|
Sarbanes-Oxley legislation is placing new and significant compliance and audit trail demands on Finance and IT departments across the nation. Auditing application transactions in the database is one of the many requirements saddled on these departments.
To comply, IT departments must design and build,
or purchase and deploy, mechanisms in the database to track and report changes to key data elements in the database. While this task is not
exceedingly difficult for most staffers, it does require significant time and effort that goes above and beyond their normal duties, possibly impacting their ability to provide adequate support to their users. Additionally,
software customizations are often difficult or tedious to document and maintain, and increase the risk of issues relating to the application processes which are the source of the auditing.
|
Furthermore, some
third party software solutions offer audit
mechanisms that are either built into the
application itself, leaving the audit mechanism
open to the same security vulnerabilities as the
application it is designed to audit, or require
a dedicated server and database instance of
their own, increasing the complexity and cost of
ownership.
A better approach to meet these application auditing requirements is a standard, packaged and supported solution that is easy to use,
requires no additional hardware or software
purchases, has a non-application invasive,
database level, low risk, secure auditing
approach, which can provide flexible and meaningful audit trail reports, maintains
and audits changes to its own configurations and facilitates the migration of such configurations across database instances
to support change migration integrity.
|