logo
 
Home > Products > Application Auditor
  Application Auditor
Overview
BBB Intelligence
Application Auditor
SOD in 6 Easy Steps!
WhitePapers
 

Sarbanes-Oxley legislation is placing new and significant compliance and audit trail demands on Finance and IT departments across the nation. Auditing application transactions in the database is one of the many requirements saddled on these departments.

To comply, IT departments must design and build, or purchase and deploy, mechanisms in the database to track and report changes to key data elements in the database. While this task is not exceedingly difficult for most staffers, it does require significant time and effort that goes above and beyond their normal duties, possibly impacting their ability to provide adequate support to their users. Additionally, software customizations are often difficult or tedious to document and maintain, and increase the risk of issues relating to the application processes which are the source of the auditing.

Furthermore, some third party software solutions offer audit mechanisms that are either built into the application itself, leaving the audit mechanism open to the same security vulnerabilities as the application it is designed to audit, or require a dedicated server and database instance of their own, increasing the complexity and cost of ownership.

A better approach to meet these application auditing requirements is a standard, packaged and supported solution that is easy to use, requires no additional hardware or software purchases, has a non-application invasive, database level, low risk, secure auditing approach, which can provide flexible and meaningful audit trail reports, maintains and audits changes to its own configurations and facilitates the migration of such configurations across database instances to support change migration integrity. 

Application Auditor delivers the solution for the above requirements. It provides Audit Trail creation and reporting, Alert Notification and Transaction Prevention to enforce controls. Its audit engine continuously monitors for:

  • Users that are assigned application access to functional areas that conflict with user defined business rules. (SOD Violation Auditing) View Report
  • DBAs or IT Staff that make "backdoor" changes to table data (DML) or database objects (DDL).
  • IT Staff or Application Users that modify high risk setups, profile options or commit unauthorized business transactions.
  • Any database transaction (DML or DDL) that meets the user configurable audit criteria.

Application Auditor provides extensions and scope criteria for integration with Oracle E-Business Suite:

  • Over 90 pre-seeded tables to audit, with over 700 data points designed for SOX compliance.
  • Segregation of Duties Violations Manager - Define, Audit, Alert, Report and Prevent user access conflicts across responsibilities, operating units, menus, functions and forms without false positives. Over 1200 pre-defined function conflict pairs available. View Sample Report
  • Application User Watch Lists - Define and maintain a group or groups of application users to audit.
  • Captures the E-Business Suite Application User Name, Responsibility, Form Name or Concurrent Program that initiated the change.
  • Captures changes to text in columns with LONG data types, which are used by several EBS forms (Oracle Alert) that allow the input and execution of potentially harmful SQL text.

Download our datasheet or whitepapers to view product and topical details:

Data Sheet
Case Study 1   Case Study 2
Auditing the DBA - Whitepaper
 

 (If prompted for a password, just click cancel to download.)
Audit Example
 
Send Feedback About This Page
Home | Company | Products | Services | Customers | News & Events | Contact
 
 Questions or Comments? Send email to webmaster@absolute-tech.com. © 2007 Absolute Technologies Inc. All Rights Reserved.