Find Resources & Connect with members on topics that interest you.

Applications

Audit

Business Processes

Career Management

Cloud Computing/Virtualization

COBIT

Controls and Monitoring

Databases

Fraud and Computer Crime

Governance and Management

Industry

Information Security

IT Service Management

Mobile/Wireless

Operating Systems

Privacy/Data Protection

Regulations

Risk

Standards

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

ME - Monitor and Evaluate

Application Controls

Process Controls

Please sign in to see your topics.

You must be logged in to join this group.

Oracle Database

Collaborate, contribute, consume and create knowledge around Oracle Database. Click “Join Now” to become a full contributing member of this topic.

You must be a member of ISACA to join this group. Join now!

 
This Topic Has:
153 Members
0 Online
2602 Visits

 Recent Discussions
Oracle Security Alert for CVE-2012-1675. Posted by Ian Cooke.
Oracle Critical Patch Update Advisory - April 2012. Posted by Ian Cooke.
DBA Access. Posted by Avinash.

Community Leader

Ian Cooke

Ian Cooke

Title: IT Audit Manager

Points: 52

 
NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Discussions: 13 total

Must be a Topic member to contribute
View All »
Oracle Security Alert for...
Ian Cooke | 20 days ago | 0 comments
Oracle Critical Patch Upd...
Ian Cooke | 35 days ago | 0 comments
DBA Access
Avinash | 99 days ago | 3 comments
Auditing Oracle Using CAA...
Ian Cooke | 99 days ago | 0 comments
Oracle Security Alert for...
Ian Cooke | 111 days ago | 0 comments
Oracle Critical Patch Upd...
Ian Cooke | 125 days ago | 0 comments
View All »

Documents & Publications: 7 total

Must be a Topic member to contribute
View All »
Spool Oracle views to CSV type files
Spool Oracle views to CSV type files (Ian Cooke)
Posted by Ian Cooke 54 days ago
Oracle 11g Security
Excellent overview of Oracle 11g Security By Pete Finnigan
Posted by Ian Cooke 75 days ago
How to resolve Root Certificate Expiry Issue for Enterprise Manager-Database Control (10.2.0.4)
This paper demonstrates how to resolve the Oracle Enterprise Manager – Database Control configuration errors in Oracle Database versions 10.2.0.4 or 10.2.0.5, arising due to the Root Certificate Expiry issue since 31st December, 2010.
Posted by ZafferK 274 days ago
Database Disaster Recovery using only RMAN Backups
This paper demonstrates how an Oracle Database can be recovered or reconstructed by using only the RMAN Backup files (from Disks) in case of a complete server crash.
Posted by ZafferK 623 days ago
My Journey from 9.0.1 to 9.2.0.8
My experience on how we migrated our Production Database from Oracle 9iR1 [9.0.1] to Oracle 9iR2 [9.2.0.8] in July/August 2008.
Posted by ZafferK 623 days ago
Downloads
Security, Audit and Control Features Oracle Database, 3rd Edition Excerpt
Posted by ISACA 713 days ago
View All »

Events & Online Learning: 0 total

No Results Found

Journal Articles: 3 total

Volume 1, 2011
Applied Oracle Security
by David Knox, Scott Gaetjen, Hamza Jahangir, Tyler Muth, Patrick Sack, Richard Wark and Bryan Wise | Reviewed by Horst Karin, Ph.D., CISA, CISSP, ITIL
The strength of this book is its comprehensive knowledge, which is presented in an easy-to-understand style with useful supporting background information.
Volume 3, 2010
Security, Audit and Control Features Oracle Database, 3rd Edition
by ISACA | Reviewed by K. K. Mookhey, CISA, CISM, CISSP
A book review of the third edition of this popular ISACA title.
Volume 4, 2007
Approaches to Monitor Activities in Oracle Database
by Ying Shi, CISA, OCP

User Contributed External Links: 34 total

Wikis: 2 total

Blog Posts: 11 total

View All »
30 Mar 2012
Auditing Oracle using CAATs – Bringing It All Together
The main idea I am trying to advocate with these posts is a simple one.  Compare a database you are auditing against a database that you know already meets the standards required by the organisation you are auditing. This is achieved by creating “CSV ty...
Posted By : Ian Cooke | 1 comments
27 Mar 2012
Auditing Oracle using CAATs – Miscellaneous Items
We have covered most of the core items that should be consider when performing an Oracle database audit in previous posts, however there a number of other items that I would typically look into. Database Links A database link is an object in one database...
Posted By : Ian Cooke | 0 comments
19 Mar 2012
Auditing Oracle Audit Configurations using CAATs
The company you are auditing should have a policy on what is being audited within your Oracle database.  The level of auditing will almost certainly be affected by the sensitivity of the data. Good examples and bench marks for auditing may be seen in the...
Posted By : Ian Cooke | 0 comments
15 Mar 2012
Auditing Oracle Users using CAATs
Typically application access to an Oracle database is via one of two methods.  Either all users access the same database using a single (proxy) user which is defined in an initialisation (.INI) file, registry etc. Or the users access the database individ...
Posted By : Ian Cooke | 1 comments
15 Mar 2012
Auditing Oracle Privileges using CAATs
Before we get into auditing Oracle privileges a reminder of a few definitions might be helpful. A user privilege is the right to run a particular type of SQL statement, or the right to access an object belonging to another user, run a PL/SQL package, and...
Posted By : Ian Cooke | 1 comments
27 Feb 2012
Auditing Oracle Password Controls using CAATs
As with parameters the company you are auditing should have a policy on password controls.  For Oracle databases these can be seen in the Dba_Profiles view. A description of the fields in this view can be seen at http://docs.oracle.com/cd/B19306_01/server...
Posted By : Ian Cooke | 0 comments
View All »
Report An Issue