Auditing is a very important aspect of an organization’s financial and management control system. It measures the level of compliance, as well as the security considerations associated with using a specific application in the organization.
What Is Compliance?
Compliance simply means conforming to spelled-out specifications, standards, and policies. This has become an area of focus in IT, due to the introduction of government-mandated rules affecting organizations regardless of their sizes and locations.
We have heard of many cases in which people have misused and siphoned company funds by tampering with data. In other to curb these corrupt acts, absolute compliance must be emphasized. It is therefore important for a Dynamics 365 expert to know about this amazing feature and how beneficial it can be to organizations.
How Auditing Works with Dynamics 365?
Microsoft Dynamics 365 has this auditing feature that keeps track of all changes made on records types (entity) and data in the application over a particular period of time. Information gathered from audits is stored in logs and can be used for either analysis or reporting. However, auditing is disabled by default and needs to be enabled.
Levels of Auditing
There are three levels at which auditing can be configured:
- Global (organization) level is the highest level
- Entity level
- Field level
For field auditing to be done, auditing must be enabled at the field, entity, and organization levels. For entity auditing to take place, auditing must be enabled at the entity and organization levels.
How to Enable Auditing?
To configure auditing, you must have either the system administrator or the system customizer role.
- Go to Settings>System>Administration >System Settings.
- Click on Auditing.
- Under Audit Settings, tick the Start Auditing checkbox.
- You can also choose to monitor user access. Just tick Audit user access checkbox.
- Click OK.
To enable auditing of Dynamics 365 entities:
Log in to the Microsoft Dynamics CRM with an account that has the system administrator role.
- Go to Settings>System>Auditing.
- On the Audit page, click Global Audit Settings.
- In the System Settings window, in the Auditing tab:
- In the Audit Settings section:
- Tick Start Auditing.
- In the Enable Auditing in the following areas:
- Tick all the Entities.
- Click OK.
- In the Audit Settings section:
Auditing and Security Roles
It is important to know that auditing in Dynamics 365, just as in its predecessor CRM, works hand in hand with security roles. It is the responsibility of the system administrator or customizer to assign necessary roles to users. They give users the necessary access to either view audit history and audit summary or delete old audits.
How To Enable Auditing For Security Roles?
To enabled auditing for the security roles entity:
- Navigate to Settings>Customizations>Customize the System.
- Expand Entities from the left pane.
- Click on Security Roles entity (please wait for few seconds for it to load).
- Tick Auditing checkbox.
- Click Save, then Publish.
How to View Auditing Log Details?
System administrators can see activities for the entities that are enabled for audit logging. To view the audit logs:
- Go to Settings > System >Auditing.
- Choose Audit Summary View.
- Under Audit Summary View, you will see the list of audit entries.
- Click Enable/Disable Filters to turn on filtering. This allows filtering based on a specific event. You can choose an Event to view specific details about the activity, such as field changes that were made during an update to a record and who is responsible for the update.
How To Delete Old Audit Logs?
It is advisable to delete audit logs stored over a period of time. This practice helps to free up space and improves the performance of Dynamics 365. Audit logs are divided into blocks; a block contains approximately three months of logs.
Note: You can only delete the oldest block and you cannot delete the block currently in use.
- Log in to Microsoft Dynamics 365 as a user who has permission to manage auditing.
- Navigate to Settings > Auditing > Audit Log Management.
- Select the logs you want to be deleted.
- Select Delete Logs.
What are the Benefits of Auditing?
Auditing is used in large part by the system administrator and then perhaps by the company’s audit team. The benefits can be itemized as follows:
- Allows monitoring of users, to know who logs in to the application and when.
- Record history can be checked and the user can identify actions taken on each record as well as the time each modification was made to a record.
- Ensures that there is compliance with company standards and policies.
- Reduces unauthorized modifications and denial of changes.
- Helps in troubleshooting user issues, especially in cases in which a record is deleted.
The Bottom Line
Auditing helps you to get a clearer understanding of your business by minimizing the impact of data loss by establishing effective access control. It acts as a key to understanding what happens to a particular record when fraudulent or unauthorized changes are made. However, you must ensure that the integrity of the auditor is not compromised and also that the scope falls in line with the organization’s regulations and ethics.