Re: Sorbanes Oxley for dummies?

  • From: Paul Drake <bdbafh@xxxxxxxxx>
  • To: Michael.Kline@xxxxxxxxxxxx
  • Date: Thu, 13 Jan 2005 12:27:26 -0500


Arup Nanda wrote a book covering HIPAA, covering auditing, FGA, VPD.
Arup wrote a series of papers for OTN, here's one:

Sarb-Ox is so open to interpretation and implementation, that its best
to check with your auditors as far as what policies they see as
appropriate and how to implement them.

audit_trail=true and "audit session" would be a great start, but
sometimes you're better off doing nothing than a piecemeal and
incomplete effort.


On Thu, 13 Jan 2005 10:06:27 -0500, Kline.Michael
<Michael.Kline@xxxxxxxxxxxx> wrote:
> Has anyone done a good paper on what Sorbanes Oxley means for the DBA
> and that related group?
> Some of our "requirements" are quite large and usually based on "I THINK
> Sorbanes Oxley may require it.
> It would be nice to know without having to have a law degree.
> Michael Kline
> ************************************************
> The information transmitted is intended solely
> for the individual or entity to which it is
> addressed and may contain confidential and/or
> privileged material. Any review, retransmission,
> dissemination or other use of or taking action
> in reliance upon this information by persons or
> entities other than the intended recipient is
> prohibited. If you have received this email in
> error please contact the sender and delete the
> material from any computer.
> ************************************************
> --
> //

Other related posts: