Professional Documents
Culture Documents
SECURITY
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
1.1 Security IT strategies/ 1. Review the 1. Review the 1. Review the 1. Review the If the 1. Review the If the
Policies policies and organization's organization's organization's organization's organization organization's organization
security security policy. security policy. security policy. security policy. does not have security policy. does not have
policies have a security a security
been policy policy
established to covering the covering the
provide the handling of handling of
organization’s data and data and
general access in access in
security DB2, there is DB2, there is
guidelines. a risk of data a risk of data
security security
comprising comprising
instability in instability in
the DB2 the DB2
system. system.
1.2 IT 1. Review the 1. Review the 1. Review the 1. Review the An 1. Review the An
Administration management organizational organizational organizational organizational inappropriate organizational inappropriate
and has structure to structure to structure to structure to organizational structure to organizational
Organization implemented a determine who determine who determine who determine who structure can determine who structure can
division of is responsible is responsible is responsible is responsible lead to is responsible lead to
roles and for the for the for the for the deficiencies in for the deficiencies in
responsibilities installation of installation of installation of installation of the installation of the
(segregation the software, the software, the software, the software, segregation the software, segregation
of duties) that performance performance performance performance of duties and performance of duties and
reasonably monitoring, monitoring, monitoring, monitoring, consequently, monitoring, consequently,
prevents a administration administration administration administration to administration to
single of security, of security, of security, of security, deficiencies in of security, deficiencies in
individual database database database database the internal database the internal
within IT from design and design and design and design and controls. design and controls.
subverting a application application application application application
critical development. development. development. development. development.
process.
2. Ensure that 2. Ensure that 2. Ensure that 2. Ensure that 2. Ensure that
the the the the the
1 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
Manage Security
2.1 New User Procedures 1. Inquire from 1. Inquire from 1. Inquire from 1. Inquire from 1. Inquire from
Access exist to ensure the the the the the
that the appropriate appropriate appropriate appropriate appropriate
requested individual of individual of individual of individual of individual of
access is the process in the process in the process in the process in the process in
documented place to place to place to place to place to
and approved request new request new request new request new request new
before access user access. user access. user access. user access. user access.
privileges are Ensure that Ensure that Ensure that Ensure that Ensure that
granted to internal internal internal internal internal
systems and controls are in controls are in controls are in controls are in controls are in
data. place to verify place to verify place to verify place to verify place to verify
that requested that requested that requested that requested that requested
access is access is access is access is access is
appropriate appropriate appropriate appropriate appropriate
and approved. and approved. and approved. and approved. and approved.
The internal The internal The internal The internal The internal
controls may controls may controls may controls may controls may
include include include include include
documentation documentation documentation documentation documentation
2 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
3 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
and evaluate and evaluate and evaluate and evaluate and evaluate
whether the whether the whether the whether the whether the
privileged privileged privileged privileged privileged
user’s access user’s access user’s access user’s access user’s access
to DB2 is to Oracle is to SYBASE is to Progress is to Oracle
controlled in controlled in controlled in controlled in RDB7 is
accordance accordance accordance accordance controlled in
with with with with accordance
procedures. procedures. procedures. procedures. with
procedures.
6. The auditor 6. The auditor 6. The auditor 6. The auditor
may decide to may decide to may decide to may decide to 6. The auditor
select one or select one or select one or select one or may decide to
more more more more select one or
production production production production more
databases and databases and databases and databases and production
find the RACF/ find the Oracle find the find the databases and
ACF2 groups, roles, user IDs SYBASE Progress find the RDB7
RACF/ and roles, user IDs roles, user IDs roles, user IDs
ACF2 user IDs applications and and and
and that have applications applications applications
applications access to the that have that have that have
that have production access to the access to the access to the
access to the data. Review production production production
production and evaluate data. Review data. Review data. Review
data. the selected and evaluate and evaluate and evaluate
Remember authorizations the selected the selected the selected
that install- in accordance authorizations authorizations authorizations
SYSADM user with in accordance in accordance in accordance
IDs have regulations. with with with
access to data For instance, regulations. regulations. regulations.
even if they do do personal For instance, For instance, For instance,
not appear user IDs have do personal do personal do personal
from access where user IDs have user IDs have user IDs have
SYSIBM.TABA this should access where access where access where
UTH. Review have been this should this should this should
and evaluate granted have been have been have been
the selected through an granted granted granted
authorizations Oracle role? through a through a through a
in accordance Typical users SYBASE role? Progress role? RDB7 role?
with do not need Typical users Typical users Typical users
regulations. access to do not need do not need do not need
For instance, Oracle through access to access to access to
do personal their user IDs SYBASE Progress RDB7 through
user IDs have since the through their through their their user IDs
access where access to user IDs since user IDs since since the
this should necessary the access to the access to access to
have been data is gained necessary necessary necessary
granted through the data is gained data is gained data is gained
4 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
5 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.2 Access Procedures 1. Interview 1. Interview 1. Interview 1. Interview If access for a 1. Interview If access for a
6 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
Termination are in place to the the the the terminated the terminated
ensure that appropriate appropriate appropriate appropriate employee is appropriate employee is
access for a individual to individual to individual to individual to not disabled individual to not disabled
terminated ensure that ensure that ensure that ensure that in a timely ensure that in a timely
employee is access for access for access for access for manner, there access for manner, there
disabled in a terminated terminated terminated terminated is a risk that terminated is a risk that
timely manner. employees is employees is employees is employees is unauthorized employees is unauthorized
disabled in a disabled in a disabled in a disabled in a access via disabled in a access via
timely manner timely manner timely manner timely manner their old timely manner their old
to mitigate the to mitigate the to mitigate the to mitigate the account can to mitigate the account can
risk of risk of risk of risk of be obtain risk of be obtain
unauthorized unauthorized unauthorized unauthorized when they are unauthorized when they are
access via access via access via access via no longer access via no longer
their old their old their old their old authorized to their old authorized to
accounts. accounts. accounts. accounts. do so. accounts. do so.
