6.6 Poor Auditing Record
Auditing is the monitoring and recording of selected user database actions. It can be based on individual actions, such as the type of SQL statement executed, or a combination of factors that can include usernames, apps, time, and so on. Security policies may trigger audits when certain elements in Oracle databases are accessed or modified, including content in certain objects. A poor audit record is that automated system footage should be part of each database. It can cause various problems if the correct record is not made.
Audit records include information on audited operations, users performing operations, and date and time of operation. An audit record can be stored in a dictionary data table, called a database audit trail, or in an operating system file, called the operating system audit trail. The two general types of auditing are standard auditing, which is based on privileges, schemas, objects, and statements, and fine-grained auditing. Standard audit records can be written either to DBA_AUDIT_TRAIL (the sys.aud$ table) or to the operating system. Fine-grained audit records are written to DBA_FGA_AUDIT_TRAIL (the sys.fga_log$ table) and the DBA_COMMON_AUDIT_TRAIL view, which combines standard and fine-grained audit log records.
Poor auditing record is also insufficient to ensure that you comply with the rules. This is especially for those involved in industry such as financial or medical industry. There are many government regulations that directly deal with auditing and storing sensitive data records. Most companies have an audit system provided by database vendors. Every type of information stored by a business should be tracked for one reason or another, and if the records are not properly managed, they can lead the company to potentially disable the consequences. This software often does not meet the requirements for each company. There are many consequence of poor auditing records:
• Financial: When a record sneaks through cracked or incorrectly detected, the company can face problems with taxes and budgets and can then ripple to handle wages as well. It can also cause interruption to staff, and daily business, presenting financial burden to the company.
• Legal: In the event that businesses face legal or auditing, irregularly record keeping makes it difficult to produce records in real time (against the law), and may lead to issues with retention detection (also against the law).
• Productivity: When managers and employees waste time searching for lost records from work, managers may lose efficiency and money (since the time is money) and eventually hurt their bottom line.
• Data Loss: The larger businesses and their record archives are, the more important it is that there’s a backup plan in place for it their primary copies of records are somehow destroyed or lost and which can force companies to come to a grinding halt or even close their doors if they’re lost permanently.