Easytrieve Audit Reporting Projects

Audit reporting exists to answer examiner questions with evidence: show every transaction over threshold, prove totals tie to general ledger, list exceptions for follow-up, and demonstrate the same program and input reproduce the same output months later. Easytrieve fits this role because source is readable, batch jobs are schedulable on archived files, and LISTING output documents field logic line by line. Internal audit, external CPA firms, and regulatory examiners consume Easytrieve-produced extracts across banking, insurance, healthcare, and government. This tutorial covers audit extract design, hash control totals, exception reports, sampling patterns, documentation headers, change control, and practices that keep batch output defensible under scrutiny.

Progress0 of 0 lessons

Audit Report Objectives

Audit report types and examiner use
Report typePurposeTypical output
Population extractFull transaction set for periodSequential file plus control trailer
Threshold exceptionItems over policy limitPrinted listing with key fields
Missing dataRequired field blank or invalidException count and detail
Tie-out summaryCompare sub-ledger to controlOne line per account with variance
Sample selectionReproducible sample for testingSelected keys with selection flag

Program Header Documentation

Audit programs begin with comment block listing program name, author, change history, input file descriptions, output descriptions, control total formulas, and ticket reference for audit request. Examiners read this before logic. Include layout version date when input copybook changes.

text
1
2
3
4
5
* PROGRAM: EZTAUD01 REQUEST: IA-2026-0142 * INPUT: GL.DETAIL(+1) LAYOUT VER 2026-03-01 * OUTPUT: AUDIT.EXTRACT(+1) SYSPRINT control page * CONTROL: REC-CNT = input records processed * AMT-TOT = sum of TRAN-AMT on output

Population Extract Pattern

Read entire source population for audit period. Write selected fields to extract file with identical record order as source unless SORT documented for audit methodology. Accumulate control totals while writing.

text
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
FILE GLDETAIL ACCT-NO 10 NUM TRAN-DATE 8 NUM TRAN-AMT 13.2 REF-NO 15 A FILE AUDOUT JOB INPUT GLDETAIL IF TRAN-DATE LT W-PERIOD-START OR TRAN-DATE GT W-PERIOD-END GOTO JOB END-IF MOVE ACCT-NO TO OUT-ACCT MOVE TRAN-DATE TO OUT-DATE MOVE TRAN-AMT TO OUT-AMT MOVE REF-NO TO OUT-REF ADD TRAN-AMT TO W-AMT-TOT W-REC-CNT = W-REC-CNT + 1 WRITE AUDOUT

Period filters use inclusive bounds documented in header. WRITE AUDOUT emits extract row. W-REC-CNT and W-AMT-TOT print on SYSPRINT control page and optional trailer record on AUDOUT if shop standard requires machine-readable control record.

Exception Reporting

Auditors request items failing policy—payments over approval limit, duplicate invoice numbers, inactive vendor codes. Encapsulate rules in VALIDATE-FOR-AUDIT. PROC setting W-EXCEPT-FLAG. PRINT exception detail with all key identifiers needed for follow-up without exposing unnecessary PII.

text
1
2
3
4
5
6
7
8
9
10
11
VALIDATE-FOR-AUDIT. PROC W-EXCEPT-FLAG = 'N' IF TRAN-AMT GT W-APPROVAL-LIMIT W-EXCEPT-FLAG = 'Y' W-EXCEPT-REASON = 'OVER LIMIT' END-IF IF REF-NO EQ SPACES W-EXCEPT-FLAG = 'Y' W-EXCEPT-REASON = 'MISSING REF' END-IF END-PROC

Hash Control Totals

  • Record count: must match source count after documented filters.
  • Amount sum: must match finance control for same population.
  • Exception count: W-EXCEPT-CNT on control page for substantive testing scope.
  • Check digit: some shops add hash of key fields for file integrity in transit.

Control page prints on SYSPRINT with run date, time, input DSN generation, program compile date from listing. Operators initial control page attaching to audit request folder.