2. Review a 2. Review a 2. Review a 2. Review a 2. Review a
list of list of list of list of list of
terminated terminated terminated terminated terminated
individuals that individuals that individuals that individuals that individuals that
had database had database had database had database had database
access and access and access and access and access and
select a select a select a select a select a
sample of sample of sample of sample of sample of
terminated terminated terminated terminated terminated
users. users. users. users. users.
Compare the Compare the Compare the Compare the Compare the
sample to the sample to the sample to the sample to the sample to the
list of current list of current list of current list of current list of current
users. users. users. users. users.
2.3 Inactive Accounts that 1. Request a 1. Request a 1. Request a 1. Request a Dormant 1. Request a Dormant
Account have not been list of all user list of all user list of all user list of all user entries are a list of all user entries are a
Expiration used for IDs on the IDs on the IDs on the IDs on the target for IDs on the target for
greater than database with database with database with database with intruders, as database with intruders, as
60 days are the the the the the account the the account
disabled. corresponding corresponding corresponding corresponding user will not corresponding user will not
last date of last date of last date of last date of notice the last date of notice the
access. access access. access. activity. access. activity.
Review this list (dba_users Review this list Review this list Inactive Review this list Inactive
to ensure that table). Review to ensure that to ensure that accounts may to ensure that accounts may
dormant this list to dormant dormant also belong to dormant also belong to
accounts are ensure that accounts are accounts are a terminated accounts are a terminated
disabled. dormant disabled. disabled. employee disabled. employee
accounts are who could who could
disabled. then gain then gain
access via access via
their old their old
account when account when
7 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.4 User Access A control 1. Inquire from 1. Inquire from 1. Inquire from 1. Inquire from Dormant 1. Inquire from Dormant
Review process a system a system a system a system entries are a a system entries are a
should exist to administrator if administrator if administrator if administrator if target for administrator if target for
periodically a periodic a periodic a periodic a periodic intruders, as a periodic intruders, as
review and recertification recertification recertification recertification the account recertification the account
confirm of user access of user access of user access of user access user will not of user access user will not
access rights. is performed. is performed. is performed. is performed. notice the is performed. notice the
activity. activity.
2. Review 2. Review 2. Review 2. Review Inactive 2. Review Inactive
recertification recertification recertification recertification accounts may recertification accounts may
documentation documentation documentation documentation also belong to documentation also belong to
to ensure that to ensure that to ensure that to ensure that a terminated to ensure that a terminated
periodic periodic periodic periodic employee periodic employee
recertification recertification recertification recertification who could recertification who could
is performed. is performed. is performed. is performed. then gain is performed. then gain
3. Select a 3. Select a 3. Select a 3. Select a access via 3. Select a access via
sample of sample of sample of sample of their old sample of their old
database user database user database user database user account when database user account when
IDs that a IDs that a IDs that a IDs that a they are no IDs that a they are no
change in change in change in change in longer change in longer
access access access access authorized to access authorized to
privileges was privileges was privileges was privileges was do so. privileges was do so.
requested and requested and requested and requested and requested and
ensure that ensure that ensure that ensure that ensure that
access access access access access
privileges have privileges have privileges have privileges have privileges have
been changed. been changed. been changed. been changed. been changed.
2.5 Pre-expired When granting 1. Interview 1. Interview 1. Interview 1. Interview Account 1. Interview Account
Accounts for access to the system the system the system the system expiration the system expiration
Nonemployees nonemployees administrator administrator administrator administrator ensures that administrator ensures that
, accounts will to determine if to determine if to determine if to determine if the temporary to determine if the temporary
be preset to procedures procedures procedures procedures and contract procedures and contract
expire after are in place for are in place for are in place for are in place for users are are in place for users are
their planned creating creating creating creating prevented creating prevented
project temporary temporary temporary temporary from gaining temporary from gaining
completion accounts for accounts for accounts for accounts for access to accounts for access to
date. use by use by use by use by corporate use by corporate
vendors in the vendors in the vendors in the vendors in the resources vendors in the resources
course of the course of the course of the course of the after their course of the after their
duties. duties. duties. duties. contract ends. duties. contract ends.
Determine if Determine if Determine if Determine if Determine if
the procedures the procedures the procedures the procedures the procedures
8 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
call for the call for the call for the call for the call for the
immediate immediate immediate immediate immediate
removal of removal of removal of removal of removal of
these these these these these
accounts accounts accounts accounts accounts
following following following following following
completion of completion of completion of completion of completion of
the vendor's the vendor's the vendor's the vendor's the vendor's
work. work. work. work. work.
