--- Jared Still <[EMAIL PROTECTED]> wrote: > On Thursday 28 November 2002 03:53, O'Neill, Sean wrote: > > > We has a Standard Operating Procedure which states that whilst > DBA's have a > > access to data they will not change it. A recognition of the DBA's > > capabilties but stating on paper company trust they will "behave" > > themselves. > > Auditors are usually bean counters (accountants). > > They don't trust anybody.
Jared -- not necessarily so. Back at the company at which I was employed longest and where I learned to be a DBA, the auditors didn't have a CLUE about how to deal with databases and auditing of them. The data center would say in their audit paperwork "database auditing is done via controls installed by the application managers" and the application managers would say "database auditing is done via controls installed by the data center". And I would be instructed to SHUT UP and tell the auditors only the least amount of information I could get away with. The auditors bought it, year after year. I finally, just before I left, sat down and had a heart to heart talk with one of the auditors, explaining that they had had a development DBA (me) with total production access for years. It was too much work for them to develop a database auditing process, at least, they didn't get one even started before I left. __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Rachel Carmichael INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
