Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Data Privacy, Auditing, Encryption Question

Re: Data Privacy, Auditing, Encryption Question

From: Dennis Williams <oracledba.williams_at_gmail.com>
Date: Thu, 18 May 2006 15:49:46 -0500
Message-ID: <de807caa0605181349t14dc7c18o9d1193a63ca8900e@mail.gmail.com> 





Kirti,



So they want something entirely outside Oracle that can track every single
action performed within Oracle, no matter what the access method? Wow, I'd
like to see that one as well.


    I'm assuming this is for SoX? If so, perhaps it might be better to ask
how others are complying with their SoX auditor requirements.


    Perhaps you could suggest that the security officer keep the SYS and
SYSTEM account passwords, and when a DBA needs to perform a task,
the security officer temporarily changes the password and then sits behind
the DBA to verify he/she is only performing the authorized tasks.



Dennis Williams


--
http://www.freelists.org/webpage/oracle-l


Received on Thu May 18 2006 - 15:49:46 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US