2.6 Expiration of The system 1. The system 1. The system 1. The system 1. The system Vendors 1. The system Vendors
Vendor-Created administrator administrator administrator administrator administrator sometimes administrator sometimes
Accounts will ensure will ensure that will ensure that will ensure that will ensure that create will ensure that create
that any any accounts any accounts any accounts any accounts accounts for any accounts accounts for
accounts created by a created by a created by a created by a their own use created by a their own use
created by a vendor are vendor are vendor are vendor are (or a vendor are (or a
vendor during immediately immediately immediately immediately process's immediately process's
installation are disabled or disabled or disabled or disabled or use) when disabled or use) when
immediately removed, removed, removed, removed, performing removed, performing
disabled or following following following following their duties. following their duties.
removed completion of completion of completion of completion of These completion of These
following their work. their work. their work. their work. accounts are their work. accounts are
completion of This can be This can be This can be This can be usually This can be usually
their work. done as done as done as done as temporary in done as temporary in
follows: follows: follows: follows: nature and follows: nature and
should be should be
1. Prior to 1. Prior to 1. Prior to 1. Prior to disabled and 1. Prior to disabled and
granting a granting a granting a granting a removed granting a removed
vendor vendor vendor vendor upon vendor upon
access, access, access, access, completion of access, completion of
determine determine determine determine the vendor's determine the vendor's
which which which which work. Not which work. Not
accounts have accounts have accounts have accounts have removing or accounts have removing or
been set up in been set up in been set up in been set up in disabling been setup in disabling
the system. the system by the system. the system. these the system. these
reviewing the accounts accounts
2. Following dba_users 2. Following 2. Following 2. Following
the removal of the removal of the removal of increases the the removal of increases the
table. risk that they
the temporary the temporary the temporary the temporary risk that they
vendor 2. Following vendor vendor will be used vendor will be used
account, the removal of account, account, for account, for
determine the temporary determine determine unauthorized determine unauthorized
which vendor which which access. which access.
accounts exist account, rerun accounts exist accounts exist accounts exist
in the system. the same in the system. in the system. in the system.
Compare the query. Compare the Compare the Compare the
list of accounts Compare the list of accounts list of accounts list of accounts
to determine if list of accounts to determine if to determine if to determine if
any new to determine if any new any new any new
9 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
10 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
11 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
12 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
table and
comparing the
privileges to
the dba_roles
table.
Note:
Grantees
returned from
this query may
themselves be
roles since
roles can be
assigned to
other roles.
When a return
value is a role,
use the tables
in statement
2c to find a list
of actual
usernames
that belong to
that role (refer
to testing Step
2a above for a
complete list of
roles). Multiple
recursions of
the script may
be necessary
to get to the
final list of
users
associated
with a role
depending on
the role
hierarchy
created in the
Oracle
database. The
default
hierarchy for
Oracle
involves two
levels of roles
to get to the
final user
13 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
account. For
instance, the
DBA role is
granted to the
import_full_dat
abase role,
which is
granted to the
user account
system. Also,
note that the
default roles
found in
statement 2b
are both
assigned
automatically
to the
database
username
system during
the basic
Oracle
installation.
The DBA role
is
automatically
assigned to
the database
username
system during
the basic
Oracle
installation.
From the list of
usernames
with
create/alter/dr
op user/role
privileges
identified in 2c,
evaluate
whether the
list is
appropriate by
comparing it to
the list
provided by
14 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
management.
In general,
only the
security
administrator
and/or
database
administrator
should have
the ability to
create, alter or
drop users and
roles.
15 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
administrator
and/or
database
administrator
should have
the ability to
create, alter or
drop users and
roles.
16 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
dba_sys_privs
(where
privilege =
“grant any
privilege” or
“grant any
role”) and
dba_roles
tables.
The only
default role
with both
these
privileges is
the DBA role.
The DBA role
requires these
privileges to
initially grant
privileges to
database
usernames
after
installation and
username
creation. All
other roles
having these
privileges do
not own these
privileges by
default.
17 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
dba_role_privs
and dba_roles
table.
Note: The
grantees
returned from
this review
may
themselves be
roles since
roles can be
assigned to
other roles.
When a return
value is a role,
find the list of
actual
usernames
that belong to
that role (refer
to testing Step
3a above for a
complete list of
roles). Also,
note that the
basic package
installation role
"DBA" is
automatically
assigned to
the database
user accounts
sys and
system.
From the list of
usernames
with the
"grant"
privileges
identified,
evaluate
whether the
list is
appropriate by
comparing it to
the list
provided by
management.
18 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
In general,
only the
security
administrator
and/or
database
administrator
should have
the ability to
grant
privileges to
users and
roles.
19 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
comparing it to
the list
provided by
management.
In general,
only the
security
administrator
and/or
database
administrator
should have
the ability
grant
privileges to
users and
roles.
2.8 High-level Sensitive DB Sensitive Review the Review the Review the Review the
Administrative functions used functions are logging policy logging policy logging policy logging policy
Privileges by those with recorded on and ensure and ensure and ensure and ensure
SYS, SMF records, that sensitive that sensitive that sensitive that sensitive
SYSADMN, which can be DB2 functions DB2 functions DB2 functions DB2 functions
SYSCTRL, extracted on a are logged. are logged. are logged. are logged.
SYSOPR, regular basis Inquire from Inquire from Inquire from Inquire from
DBADM, and further management management management management
PACKADM, analyzed to how this log is how this log is how this log is how this log is
DBMAINT and detect any reviewed. reviewed. reviewed. reviewed.
DBCTRL suspicious
privileges activities.
should be
logged for Review the
review. These logging policy
logs should be and ensure
reviewed by that sensitive
management DB2 functions
(someone are logged.
other than the Inquire from
security management
administrator how this log is
or DBA with reviewed.
aforementione
d privileges).
