Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Data Privacy, Auditing, Encryption Question

Re: Data Privacy, Auditing, Encryption Question

From: Dennis Williams <oracledba.williams_at_gmail.com>
Date: Thu, 18 May 2006 15:49:46 -0500
Message-ID: <de807caa0605181349t14dc7c18o9d1193a63ca8900e@mail.gmail.com>


Kirti,

So they want something entirely outside Oracle that can track every single action performed within Oracle, no matter what the access method? Wow, I'd like to see that one as well.

    I'm assuming this is for SoX? If so, perhaps it might be better to ask how others are complying with their SoX auditor requirements.

    Perhaps you could suggest that the security officer keep the SYS and SYSTEM account passwords, and when a DBA needs to perform a task, the security officer temporarily changes the password and then sits behind the DBA to verify he/she is only performing the authorized tasks.

Dennis Williams

--
http://www.freelists.org/webpage/oracle-l
Received on Thu May 18 2006 - 15:49:46 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US