Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Note
Community interest groups have now moved from Yammer to Microsoft Viva Engage. To join a Viva Engage community and take part in the latest discussions, fill out the Request access to Finance and Operations Viva Engage Community form and choose the community you want to join.
This article explains how audit cases are generated from violations of audit policy rules. It also includes information about the various ways that audit policies use the document selection date range.
How audit cases are generated
Use audit policies to identify expense reports, purchase orders, and vendor invoices that don't comply with business rules that you define and configure as audit policy rules.
Audit policies run in batch mode. When you run an audit policy, all the policy rules that are part of that policy run at the same time.
Each policy rule evaluates a set of documents. The policy rule selects documents that are in the document selection date range and that match the specified criteria. For example, one policy rule might select expense reports that have meals that exceed 50.00. Another policy rule might select vendor invoices that are payable to a specific vendor. For each document that the policy rule selects, it generates a violation. That violation is a record that a particular document, such as invoice 12345, doesn't comply with the policy rule.
Group multiple audit violation records together and associate them with audit cases. By default, group cases for each audit policy by audit policy rule. If you prefer, select other grouping criteria by using the Case grouping criteria page. For example, you can group expense headers by project ID and vendor invoices by vendor account. In this case, all expense header violations that have the same project ID are grouped in the same case, and all vendor invoices that have the same vendor account are grouped in the same case.
Note
For audit policy rules that are based on a Duplicate query type, violations aren't grouped by policy rule or by the criteria that are specified on the Case grouping criteria page. Instead, they're grouped by the criteria that are built into the audit policy rule. For example, if a policy rule evaluates expense reports for duplicate expenses of the same amount, merchant ID, and date, all expenses that have the same values in those fields will be one case. Any expenses that have different values are a separate case.
After the system generates the audit cases, handle them by using the typical processes for case management.
Document selection date ranges
When you run an audit policy, each policy rule selects documents of the specified type that have a date within the document selection date range. You specify the document selection date range on the Additional options page. Many documents have more than one date associated with them. You specify the date field that the audit policy rule uses on the Policy rule type page.
Here are some other ways that an audit policy uses the document selection date range:
- The policy uses the version of each policy rule that's effective on the last day of the document selection date range. You can view the effective dates for each policy rule on the Audit policies list page.
- The policy uses the organization nodes that are associated with the policy on the last day of the document selection date range. Only the organization nodes that are currently associated with the policy appear on the Audit policies list page.
- For policy rules that are based on a List search query type, the policy evaluates documents for monitored entities that are effective on the last day of the document selection date range.
For more information, see Audit policy rules