2.9 Security The IT security Reports can Reports can Reports can Reports can Reports can
Incidents administrator be utilized to be utilized to be utilized to be utilized to be utilized to
or designated indicate indicate indicate indicate indicate
personnel applications applications applications applications applications
20 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
monitors and where access where access where access where access where access
logs security has failed so has failed so has failed so has failed so has failed so
activity. that that that that that
Identified investigations investigations investigations investigations investigations
security can be carried can be carried can be carried can be carried can be carried
violations are out. out. out. out. out.
reported to
senior Inquire from Inquire from Inquire from Inquire from Inquire from
management the Security/ the Security/ the Security/ the Security/ the Security/
and
investigated in Database Database Database Database Database
a timely Administrator if Administrator if Administrator if Administrator if Administrator if
manner per an Incidence an Incidence an Incidence an Incidence an Incidence
established Handling Handling Handling Handling Handling
procedures. Policy has Policy has Policy has Policy has Policy has
been created. been created. been created. been created. been created.
Review the Review the Review the Review the Review the
Incident Incident Incident Incident Incident
Handling Handling Handling Handling Handling
Policy and Policy and Policy and Policy and Policy and
Procedures Procedures Procedures Procedures Procedures
document. document. document. document. document.
Request an Request an Request an Request an Request an
incident log. incident log. incident log. incident log. incident log.
Select a Select a Select a Select a Select a
sample of sample of sample of sample of sample of
incidents and incidents and incidents and incidents and incidents and
inquire from inquire from inquire from inquire from inquire from
relevant relevant relevant relevant relevant
individual if the individual if the individual if the individual if the individual if the
incident(s) incident(s) incident(s) incident(s) incident(s)
have been have been have been have been have been
resolved. resolved. resolved. resolved. resolved.
2.10 Password Ensure that Interview the Interview the Interview the Interview the Passwords Interview the Passwords
Configuration passwords are System System System System that are System that are
not easily Administrator Administrator Administrator Administrator simple to Administrator simple to
guessable to determine if to determine if to determine if to determine if guess or are to determine if guess or are
(i.e., words any third-party any third-party any third-party any third-party short in length any third-party short in length
found in a products or in- products or in- products or in- products or in- give intruders products or in- give intruders
dictionary, or a house controls house controls house controls house controls an easy house controls an easy
variation on have been have been have been have been opportunity to have been opportunity to
the developed developed developed developed gain developed gain
username); requiring a requiring a requiring a requiring a unauthorized requiring a unauthorized
that they do user to select user to select user to select user to select access to the user to select access to the
not pertain a password a password a password a password system. a password system.
directly to a that is not null, that is not null, that is not null, that is not null, that is not null,
user's family not easily not easily not easily not easily not easily
or personal guessed, and guessed, and guessed, and guessed, and guessed, and
21 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
interests; and contains both contains both contains both contains both contains both
that they alpha and alpha and alpha and alpha and alpha and
contain both numeric numeric numeric numeric numeric
alpha and characters. characters. characters. characters. characters.
numeric
characters. Obtain and Obtain system Obtain and Obtain and Obtain and
Passwords for review the and password review the review the review the
normal system password resource password password password
users will be a configuration parameters configuration configuration configuration
minimum of 8 settings. configured for settings. settings. settings.
characters. Ensure that each profile by Ensure that Ensure that Ensure that
Passwords for password reviewing the password password password
privileged configuration dba_profiles configuration configuration configuration
users will be a complies with table (use the complies with complies with complies with
minimum of 12 the profile names the the the
characters. organization's obtained from organization's organization's organization's
password the dba_users password password password
policy and best table). Also policy and best policy and best policy and best
practice. review the practice. practice. practice.
INIT_ORA file.
Review the
password
configuration
settings.
Determine if
the
PASSWORD_
VERIFY_FUN
CTION is
used. Ensure
that password
configuration
complies with
the
organization's
password
policy and best
practice.
2.11 Password Ensure that Interview the Interview the Interview the Interview the Integrity of Interview the Integrity of
Expiration passwords are System System System System passwords System passwords
changed a Administrator Administrator Administrator Administrator tend to Administrator tend to
minimum of to determine if to determine if to determine if to determine if decline over to determine if decline over
every 90 days any third-party any third-party any third-party any third-party time - the any third-party time - the
for all non- products, in- products, in- products, in- products, in- older a products, in- older a
privileged house house house house password is house password is
accounts and automated automated automated automated the more automated the more
30-day controls, or controls, or controls, or controls, or likely it is to controls, or likely it is to
minimum manual manual manual manual be known. manual be known.
22 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
change for all procedures procedures procedures procedures Frequent procedures Frequent
privileged have been have been have been have been password have been password
accounts. developed/ developed/ developed/ developed/ changes limit developed/ changes limit
implemented implemented implemented implemented the time implemented the time
requiring a requiring a requiring a requiring a during which requiring a during which
user to change user to change user to change user to change a user to change a
their password their password their password their password compromised their password compromised
on a periodic on a periodic on a periodic on a periodic password can on a periodic password can
basis. basis. basis. basis. be used to basis. be used to
gain gain
Select a Select a Select a Select a unauthorized Select a unauthorized
sample of non- sample of non- sample of non- sample of non- access to a sample of non- access to a
privileged user privileged user privileged user privileged user system. privileged user system.
