Mladen, 1) Auditors are hired by management, not dbas. 2) Auditors want to keep the people who hire them happy. 3) Making life a pain in the butt for anybody but management will keep management happier. 4) Duh. And, if memory serves, way back when software was first going into banks, didn't some programmer funnel the fractional pennies of the interest calculations into a private account? And programmers often program in back-doors to subvert security procedures. Those could only be caught with a walkthru the code. Change control wouldn't stop it by someone authorized to work on the program. But the auditors are probably too ignorant to figure that one out. Duh. -- //www.freelists.org/webpage/oracle-l