TimeSafe Architecture & Sarbanes Oxley

Software development, like all business endeavors, involves risk. For engineering managers, risk arises around product schedules, productivity, requirements and technology. In today’s business environment, external risks such as audits and government regulations also confront software development organizations. Since the production of software from source code is often a critical business activity, development tools can help mitigate and in some cases eliminate these risks. SCM systems must enable development professionals to reproduce code bases, retrieve any past build or configuration, and prepare documentation for regulatory and audit purposes.

The TimeSafe property of the AccuRev SCM system is unique among today’s SCM products. With the TimeSafe AccuRev repository, all past activity is immutable, so that retrieving a past configuration or rolling a code base back to a prior state is easy compared to legacy SCM systems. By using an append-only database and time-stamped atomic transactions, AccuRev provides configuration managers with a dependable audit trail that captures all activity, enabling detailed reporting on SCM operations for use in Sarbanes-Oxley or other regulatory compliance. Further, the append-only nature of the AccuRev repository assures that no information is ever lost, so that even rarely used code bases can be reconstituted with a few simple operations in the AccuRev StreamBrowser.

Key features

• Append-only database assures that past activity is secure
• Time-stamped atomic transactions for all file and stream activity
• Time-based and transaction-based streams enable easy reconstruction of past configurations
• Snapshots preserve important baselines for quick access to codelines
• XML interface to history data enables integration with third party reporting tools for audit and compliance reporting