The technology employed to run the finances of most large and mid-size companies comprise complex ecosystems consisting of multiple layers, many moving parts, and highly interdependent processes that are often geographically distributed across different sites. Add to that complexity the need to apply and enforce critical policies concerning security, compliance, and reliability — and the need for rigorous and regular health monitoring of this ecosystem becomes blatantly apparent.
Many hosting providers offer their customers health checks of their Hyperion Financial Planning (HFM), Hyperion Planning, and Oracle EPM Cloud Solutions. The health check is both a once-a-quarter in-depth report card of how the entire ecosystem is running and 24/7 near real-time monitoring of select system parameters — for example, whether a security policy has been modified or a new user request has been inappropriately granted. Some of the items in the quarterly report are:
- Patch level and any changes
- Native users and any changes
- SQL Server native users and any changes
- Windows local users
- Windows domain administrators
- Security group changes
- Hyperion services running
- Errors in log files
- Hyperion backup status (alerts on failures)
- Services running
- Backup status
Given their scope and critical nature, these health checks would not be possible without a high degree of automation. We realized very early that only through automation could we satisfy 10 key requirements of high-quality financial ecosystem health checks:
1. Complete. As the above (partial) list implies, there is a lot that can go wrong in a financial ecosystem. An automated tool enables us to take a complete look, thereby ensuring we haven’t missed the one item that might cause a problem.
2. Fast. If a wide range of checks is critical, so too is the need to cover that range quickly. Otherwise issues can go undetected until they impact users and the report itself will be viewed as unreliable and will more likely be ignored.
3. Easy to Use. The more that health checks are automated the easier they will be to do since there is less manual labor involved — thereby increasing the efficiency with which we can deliver reports to our customers and our ability to add consulting value such as to help customers better align financial systems with the businesses those systems support.
4. Error Free. One time when you would want to remove as much human error as possible would be when you are checking the health of your financial systems. Automation removes human error, by definition.
5. Scalable. An auditing process that breaks when the ecosystem grows would not be of much use in today’s dynamic environment. Automation enables us to easily extend the scope of health check monitoring in sync with customers’ businesses.
6. Configurable. A dynamic environment means the audit not only has to grow with the business but also change with it. The more automated an auditing process is, the easier it is to configure — not just the first time when you initially set up the audit process but also later as the business evolves and the financial ecosystem changes.
7. Repeatable. When a system is automated it can be programmed to perform a process in a prescribed way so it is performed that way every time. That repeatability enables the audit process to be optimized and tailored so that it best reflects the particular business policies that distinguish that customer and also enforces industry best practices for enhanced reliability, security, and compliance.
8. Continuous. Our 24/7 near real-time monitoring can issue automatic text and email alerts whenever certain conditions exist. IT staff need not be physically present at all hours just to watch for these conditions so monitoring is more likely to occur and systems are better protected.
9. Ties Directly into the Environment. An automated auditing tool also has the advantage of direct access to the application, the operating system, and (if applicable) the Azure or AWS control environment. This software-monitoring-software approach gives the tool greater visibility into what is actually happening “under the hood” than if operators could only see externally how the application or host were behaving as a black box.
10. Convenient Reporting. In addition to generating the audit data in a way that is complete, fast, configurable, and repeatable, the tool generates the audit report the same way — in either PDF or Excel format — which makes the data more actionable and the analysis richer.