Chapter 17 Other practices to follow

17.1 Documentation

As you start, you should promote basic habits instilled into you. Documenting your basic thought process in .R files is generally expected, and the ‘why’ a certain process outlined with comments (lines starting with a #). The why is important as it explains to code reviewers (external auditors and your peers) the rationale for your approach, or unusual quirks about the data you are transforming.

R Markdown files become valuable as communication mediums for reports, allowing you to embed a mix of code, graphics, and interactive tables. While most of the exploratory work can be done within a basic .R file, having the ability to readily ‘knit’ a document for sharing increases the people you can share your work with.

Whether you are using R or R Markdown files, its convenient to have these files as your primary sources of editing as you can use the keyboard shortcuts command-return or control-enter to send a command from the script file to the console.

17.2 Passwords

As an Auditor, you should ensure you are securing the passwords you use to access databases or Highbond. There are several methods for securing passwords:

  • You can ask the user to specify the password every single time an analytic is ran,
  • Use the .Renviron file, which allows you to specify environment variables that you call with Sys.getenv(),
  • Use the keyring package, leveraging the operating system’s method for securing credentials,
  • Use a password manager, like 1Password, that is integrated into R via the onepass package.