- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- How do you audit your DBA?
Operating System - HP-UX
1752808
Members
5687
Online
108789
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2006 02:15 PM
06-29-2006 02:15 PM
How do you audit your DBA?
For SOX, the policy ask us to audit DBA. We should know whether DBA change database raw data. Do you enable Oracle Auditing parameter to monitor database? or any third-party tool can help us to do auditing?
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2006 04:46 PM
06-30-2006 04:46 PM
Re: How do you audit your DBA?
I haven't gotten a good answer on this. And all of the auditors I work with are 22 year olds just out of college that are pretty weak technically and just ask the question on their questionaire.
Due to the number of transactions going through a system and the fact the a single transaction can make a huge different any auditing the log of the changes can be huge.
Ask yourself this question. What are you trying to catch? A DBA that is stealing? A DBA that is trying to mess up the books? ??
The not so good answer is:
a) Audit against outside transactions. E.g. compare against shipping documents, spot check account balances and checks. Focus on those transactions. Since the outside transactions are outside of the control of the DBA and audit will pick up problems.
b) Depending on the version of Oracle you are using you can turn on FGA (Fine Grained Auditing). This is a resource hog and generates a huge volume of data. If you want you can turn this on and the auditors love it, but it is not practical.
b2) It may be possible to turn this one only for the 'important' tables, but it will be logging EVERYONE's changes to a table.
b3) Since the DBA has access to other log ins ... it is possible for them to connect as a generic user (e.g. APPS) and make the changes. While you might be able to figure this out after the fact it would be nearly impossible to track this on a live system with many users.
c) A 'risk control' tactic that is only useful after a problem occurs.
Make sure you keep back-ups that are recoverable to any point in time. If a problem is found you can start recovering to an early point in time and roll forward until you see the data change.
If you keep logs this is fairly easy to do.
If anyone else has a good answer I am willing to hear it, but I spent a few weeks with the auditors before they finally backed down since we could not come up with any better solution.
Due to the number of transactions going through a system and the fact the a single transaction can make a huge different any auditing the log of the changes can be huge.
Ask yourself this question. What are you trying to catch? A DBA that is stealing? A DBA that is trying to mess up the books? ??
The not so good answer is:
a) Audit against outside transactions. E.g. compare against shipping documents, spot check account balances and checks. Focus on those transactions. Since the outside transactions are outside of the control of the DBA and audit will pick up problems.
b) Depending on the version of Oracle you are using you can turn on FGA (Fine Grained Auditing). This is a resource hog and generates a huge volume of data. If you want you can turn this on and the auditors love it, but it is not practical.
b2) It may be possible to turn this one only for the 'important' tables, but it will be logging EVERYONE's changes to a table.
b3) Since the DBA has access to other log ins ... it is possible for them to connect as a generic user (e.g. APPS) and make the changes. While you might be able to figure this out after the fact it would be nearly impossible to track this on a live system with many users.
c) A 'risk control' tactic that is only useful after a problem occurs.
Make sure you keep back-ups that are recoverable to any point in time. If a problem is found you can start recovering to an early point in time and roll forward until you see the data change.
If you keep logs this is fairly easy to do.
If anyone else has a good answer I am willing to hear it, but I spent a few weeks with the auditors before they finally backed down since we could not come up with any better solution.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP