Oracle RSUBP security audit

Information System Audit (Revision) is a process of gathering evidence and assessment of whether an information system operates in accordance with the preservation of company assets, does it effectively supports the goals of the company, does it maintains the integrity of data and efficiently use IT resources.


Today, data are mostly stored in the databases and again, mostly in relational databases. Since the security of database is an important area of IT security then database security audit is an important area of IT security audit. The paper presents the basic concepts and processes in security and IT audit. After that, discusses the database security with an emphasis on the most common vulnerabilities and threats followed by Oracle database safeguards mechanism. Few approaches to Oracle databases security auditing is shown: Oracle company approach, SANS Institute approach and Pete Finnigan approach (one of the best connoisseurs of Oracle database security).