IDs and IDs and IDs and IDs and IDs and
privileged user privileged user privileged user privileged user privileged user
IDs and IDs and IDs and IDs and IDs and
ensure that ensure that ensure that ensure that ensure that
password password password password password
change change change change change
interval is interval is interval is interval is interval is
appropriately appropriately appropriately appropriately appropriately
configured. configured. configured. configured. configured.
Ensure that
Also, a test for PASSWORD_ Also, a test for Also, a test for Also, a test for
password LIFE_TIME password password password
adequacy can (number of adequacy can adequacy can adequacy can
be performed days password be performed be performed be performed
by running a can be used) by running a by running a by running a
password is set password password password
"cracking" appropriately. "cracking" "cracking" "cracking"
script. script. script. script.
Also, a test for
Note: If DB28 password
is being used, adequacy can
password be performed
management by running a
features may password
be enabled via "cracking"
user profiles. script.
To determine
the use of
these features,
run the
following SQL
command:
SELECT *
FROM
DBA_PROFIL
ES WHERE
23 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
RESOURCE_
NAME =
'PASSWORD_
LIFE_TIME''
2.12 Password Users will be Interview the Interview the Interview the Interview the Lack of a Interview the Lack of a
History prevented System System System System password System password
from re-using Administrator Administrator Administrator Administrator history allows Administrator history allows
the 10 to determine if to determine if to determine if to determine ifusers to re- to determine ifusers to re-
previous any third-party any third-party any third-party any third-partyuse old any third-partyuse old
passwords. products, in- products, in- products, in- products, in- passwords, products, in- passwords,
house house house house defeating the house defeating the
automated automated automated automated intent of automated intent of
controls, or controls, or controls, or controls, or forcing users controls, or forcing users
manual manual manual manual to change manual to change
procedures procedures procedures procedures their procedures their
have been have been have been have been password on have been password on
developed and developed and developed and developed and a regular developed and a regular
implemented implemented implemented implemented basis. implemented basis.
restricting a restricting a restricting a restricting a Integrity of restricting a Integrity of
user from user from user from user from passwords user from passwords
selecting a selecting a selecting a selecting a tend to selecting a tend to
previously previously previously previously decline over previously decline over
used used used used time - the used time - the
password password password password older a password older a
when selecting when selecting when selecting when selecting password is when selecting password is
a new a new a new a new the more a new the more
password. password. password. password. likely it is to password. likely it is to
be known. be known.
Review Review Review Review Frequent Review Frequent
password password password password password password password
configuration configuration configuration configuration changes limit configuration changes limit
file to ensure file to ensure file to ensure file to ensure the time file to ensure the time
that a that a that a that a during which that a during which
predetermined predetermined predetermined predetermined a predetermined a
number of number of number of number of compromised number of compromised
previously previously previously previously password can previously password can
user user user user be used to user be used to
passwords passwords passwords passwords gain passwords gain
cannot be cannot be cannot be cannot be unauthorized cannot be unauthorized
used. used. Ensure used. used. access to a used. access to a
that system. system.
PASSWORD_
REUSE_TIME
(number of
days before a
password can
be re-used. If
set, then
24 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
password_reu
se_max must
be set to
UNLIMITED)
and
PASSWORD_
REUSE_MAX
(number of
password
changes
required
before current
password can
be re-used. If
set, then
password_reu
se_time must
be set to
UNLIMITED)
is set
appropriately.
2.13 Initial The System Interview the Interview the Interview the Interview the When Interview the When
Password Administrator System System System System obtaining a System obtaining a
Distribution will develop a Administrator Administrator Administrator Administrator password for Administrator password for
strategy for and determine and determine and determine and determine an account's and determine an account's
securely what process what process what process what process initial use or what process initial use or
distributing is in place for is in place for is in place for is in place for after having a is in place for after having a
new or reset disseminating disseminating disseminating disseminating password disseminating password
passwords to new or reset new or reset new or reset new or reset reset, the new or reset reset, the
the passwords to passwords to passwords to passwords to password passwords to password
appropriate users. users. users. users. must be users. must be
individual. Determine if Determine if Determine if Determine if relayed from Determine if relayed from
this process this process this process this process the Security this process the Security
meets the meets the meets the meets the Administratio meets the Administratio
following following following following n staff to the following n staff to the
requirements: requirements: requirements: requirements: user. Not requirements: user. Not
relaying this relaying this
- the password - the password - the password - the password password in a - the password password in a
does not does not does not does not secure does not secure
reside in a file reside in a file reside in a file reside in a file manner reside in a file manner
on a network on a network on a network on a network increases the on a network increases the
or server in or server in or server in or server in risk that the or server in risk that the
clear text clear text clear text clear text password will clear text password will
(unencrypted), (unencrypted), (unencrypted), (unencrypted), become (unencrypted), become
- the password - the password - the password - the password known to an - the password known to an
does not pass does not pass does not pass does not pass unauthorized does not pass unauthorized
over the over the over the over the individual. over the individual.