Reproducibility Requirements

Same archived input file plus same compiled load module must produce identical control totals. Change control prohibits emergency production edits without parallel-run against prior extract. Compiler listing retained with object deck. When input layout version changes, audit request ticket documents effective date of new layout.

Systematic Sampling Pattern

Select every nth record after SORT by stable key for reproducible sample. W-SAMPLE-INT from PARM; W-SAMPLE-CNT increments; IF W-SAMPLE-CNT MOD W-SAMPLE-INT EQ ZERO PRINT or WRITE sample row. Document n and sort key in program header so auditor reruns sample selection independently. Stratified sampling adds IF TRAN-AMT GT threshold before modulo selection for high-value stratum.

Tie-Out Summary Reports

Compare sub-ledger totals to GL control by account. Read summary file or accumulate from detail in first pass writing intermediate, second pass compares to CONTROL-FILE. PRINT variance when absolute difference exceeds tolerance W-TOL-AMT. Zero variance report still prints all accounts for examiner comfort—not only exceptions—when audit request specifies full tie-out listing.

Privacy and PII in Audit Output

Mask SSN showing last four on printed audit listing while full key remains on extract file delivered through secure channel. Follow records management classification on AUDOUT dataset. DISPLAY statements removed from production audit jobs to prevent PII on open SYSPRINT in shared print rooms.

Sample JCL for Audit Extract

text
1
2
3
4
5
6
7
8
//AUDEXT EXEC PGM=EZTPA00,REGION=0M //SYSPRINT DD SYSOUT=* //SYSIN DD DSN=AUD.LIB(EZTAUD01),DISP=SHR //GLDETAIL DD DSN=FIN.GL.DETAIL(0),DISP=OLD //AUDOUT DD DSN=AUD.EXTRACT.A2026(+1),DISP=(,CATLG,DELETE) //PARM DD * 20260101 20260331 /*

Working With External Auditors

Deliver README text file with extract layout, control total values, filter rules in plain language, and contact for questions. Provide test rerun on request using archived generation of input. Easytrieve source may be shared under NDA for logic review—redact unrelated modules when program contains multiple reports.

Explain It Like I'm Five

Audit reporting is like showing your homework to the teacher so they can check your math. You print every problem you solved, add up the answers at the bottom, and keep the original worksheet in a folder. If the teacher asks you to do it again tomorrow, same worksheet and same pencil rules must give the same answers.

Exercises

  1. Write program header comment block for fictional audit request IA-TEST-001.
  2. Implement period date filter with W-REC-CNT and W-AMT-TOT accumulators.
  3. Design VALIDATE-FOR-AUDIT. PROC with two exception rules.
  4. Describe what control page should contain for examiner handoff.
  5. Explain difference between population extract and threshold exception report.

Frequently Asked Questions

Quiz

Test Your Knowledge

1. Audit reports prioritize:

  • Reproducible totals and traceable source logic
  • Minimal line count only
  • Undocumented layout changes
  • Random sort order

2. Hash control totals on audit extracts typically include:

  • Record count and amount sum
  • Compiler version only
  • PF key definitions
  • Screen map colors

3. Exception listings in audit jobs list:

  • Records failing validation rules with key identifiers
  • All successful records only
  • JCL comments
  • MACRO names

4. Audit Easytrieve source should be:

  • Version-controlled with compile listing archived per run
  • Edited only in production
  • Undocumented
  • Shared without change control

5. Sampling reports select records by:

  • Documented random or systematic selection criteria
  • First record only
  • Alphabetical title
  • PAGE number modulo without documentation
Published
Read time20 min
AuthorMainframeMaster
Reviewed by MainframeMaster teamVerified: Mainframe audit and compliance batch reporting with EasytrieveSources: Broadcom Easytrieve 11.6 batch processing, internal audit practicesApplies to: Easytrieve audit extract and exception reporting projects