Workday enables viewing the audit of transactions within a tenant. For some data, Workday uses effective date to track transaction history. Auditors can view audit history through reports but cannot make changes to the audit records.
Workday provides a complete audit trail for every change made within the business services provided. When data is updated in Workday, Workday records the changes in the Workday Database. Only users within the Auditor security group have access to this data.
What does the audit information contain?
For every data change (add/update/delete) made by the user, Workday captures:
- The Old Value
- The New Value
- The person who made the change
- Date/Time at which the change was made
This helps the auditor to trace back to the original value of data and the history of changes that it has been through. This feature in Workday enables the organization to place tight controls over data integrity for compliance requirements, such as Section 404 of the Sarbanes-Oxley Act (SOX).
Non-Destructive Updates
Workday uses Non-Destructive Updates to prevent the original data from being overwritten. This means that the original data is not touched by the system, however, every time the data undergoes a change, Workday makes a separate copy of the change.
Workday Delivered Audit Reports
Workday delivers many audit and exception reports based on common audit queries from auditors.
| Report Name | Description |
| View Workday System Status
|
This report provides the version of Workday that is running on the tenant. This report displays:
· System version · Code Version |
| View User Activity
|
The report contains up to the last 30 days of user activity data, beginning when user activity logging was last enabled.
As a pre-requisite, the Enable User Activity Logging check box on the Edit Tenant Setup – System task needs to be selected. |
Exception Audit Reports
Workday provides several exception audit reports that identify problem areas and explain the problem and solution for each exception.
| Report Name | Description |
| Business Process Exception Audit | This report provides a list of all business process definitions that have critical errors.
Few errors are Invalid actions within a business process, missing security groups etc. |
| Security Exception Audit | This report provides a view of every security policy and security group that has a problem, the classification of the problem, what the problem is related to, and a description of the problem and solution. |
| Calculated Field Exception Report | This report provides details of errors present within calculated fields. |
| Integration Exception Report | This report lists each integration that has an error and optionally, warnings. For each business object you can see the type of error, a description of the problem, and a suggested solution. |
| Scheduled Future EIBs Exception Audit | The report identifies EIBs that are not runnable by the scheduled user. |
| Unfilled Assigned Roles Audit | This report can be used to identify roles that are not assigned to any user within the organization or other role-enabled items. |
| Custom Report Exception Audit Reports | This report lists erroneous report definitions with details of the report owner, error, severity and problem description with solution. |
Additional Exception Audit Reports
Workday also provides these Exception Audit reports:
- Benefits Condition Rule Exception Audit
- Calculation Exception Audit
- Condition Rule Exception Audit
- Hierarchies with Duplicates Exception Audit
- Journal Entry Exception Audit
- Organization Assignment Exception Audit
- Organization Exception Audit
- Organization Type Exception Audit
- Payroll Exception Audit
- Position Group Exception Audit
- Report Specific Calculated Field Exception Audit
- Scheduled Future Reports Exception Audit
- Workers’ Compensation Code Exception Audit
- Worklet Mappings Exception Audit