This could This could
25 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.13 User ID Database 1. System 1. System 1. System 1. System Not defining 1. System Not defining
Naming User IDs accounts accounts accounts accounts or adhering to accounts or adhering to
Convention should (HIGH (HIGH (HIGH (HIGH naming (HIGH naming
conform to the PRIVILEGE) PRIVILEGE) PRIVILEGE) PRIVILEGE) conventions PRIVILEGE) conventions
appropriate increases the increases the
company Accounts Accounts Accounts Accounts level of work Accounts level of work
policy for installed with installed with installed with installed with required installed with required
naming the system the system the system the system when tracking the system when tracking
convention. that generally that generally that generally that generally down an that generally down an
have high, if have high, if have high, if have high, if individual’s have high, if individual’s
not unlimited, not unlimited, not unlimited, not unlimited, access for not unlimited, access for
privileges. privileges. privileges. privileges. removal or privileges. removal or
2. Application 2. Application 2. Application 2. Application review. 2. Application review.
accounts accounts accounts accounts accounts
(HIGH (HIGH (HIGH (HIGH (HIGH
PRIVILEGE) PRIVILEGE) PRIVILEGE) PRIVILEGE) PRIVILEGE)
Accounts Accounts Accounts Accounts Accounts
installed with installed with installed with installed with installed with
an application. an application. an application. an application. an application.
They generally They generally They generally They generally They generally
have some have some have some have some have some
system system system system system
privileges and privileges and privileges and privileges and privileges and
virtually virtually virtually virtually virtually
unlimited unlimited unlimited unlimited unlimited
application application application application application
object object object object object
privileges. privileges. privileges. privileges. privileges.
3. 3. 3. 3. 3.
Administrator Administrator Administrator Administrator Administrator
accounts accounts accounts accounts accounts
(HIGH (HIGH (HIGH (HIGH (HIGH
PRIVILEGE) PRIVILEGE) PRIVILEGE) PRIVILEGE) PRIVILEGE)
Accounts used Accounts used Accounts used Accounts used Accounts used
by by by by by
administrators administrators administrators administrators administrators
26 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
to maintain the to maintain the to maintain the to maintain the to maintain the
system. These system. These system. These system. These system. These
accounts accounts accounts accounts accounts
generally have generally have generally have generally have generally have
unlimited unlimited unlimited unlimited unlimited
privileges. privileges. privileges. privileges. privileges.
Review the list Review the list Review the list Review the list Review the list
of accounts of accounts of accounts of accounts of accounts
with the with the with the with the with the
System System System System System
Administrator. Administrator. Administrator. Administrator. Administrator.
Determine if Determine if Determine if Determine if Determine if
account account account account account
names comply names comply names comply names comply names comply
with with with with with
organizational organizational organizational organizational organizational
naming naming naming naming naming
standards. standards. A standards. standards. standards.
list of accounts
can be
generated by
reviewing the
dba_users
table.
2.14 Use of Shared user Review the Review the Review the Review the Generic user Review the Generic user
Generic Ids (including database user database user database user database user accounts limit database user accounts limit
Accounts guest list for account list for account list for account list for account accountability list for account accountability
accounts) will names that names that names that names that of user names that of user
not be created appear to be appear to be appear to be appear to be actions appear to be actions
or issued generic and generic and generic and generic and performed generic and performed
when it is inquire as to inquire as to inquire as to inquire as to while logged inquire as to while logged
technically their purpose. their purpose. their purpose. their purpose. in as a their purpose. in as a
feasible to generic user. generic user.
provide Use of a Use of a
individual IDs. generic generic
A periodic account is account is
review will be extremely extremely
performed to difficult to difficult to
ensure that no audit since it audit since it
generic is impossible is impossible
accounts have to attribute to attribute
been set up activities to a activities to a
without the specific user. specific user.
System For this For this
Administrator's reason, reason,
knowledge. intruders intruders
The System often target often target
27 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.15 Default Default user Interview the Interview the Interview the Interview the The "System" Interview the The "System"
Accounts accounts System System System System and "Sys" System and "Sys"
shipped with Administrator Administrator Administrator Administrator accounts are Administrator accounts are
software will to determine to determine to determine to determine created to determine created
be disabled or what controls what controls what controls what controls during the what controls during the
the account are in place for are in place for are in place for are in place for
DB2 are in place for
DB2
names will be securing the securing securing securing installation securing installation
changed. If "System" and default default default process. default process.
default "Sys" accounts. accounts. accounts. These accounts. These
accounts must accounts. accounts are accounts are
remain Determine if Determine if Determine if both Determine if both
enabled, the Determine if default default default extremely default extremely
password will the default passwords for passwords for passwords for privileged passwords for privileged
be changed in passwords for default default default having default having
accordance the "Sys" and accounts have accounts have accounts have unlimited accounts have unlimited
with the "System" been changed. been changed. been changed. access to all been changed. access to all
password accounts have DB2 DB2
been changed For the default
change usernames resources resources
policies. by issuing the (e.g., (e.g.,
following and related
passwords, commands commands
commands: and data). and data).
verify that the
CONNECT passwords are These These
sys/ changed. For accounts are accounts are
change_on_in this, perform unaccountabl unaccountabl
stall; the following: e in nature e in nature
since they are since they are
CONNECT 1. First log in created created
system/ to database during the during the
manager; using the installation installation
following process. process.
username/ Auditing their Auditing their
password use is limited use is limited
28 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
29 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
pose a
potential risk.
Note: In
addition to the
default
database
accounts
listed, there
may be
numerous
accounts
created if the
database is
used to
support an
ERP
application
such as Oracle
11i
or SAP. Also,
depending on
the version
and options
installed, the
database may
list fewer
or different
default users.
2. Login
attempts using
the default
passwords
should all fail;
otherwise, it
indicates that
users are
allowed to
access
database
using vendor
provided
default
usernames
and
30 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
associated
passwords.
