A theme in the Post Office (Horizon) scandal is that Fujitsu could amend completed till records after the fact.<p>From hard copy printouts (receipt rolls?) to cryptography (blockchains), there are technical means to repudiate and reduce risk of amendment.<p>I'm curious what experiences we've had with them and which ones we should using in retail systems?<p>I'm also curious how if a privileged user did amend a database, even with an audit log of changes; whether it is likely that a user (lawyer, accountant, manager) would also be alerted to that in their interface.<p>In paper based accounting, I believe event logs weren't really a thing.
The users (accountants) knew the audit history from the records themselves and hopefully today still do:
- transaction records was having records for each stage (order, invoice, payment advice, sales receipt, journal entry, credit note, etc)
- completeness of records was numbered books, pages, lines
- irreversible records was ink pen and stamps
- verifiable was entry dates, references to source accounting records, signatures, stamps, double entry and reconciliation reports that could be repeatably generated<p>Given the mutability of most database systems that support retail environments, do accountants get or need a usable interface to inspect any database changes to completed transactions on top of what a paper system would otherwise give them?