Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Oracle Database

Welcome to the Oracle Database topic!

In this topic you may collaborate with your peers by participating in discussions, adding links and documents, and starting or contributing to wikis.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
657 Members
0 Online
12218 Visits

Community Leader

Ian Cooke

Ian Cooke

Title: IT Audit Manager

Points: 175760

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 452 total

Must be a Topic member to contribute
View All »
Oracle’s cloud bravado masks its database despair http://www.techcentral.ie/oracles-cloud-bravado-masks-database-despair/
Ian Cooke | 2/8/2018 3:17:18 AM | COMMENTS(0)
Oracle Critical Patch Update Advisory - January 2018 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Ian Cooke | 1/17/2018 4:17:20 AM | COMMENTS(0)
Well worth reviewing - Best of Oracle Security 2017 https://www.doag.org/formes/servlet/DocNavi?action=getFile&did=9611800&key=
Ian Cooke | 12/16/2017 12:47:14 AM | COMMENTS(1)
Oracle Security Alert Advisory - CVE-2017-10269 http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10269-4021872.html
Ian Cooke | 11/15/2017 3:26:54 AM | COMMENTS(0)
Oracle Security Alert Advisory - CVE-2017-10151 http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-10151-4016513.html
Ian Cooke | 10/31/2017 5:34:22 AM | COMMENTS(0)
Oracle Critical Patch Update Advisory - October 2017 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Ian Cooke | 10/24/2017 5:00:21 AM | COMMENTS(0)

Documents & Publications: 25 total

Must be a Topic member to contribute
View All »
Best of Oracle Security 2016
Posted by Ian Cooke 459 days ago
The following document lists the options available for developing ● Oracle Database Security Standards; ● An Oracle Security Audit Program; and ● Oracle Security Checklists etc.
Posted by Ian Cooke 727 days ago
Best of Oracle Security 2015 by Red-Database-Security
Posted by Ian Cooke 824 days ago
EXPLOITING AND PROTECTING ORACLE - Pete Finnigan / Pentest security
Posted by Ian Cooke 1032 days ago
Oracle Database 12c Security and Compliance, ORACLE WHITE PAPER, Updated FEBRUARY 2015
Posted by Ian Cooke 1089 days ago
Best of Oracle Security 2014 by Red-Database-Security GmbH
Posted by Ian Cooke 1188 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 6 total

Volume 6, 2017
by ISACA | Reviewed by Ravi Ayappa, Ph.D., CISA, CRISC, CISM
This book is an ideal handbook for auditors, database administrators (DBAs) and security practitioners who would like detailed insight on Oracle database security.
Volume 1, 2016
by Balraj Thuppalay, CISM, CISSP
Both internal auditors and compliance analysts can play a vital role in helping companies achieve compliance with the US Sarbanes-Oxley Act of 2002, with focused reviews of IT general controls (ITGCs) around SAP.
Volume 6, 2014
by Muhammad Mushfiqur Rahman, CISA, CCNA, CEH, ITIL V3, MCITP, MCP, MCSE, MCTS, OCP, SCSA
Database auditing is the activity of monitoring and recording configured database actions from database users and nondatabase users, to ensure the security of the databases.
Volume 2, 2014
by Ian Cooke, CISA, CGEIT, COBIT-F, CFE, CPTS, DipFM, ITIL-F, Six Sigma Green Belt
CAATs are a valuable tool for auditing Oracle databases.
Volume 1, 2011
by David Knox, Scott Gaetjen, Hamza Jahangir, Tyler Muth, Patrick Sack, Richard Wark and Bryan Wise | Reviewed by Horst Karin, Ph.D., CISA, CISSP, ITIL
The strength of this book is its comprehensive knowledge, which is presented in an easy-to-understand style with useful supporting background information.
Volume 3, 2010
by ISACA | Reviewed by K. K. Mookhey, CISA, CISM, CISSP
A book review of the third edition of this popular ISACA title.

Wikis: 2 total

Blog Posts: 12 total

Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
During an audit you may find that shell scripts are used to connect to your Oracle database (these are often scheduled jobs).  In many instances this represents a security risk as the Oracle database password is hardcoded into the script.  This means th...
Posted By : Ian Cooke | 1 comments
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments
The main idea I am trying to advocate with these posts is a simple one.  Compare a database you are auditing against a database that you know already meets the standards required by the organisation you are auditing. This is achieved by creating “CSV...
Posted By : Ian Cooke | 1 comments
We have covered most of the core items that should be consider when performing an Oracle database audit in previous posts, however there a number of other items that I would typically look into. Database Links A database link is an object in one databa...
Posted By : Ian Cooke | 0 comments
The company you are auditing should have a policy on what is being audited within your Oracle database.  The level of auditing will almost certainly be affected by the sensitivity of the data. Good examples and bench marks for auditing may be seen in th...
Posted By : Ian Cooke | 0 comments