2.16 Account User accounts Interview the Interview the Interview the Interview the A common Interview the A common
Lockout will be System System System System method for System method for
configured to Administrator Administrator Administrator Administrator obtaining Administrator obtaining
lock users out to determine if to determine if to determine if to determine if unauthorized to determine if unauthorized
after 3 any third-party any third-party any third-party any third-party system any third-party system
consecutive products or in- products or in- products or in- products or in- access is products or in- access is
failed login house house house house trying to login house trying to login
attempts. automated automated automated automated with default or automated with default or
controls have controls have controls have controls have known controls have known
been been been been accounts. The been accounts. The
developed/ developed/ developed/ developed/ potential developed/ potential
implemented implemented implemented implemented intruder will implemented intruder will
that lock an that lock an that lock an that lock an either that lock an either
account after a account after a account after a account after a manually or account after a manually or
consecutive consecutive consecutive consecutive automatically consecutive automatically
series of failed series of failed series of failed series of failed(via script or series of failed(via script or
login attempts. login attempts. login attempts. login attempts. program) try login attempts. program) try
to login to the to login to the
Auditing of Ensure that Auditing of Auditing of account with Auditing of account with
connections FAILED_LOGI connections connections different connections different
should be N_ATTEMPTS should be should be passwords should be passwords
enabled so (number of enabled so enabled so until enabled so until
that failed attempts to log that failed that failed successful. that failed successful.
attempts can in that can fail attempts can attempts can By allowing attempts can By allowing
be before the be be numerous, be numerous,
investigated as account is investigated as investigated as consecutive investigated as consecutive
appropriate. locked) and appropriate. appropriate. failed login appropriate. failed login
The following PASSWORD_ attempts, the attempts, the
SQL statement LOCK_TIME risk of an risk of an
is used to (time an unauthorized unauthorized
audit failed account user gaining user gaining
connection remains system system
attempts: locked after access access
failed login increases. increases.
AUDIT attempts)
SESSION parameters
WHENEVER are set
NOT appropriately.
SUCCESSFU
L;
The table Auditing of
SYS.AUD$ will connections
contain the should be
failed login enabled so
entries. To that failed
determine if attempts can
31 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
sessions are be
being audited, investigated as
execute the appropriate.
following
query:
SELECT *
FROM
SYS.DBA_ST
MT_AUDIT_O
PTS
WHERE
AUDIT_ACTIO
N = 'CREATE
SESSION';
SELECT *
FROM
DBA_PROFIL
ES WHERE
RESOURCE_
NAME =
'FAILED_LOGI
N_ATTEMPTS
'
2.17 Application The System The System The System The System The System Security The System Security
Accounts Local Administrator Administrator Administrator Administrator Administrator Concern/ Administrator Concern/
will work with will work with will work with will work with will work with Implication will work with Implication
the appropriate appropriate appropriate appropriate appropriate
appropriate personnel personnel personnel personnel Application personnel Application
personnel in (e.g., system (e.g., system (e.g., system (e.g., system accounts are (e.g., system accounts are
developing a administrators, administrators, administrators, administrators, created administrators, created
strategy for developers, developers, developers, developers, during the developers, during the
changing and and and and installation of and installation of
"Application" application application application application an application an
account owners) to owners) to owners) to owners) to application. owners) to application.
passwords to identify all identify all identify all identify all These identify all These
non-guessable application application application application accounts application accounts
values. This accounts and accounts and accounts and accounts and typically own accounts and typically own
strategy their their their their application their application
should respective respective respective respective objects and respective objects and
address the use. Research use. Research use. Research use. Research are used for use. Research are used for
ramifications will be will be will be will be application will be application
of making conducted to conducted to conducted to conducted to processing. conducted to processing.
such a change determine if determine if determine if determine if The determine if The
(such as the any any any any passwords any passwords
possibility of ramifications ramifications ramifications ramifications associated ramifications associated
the exist from exist from exist from exist from with these exist from with these
32 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
"Application" securing these securing these securing these securing these accounts are securing these accounts are
account accounts by accounts by accounts by accounts by usually set to accounts by usually set to
passwords changing the changing the changing the changing the default values changing the default values
being hard password to a password to a password to a password to a during the password to a during the
coded in non-guessable non-guessable non-guessable non-guessable installation non-guessable installation
scripts or value. value. value. value. process and value. process and
application are therefore are therefore
modules). The System The System The System The System well known The System well known
Administrator Administrator Administrator Administrator throughout Administrator throughout
will work with will work with will work with will work with the hacking will work with the hacking
application application application application communities. application communities.
developers or developers or developers or developers or These developers or These
managers to managers to managers to managers to accounts managers to accounts
identify data identify data identify data identify data should not be identify data should not be
access access access access used for access used for
requirements requirements requirements requirements database requirements database
in remote in remote in remote in remote administration in remote administration
databases. databases. databases. databases. due to their databases. due to their
Separate Separate Separate Separate privileged Separate privileged
application application application application state and application state and
accounts used accounts used accounts used accounts used unaccountabl accounts used unaccountabl
only for remote only for remote only for remote only for remote e nature. Not only for remote e nature. Not
access will be access will be access will be access will be securing access will be securing
created in the created in the created in the created in the these created in the these
remote remote remote remote accounts remote accounts
database(s) database(s) database(s) database(s) increases the database(s) increases the
with privileges with privileges with privileges with privileges risk of with privileges risk of
limited to limited to limited to limited to unauthorized limited to unauthorized
those those those those access to the those access to the
necessary for necessary for necessary for necessary for system in a necessary for system in a
data access data access data access data access privileged data access privileged
from the from the from the from the state with no from the state with no
application. application. application. application. accountability application. accountability
A special A special A special A special . A special .
application application application application application
role will be role will be role will be role will be role will be
created in the created in the created in the created in the created in the
remote remote remote remote remote
databases databases databases databases databases
which grants which grants which grants which grants which grants
only those only those only those only those only those
system and system and system and system and system and
object object object object object
privileges privileges privileges privileges privileges
necessary for necessary for necessary for necessary for necessary for
running the running the running the running the running the
application. application. application. application. application.
