Re: Long running backups - OK?

From: Stefan Knecht <knecht.stefan_at_gmail.com>
Date: Sun, 28 Jan 2018 07:55:32 +0700
Message-ID: <CAP50yQ-MTeiz5wvtMGXDDTifttL-BB=mY=ZoJRvPYAtZ08gjOQ_at_mail.gmail.com>

I think you didn't quite think this through Mladen.

As your very own quote states, you must be able to show the records. That means in a readable form. A backup that can't be restored isn't a readable form of data.

Just think about it - you pass your audits by whoever and show "backups" but you're unable to restore them (or you don't know if you can because you never tested it). Then there comes a court case along where insight into that data is required. And you can't produce it, because your 7-year old 9.2 backups can't be restored for whatever reason (the files are corrupted, an archivelog is missing, take your pick). You'll end up in a highly unpleasant situation.

Anything that states records or data must be retained for a specific amount of time, obviously implicitly states that it must be in a readable form. A backup that isn't restore-able is utterly worthless and accomplishes only one thing - it wastes disk space. That translates for the DBA to do restore tests with those old backups to ensure they are indeed readable.

On Sun, Jan 28, 2018 at 1:48 AM, Mladen Gogala <gogala.mladen_at_gmail.com> wrote:

> Here is the relevant text, extracted from the link you provided:
>
> *Agency:* Securities and Exchange Commission.
>
> *Action:* Final rule.
>
> *Summary:* We are adopting rules requiring accounting firms to retain for
> seven years certain records relevant to their audits and reviews of
> issuers' financial statements. Records to be retained include an accounting
> firm's work papers and certain other documents that contain conclusions,
> opinions, analyses, or financial data related to the audit or review.
>
> What do you think, that the companies will keep paper? They will not. They
> will keep backups. I've done more than one audit and the regulators have
> always asked for backups, not for papers. And they were satisfied with the
> preserved backups. I've done HIPPA audits and SOX audits. I was working
> with Arup Nanda at the time he wrote his HIPPA book, we were both working
> for the now extinguished Oxford Health Plans. And we had CSC on site,
> making sure that we comply with HIPPA. So, there is no BS here. When you
> have to show the regulators that you have the required records, the
> regulators will be appeased if you show them backups.
>
> On 01/27/2018 01:11 PM, Tim Gorman wrote:
>
> Sorry, but calling BS on that nonsense, simply untrue and utterly
> ridiculous no matter how you view it.
>
> Legislation and regulations call for retention of information for review
> during an audit, not "data backups". The laws cite neither backup nor
> recovery, just records and documents. Auditors are not interested in zeros
> and ones.
>
> Take for example: https://www.sec.gov/rules/final/33-8180.htm
>
>
> --
> Mladen Gogala
> Database Consultant
> Tel: (347) 321-1217
>
>

-- 
//
zztat - The Next-Gen Oracle Performance Monitoring and Reaction Framework!
Visit us at zztat.net | Support our Indiegogo campaign at igg.me/at/zztat |
_at_zztat_oracle

--
http://www.freelists.org/webpage/oracle-l

Received on Sun Jan 28 2018 - 01:55:32 CET

This message: [ Message body ]
Next message: Mladen Gogala: "Re: Long running backups - OK?"
Previous message: Tim Gorman: "Re: Long running backups - OK?"
In reply to: Mladen Gogala: "Re: Long running backups - OK?"
In reply to Mladen Gogala: "Re: Long running backups - OK?"
Next in thread: Mladen Gogala: "Re: Long running backups - OK?"
Reply: Mladen Gogala: "Re: Long running backups - OK?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message