5 Key Questions Auditors Ask During a Database Compliance Audit
Regulatory legislation is increasingly driving the expansion of formal enterprise audit processes to include information technology (IT) assets. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications such as SAP, Oracle E-Business Suite, PeopleSoft, and other Web Applications. Sarbanes Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA) the Payment Card Industry (PCI) standard and other regulatory measures require best practice controls to protect sensitive data.
To verify regulatory compliance, auditors look at multiple aspects of a database environment including: user management, authentication, separation of duties, access control, and audit trail. This paper focuses on the audit trail. The audit trail must meet specific requirements to meet the demands of auditors. In the following, we present five key questions posed by auditors to confirm compliance with best practice and regulatory mandates.
About Imperva
Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.
