ABSTRACT
Th is is the fi rst of six chapters of this book devoted to auditing. As a single topic, auditing is discussed more than any other topic in this book. Th is is no coincidence-auditing is usually the fi rst activity to be performed in any Oracle security initiative, it is usually the fi rst on auditor’s minds, and it is one of the most eff ective tools in combating wrongdoing. Among other reasons, you need to audit because:
Auditors require it and you will not pass an audit without a good audit trail which includes (at the very least) activities performed by privileged users and access to sensitive objects. Th is is now required by multiple regulations (such as Sarbanes Oxley and PCI) and by most internal and external auditors. An audit trail is a very eff ective deterrent which can stop people from doing the wrong thing. It is like putting a camera in places like casinos, ATMs, and subways. An audit trail is mandatory if you ever have to do an investigation to fi nd out what went wrong. An audit trail can alert you on suspicious activity. You can’t analyze what you don’t know. An audit trail is important when defi ning access control-especially for existing applica- tions. It is very hard to defi ne access control policies that will not break business processes unless you know what the current state is in terms of who is doing what.
