The following is the domain checklist:

• Do programmed checks on the results of the data processing exist, such as control totals and square counts?
• Will transactions be numbered subsequently and is reference made to these transaction numbers in the mutation logs?
• Will report pages be numbered subsequently mentioning the total number of pages?
• Will historical data and mutation records be recorded and saved?
• Do retrieval functions with sufficient selection possibilities exist regarding the historical data?
• Do possibilities exist related to an audit trail?
• For the benefit of the audit trail, will mutations be recorded, who did it, and using which function?
• What are the data entity and attribute access rules, which protect the data from unintentional and unauthorized alterations, disclosure, and distribution?
• What are the data protection mechanisms to protect data from unauthorized external access?
• What are the data protection mechanisms to control access to data from external sources that temporarily have internal residence within the enterprise?
• Legal and Regulatory Considerations?
• Reporting and Management Information Considerations