TO-DO_LIST RELATED APP: JOB DONE v5 versi MOBILE-PURPOSE aka +Bootstrap

Forward Tracing vs Backward Vouching - Information Systems

Aspect	Forward Tracing (Information System)	Backward Vouching (Information System)
Direction of Analysis	Tracing data flow from the original input of the information system toward the final system output.	Tracing system outputs or reports backward to the original input data.
Starting Point	User input interfaces, data entry forms, sensors, or source transactions.	Reports, dashboards, logs, or database records produced by the system.
Main Objective	Verify that all input data is processed correctly and appears in system outputs.	Verify that the outputs originate from valid and authorized inputs.
Typical Data Flow	Input Interface → Application Processing → Database Storage → Reports	Reports → Database Records → Application Processing → Input Source
Risk Detected	Missing transactions, incomplete data processing, or unrecorded system inputs.	Fictitious transactions, manipulated outputs, or unauthorized data entries.
Audit Focus	Completeness and reliability of data processing.	Validity and authenticity of stored and reported data.
Example in Information Systems	Tracing a customer order from a web form submission through the system processing to the sales report.	Selecting a transaction from a sales report and tracing it back to the original web form input.

Audit Trail + Logging + Database Flow (Information System)

User Input
(Web Form / Interface)

→

Application
Processing

→

Database
Storage

→

Reports /
System Output

→

Auditor
Review

↘

Audit Trail
System Logs
Transaction History
Access Logs

Forward Tracing (Input → Output Verification)

User Input

→

Input Interface

→

Application Processing

→

Database Storage

→

System Reports

→

Audit Verification

Backward Vouching (Output → Source Verification)

System Reports

←

Database Records

←

Application Processing

←

Input Interface

←

Original User Input

ForwardTracing (Completeness)

Path: Auditor follows the normal system data flow to ensure no data was lost.

Input
Web Forms

→

Processing
Validations

→

Database
Records

→

Output
Sales Reports

ExampleTracing a customer web order until it appears in the final sales report.

BackwardVouching (Validity)

Path: Auditor follows the reverse data flow to ensure the output is legitimate.

Input
Source Docs

←

Processing
System Logs

←

Database
SQL Records

←

Output
Sales Reports

ExampleSelecting a transaction from a report and verifying the original web form submission.

Information System Audit Architecture: Forward Tracing, Backward Vouching, Audit Trail, and Logging

User Input

→

Input Interface

→

Application Processing

→

Database
Transaction

→

Database Storage

→

Reports /
System Output

→

Auditor
Analysis

AUDIT TRAIL LOGGING LAYER

Application Logs

→

Database Transaction Logs

→

Access Logs

→

Audit Trail Records

→

Security Monitoring /
Audit Review

Enterprise IS Audit Framework

Multi-Tier Architecture with Integrated SIEM & Logging

User / Client Web Form / App

↔

Web Server HTTPS Traffic

↔

App Server Business Logic

↔

API Gateway Integration Layer

↔

Database SQL/NoSQL Store

↔

Reports System Output

FORWARD TRACING (Completeness)

BACKWARD VOUCHING (Validity)

Advanced Information System Audit Architecture (Forward Tracing, Backward Vouching, Logging, SIEM, and Audit Trail)

User
(Client / Browser)

→

Web Server

→

Application Server

→

API / Business Logic

→

Database
Transaction

→

Database
Storage

→

Reports / System Output

→

Auditor
Investigation

LOGGING LAYER

Web Server Logs

→

Application Logs

→

API Logs

→

Database Transaction Logs

→

Centralized Logging Server

→

Audit Trail Storage

SECURITY MONITORING LAYER

Security Monitoring

→

SIEM System
(Security Information
and Event Management)

→

Fraud Detection
& Compliance Review

---