Re: Sorbanes Oxley for dummies?

  • From: Paul Drake <bdbafh@xxxxxxxxx>
  • To: Michael.Kline@xxxxxxxxxxxx
  • Date: Thu, 13 Jan 2005 12:27:26 -0500

Michael,

Arup Nanda wrote a book covering HIPAA, covering auditing, FGA, VPD.
Arup wrote a series of papers for OTN, here's one:
http://www.oracle.com/technology/oramag/webcolumns/2003/techarticles/nanda_fga.html

Sarb-Ox is so open to interpretation and implementation, that its best
to check with your auditors as far as what policies they see as
appropriate and how to implement them.

audit_trail=true and "audit session" would be a great start, but
sometimes you're better off doing nothing than a piecemeal and
incomplete effort.

Paul

On Thu, 13 Jan 2005 10:06:27 -0500, Kline.Michael
<Michael.Kline@xxxxxxxxxxxx> wrote:
> Has anyone done a good paper on what Sorbanes Oxley means for the DBA
> and that related group?
> 
> Some of our "requirements" are quite large and usually based on "I THINK
> Sorbanes Oxley may require it.
> 
> It would be nice to know without having to have a law degree.
> 
> Michael Kline
> ************************************************
> The information transmitted is intended solely
> for the individual or entity to which it is
> addressed and may contain confidential and/or
> privileged material. Any review, retransmission,
> dissemination or other use of or taking action
> in reliance upon this information by persons or
> entities other than the intended recipient is
> prohibited. If you have received this email in
> error please contact the sender and delete the
> material from any computer.
> ************************************************
> 
> --
> //www.freelists.org/webpage/oracle-l
>
--
//www.freelists.org/webpage/oracle-l

Other related posts: