| SOX compliance [message #540688] |
Wed, 25 January 2012 06:26  |
 |
himabija
Messages: 33
Registered: December 2011
Location: San Francisco
|
Member |
|
|
For last few days I was just investing my times to understand SOX compliance for oracle database. But then I realized that SOX Compliance is a Bill to secure IT environments from possible security threats and it does not provide any guideline to implement it . So there is no specific implementation guideline for oracle database and we have to implement it according to business need (as Oracle database intrinsically is not justSOX compliant ).
So I was looking for some documents (or interpretation of SOX compliance for oracle database)what DBA's needs to do to make his database SOX compliant but unfortunately I'm not very happy with the documents I got over Internet (I'm providing the best link i have received over internet ) .Can you provide some better resource for this topic?
Is there any tool/script available to check whether database is sox compliant or not?(Just to ensure DBA has not skipped any areas .)
[Updated on: Wed, 25 January 2012 06:29] Report message to a moderator |
|
|
|
|
|
|
|
| Re: SOX compliance [message #540721 is a reply to message #540705] |
Wed, 25 January 2012 07:57  |
 |
Michel Cadot
Messages: 68749
Registered: March 2007
Location: Saint-Maur, France, https...
|
Senior Member
Account Moderator |
|
|
But SOX compliance is not a matter of database but application, whole application, and how the application uses the database and how all this is organized. It is meaningless to ask for database alone, so generic script is irrelevant.
Regards
Michel
[Updated on: Wed, 25 January 2012 08:02] Report message to a moderator |
|
|
|
| Re: SOX compliance [message #540723 is a reply to message #540705] |
Wed, 25 January 2012 08:01 |
John Watson
Messages: 8968
Registered: January 2010
Location: Global Village
|
Senior Member |
|
|
|
Hi - I thought that SOX was a set of rules for financial controls and reporting, therefore all done by the application - nothing to do with the database? I don't think it is like, for example, the PCI rules regarding encryption, which you as DBA may have to implement.
|
|
|
|
|
|
| Re: SOX compliance [message #540766 is a reply to message #540727] |
Wed, 25 January 2012 11:36 |
|
himabija
Messages: 33
Registered: December 2011
Location: San Francisco
|
Member |
|
|
Quote:the PCI rules regarding encryption
@John: You are absolutely right.Actually I have seen one of the post in this forum regarding PCI rules and came into conclusion that SOX compliance should have some instruction for database like PCI.
@Michel : I would have tried the toolkit today and give you all my feedback but unfortunately it comes with $199 . 
Anyway thanks John and Michel for your input.
[Updated on: Wed, 25 January 2012 11:39] Report message to a moderator |
|
|
|
|
|
| Re: SOX compliance [message #650045 is a reply to message #650036] |
Wed, 13 April 2016 06:43 |
 |
EdStevens
Messages: 1376
Registered: September 2013
|
Senior Member |
|
|
sameen wrote on Wed, 13 April 2016 01:57@himabija.. Do you get your ans that how to know that is your db is sox compliance or not?
if yes then ple tell me.
Pls also tell me that how to remove sox compliance from our DB?
Did you not read all of the responses in this 4-year old thread you just revived?
SOX compliance is a business issue, to be addressed in the application. It is not a database issue. There is nothing to "remove" from the database.
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
