IEEE Access (Jan 2021)
An Architecture to Facilitate Security Assurance and Legal Compliance for Call Auditing in the Wholesale Electricity Market
Abstract
The auditability of telephone call records plays an essential governance role in the electricity industry in Australia as non-compliance with the Australian National Electricity Rules can lead to financial charges and result in developing a poor reputation. The existing telephone call recording processes using manual logbook entries or a recording system without verification and auditing capabilities are labour-intensive and prone to human error. This study is motivated to address this real-world problem by designing a system that streamlines telephone call audit processes. This can be verified with digital technologies to meet security requirements as well as legal requirements stipulated by the Australian National Electricity Rules. In meeting security and legal compliance requirements of the Australian National Electricity Rules, this study develops a novel approach using the Clark-Wilson Integrity Model and blockchain technology for an automatic telephone call audit system with security provisions to prevent unauthorized access to and manipulation of telephone call records nationally. Although the application of blockchain has generated great interest in other areas, few studies have been conducted on its application to auditing. This study uses the Clark-Wilson Integrity Model to verify metadata records’ integrity at the systems where metadata are generated. The proposed architectural design not only enhances data integrity and confidentiality but also enables the automatic execution of telephone call audit processes for auditors. The auditing system we propose presents a higher level of security compared to the existing system.
Keywords