Oracle data vault is only for 10R2, isn't it?
On 8/16/06, Jared Still <jkstill_at_gmail.com> wrote:
>
>
> On 15 Aug 2006 13:03:01 -0700, David Aldridge <david_at_david-aldridge.com>
> wrote:
> >
> > Tsh, is there any lie that those operations people won't tell in order
> > to keep us out of their sandbox?
> >
> > Seriously though, I don't think that SOX is that detailed, and I don't
> > believe any STIG is either. It sounds like that rule is more along the
> > lines of an _interpretation_ of the regulations, or a quoting of the
> > regulations to justify a rule (depending on your degree of cynicism).
>
>
>
> SOX is not that detailed.
>
> The details are agreed upon by your company and your auditing company of
> choice.
>
> There are no rules that state "developers cannot have access to production
> data"
>
> It is highly unlikely that a developer, or anyone else for that matter,
> will get an
> account that is anything other than read only.
>
> DBAs are an exception to that. There should be safeguards to ensure that
> DBAs cannot muck around with that data. I believe Oracle Data Vault will
> do that.
>
>
>
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
>
>
--
Anjo Kolk
Owner and Founder OraPerf Projects
tel: +31-577-712000
mob: +31-6-55340888
--
http://www.freelists.org/webpage/oracle-l
Received on Tue Aug 15 2006 - 17:40:45 CDT
