 'universes'. The BWise data is stored in both the BWise proprietary database as in a datawarehouse that is recognised as a universe by Business Objects so that the information can be read real-time by the reports. |
||
Users log in with a personal account, either maintained via the BWise user management functionality or via an [LDAP] server. When using [SSO], no manual log in is needed. |
Users log in with a personal account, either maintained via the BWise user management functionality or via an [LDAP] server. When using [SSO], no manual log in is needed. |
||
The web interaction is per default transported over [http] but can also be transported over [https]. |
The web interaction is per default transported over [http] but can also be transported over [https]. |
||
=== Methodology === |
|||
The information that makes up the internal control framework is modeled with the COSO model in mind. Information classes in the framework that make up the complete picture are Significant Account, Objective, Process, Risk, Control, Information System. For each class, the instances are maintained in a hierarchy of categories. The instances are related to each other via relations. |
The information that makes up the internal control framework is modeled with the COSO model in mind. Information classes in the framework that make up the complete picture are Significant Account, Objective, Process, Risk, Control, Information System. For each class, the instances are maintained in a hierarchy of categories. The instances are related to each other via relations. |
||
Internal contral attestation and auditing is supported by workflows that allow the organization to control all information that goes in and out of the system, so that it can be guaranteed that information cannot be altered via the front end without anyone knowing who changed the information and when it was changed. |
Internal contral attestation and auditing is supported by workflows that allow the organization to control all information that goes in and out of the system, so that it can be guaranteed that information cannot be altered via the front end without anyone knowing who changed the information and when it was changed. |
||
Revision as of 18:26, 10 April 2017
Summary
This will be the summary.
- History ***
The BWise software is developed by the company BWise, founded in ..., by Luc Brandts and ... Willems. They defined the acronym "Brandts Willems Information Systems Engineering" and adopted this as the company name and the software name. It originated as process modeling software, to help organizations document process descriptions with the help of computers. At that time, this was only possible using relatively expensive [CAD] software. The added value of process modeling software was that visual information could be generated using computers specifically for process documentation at a much lower price than the generic computer aided design software that had a high learning curve. The platform was Windows based and was developed using [SmallTalk], making use of an MS SQL database as a repository for all the documentation. The resulting deliverables could be printed or represented in an HTML website. In 2004, with the introduction of the [Sarbanex-Oxley Act] in the United States, a decision was made to focus more specifically on internal control related software, to support the administrative processes that were aimed at demonstrating that the organization is in control of its activities and risks that would impact financial reporting. Besides the process modeling functionality, functionality was added to document and link risks and controls to create frameworks that can be monitored and over which reporting would be possible. This was modeled after the [COSO] model.
Architecture
The BWise software these days is largely based on Java. All interaction is done via the web pages. They are generated using HTML 6, supported with [Javascript] jspx files. The software comes with a free [TomCat] web server to be able to run the website independently. The data is stored in an MS SQL Server database. Reports can be generated from the information in the database using either [Crystal reports], or [SAP] [Business Objects]. The latter is built to get information from a concept called 'universes'. The BWise data is stored in both the BWise proprietary database as in a datawarehouse that is recognised as a universe by Business Objects so that the information can be read real-time by the reports. Users log in with a personal account, either maintained via the BWise user management functionality or via an [LDAP] server. When using [SSO], no manual log in is needed. The web interaction is per default transported over [http] but can also be transported over [https].
Methodology
The information that makes up the internal control framework is modeled with the COSO model in mind. Information classes in the framework that make up the complete picture are Significant Account, Objective, Process, Risk, Control, Information System. For each class, the instances are maintained in a hierarchy of categories. The instances are related to each other via relations. Internal contral attestation and auditing is supported by workflows that allow the organization to control all information that goes in and out of the system, so that it can be guaranteed that information cannot be altered via the front end without anyone knowing who changed the information and when it was changed.