Report: Abnormal or Unauthorized Changes to Data
This report tracks all changes made to data by any account other than the application user account. The report should be reviewed and commented on by appropriate management on a quarterly basis.
COBIT objectives
This report is designed to meet the following COBIT objectives:
Objective Number | Description |
---|---|
AI2.3 | Unauthorized changes to data by non-application[13] accounts are tracked and reviewed by IT Management on a quarterly basis. |
Setup requirements
Sox Abnormal or Unauthorized Changes to Data policy: Object Audit Options
Report columns
The following columns are displayed in the report body:
Columns | Description |
---|---|
User ID | The ID of the database user that conducted the flagged activity |
Object | The name and owner of the database object that was directly manipulated by the flagged activity |
Timestamp | The exact time the flagged activity was conducted |
Terminal | The terminal IP address or name |
Origin Application | The name, or other identifier, for the originating application, if the activity originated from an external application or from an application server |
Action Type | The type of action successfully enacted by the User ID. |
By default, all actions are considered unauthorized. If you want, for example, to only mark UPDATEs as unauthorized actions, use Filters section in order to filter out the other action types. |