The role must The role must The role must The role must The role must
be a default be a default be a default be a default be a default
33 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
role and must role and must role and must role and must role and must
not be not be not be not be not be
password password password password password
protected to protected to protected to protected to protected to
function function function function function
properly properly properly properly properly
across the across the across the across the across the
database link; database link; database link; database link; database link;
the role will not the role will not the role will not the role will not the role will not
be granted to be granted to be granted to be granted to be granted to
ANY other ANY other ANY other ANY other ANY other
accounts accounts accounts. accounts. accounts
Interview the Interview the Interview the Interview the Interview the
System System System System System
Administrator Administrator Administrator Administrator Administrator
to determine to determine to determine to determine to determine
what controls what controls what controls what controls what controls
are in place for are in place for are in place for are in place for are in place for
securing securing securing securing securing
"Application" "Application" "Application" "Application" "Application"
accounts. accounts. accounts. accounts. accounts.
Interview the Interview the Interview the Interview the Interview the
Database Database Database Database Database
Administrator Administrator Administrator Administrator Administrator
and and and and and
application application application application application
owners to owners to owners to owners to owners to
determine how determine how determine how determine how determine how
and when and when and when and when and when
"Application" "Application" "Application" "Application" "Application"
accounts are accounts are accounts are accounts are accounts are
used. used. used. used. used.
Review the list Review the list Review the list Review the list Review the list
of accounts of accounts of accounts of accounts of accounts
with the with the with the with the with the
System System System System System
Administrator Administrator Administrator Administrator Administrator
and determine and determine and determine and determine and determine
which which which which which
accounts accounts accounts accounts accounts
have been have been have been have been have been
created created created created created
expressly for expressly for expressly for expressly for expressly for
remote remote remote remote remote
application application application application application
34 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
35 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
account, use
the following
SQL
commands:
SELECT
OWNER,
TABLE_NAME
, PRIVILEGE
FROM
SYS.DBA_TA
B_PRIVS
WHERE
GRANTEE IN
('name of
application
role',
'application
username');
2.18 Embedded Account Review host Review host Review host Review host Account Review host Account
Accounts names and files to files to files to files to names and files to names and
passwords will determine if determine if determine if determine if passwords determine if passwords
not be account account account account are account are
embedded in names and names and names and names and sometimes names and sometimes
scripts, files or passwords passwords passwords passwords embedded in passwords embedded in
applications, have been have been have been have been scripts and have been scripts and
or other embedded. embedded. embedded. embedded. other embedded. other
locations The following The following The following The following applications applications
where they commands commands commands commands to automate to automate
may be can be used to can be used to can be used to can be used to the login the login
discovered in search for search for search for search for process. process.
clear text. embedded embedded embedded embedded Although this Although this
Periodic account account account account may make the may make the
reviews will be names and names and names and names and process of process of
performed to passwords; passwords; passwords; passwords; logging in logging in
determine if easier, it easier, it
other users UNIX UNIX UNIX UNIX poses a great poses a great
have cd full- cd full- cd full- cd full- security risk security risk
embedded directory-path- directory-path- directory-path- directory-path- since these since these
passwords for-script- for-script- for-script- for-script- account account
where they directories directories directories directories names and names and
may be found passwords passwords
in clear text or grep connect grep connect grep connect grep connect can can
deciphered. *.sql > audit- *.sql > audit- *.sql > audit- *.sql > audit- potentially be potentially be
connect.dat connect.dat connect.dat connect.dat discovered by discovered by
other users. other users.
The practice The practice
36 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
NT NT NT NT of embedding of embedding
account account
Start -> Find Start -> Find Start -> Find Start -> Find names and names and
Files or Files or Files or Files or passwords in passwords in
Folders Folders Folders Folders scripts and scripts and
Advanced Tab Advanced Tab Advanced Tab Advanced Tab other other
in "Containing in "Containing in "Containing in "Containing applications applications
text field" key text field" key text field" key text field" key increases the increases the
in "Connect" in "Connect" in "Connect" in "Connect" probability probability
that that
The audit- The audit- The audit- The audit- unauthorized unauthorized
connect.dat connect.dat connect.dat connect.dat access to the access to the
file will contain file will contain file will contain file will contain system will system will
all connect all connect all connect all connect occur. occur.
statements in statements in statements in statements in
the scripts; the the scripts; the the scripts; the the scripts; the
format is format is format is format is
'connect 'connect 'connect 'connect
userid/ userid/ userid/ userid/
password'; password'; password';
passwords passwords passwords
password'; should not be should not be should not be
passwords included. The included. The included. The
should not be string string string
included. The "connect/ "connect/ "connect/
string " is valid. " is valid. " is valid.
"connect/
" is valid.
2.19 Limit User The System The System The System The System The System The SELECT The System The SELECT
SELECT Administrator Administrator Administrator Administrator Administrator privilege Administrator privilege
Privileges will work with will work with will work with will work with will work with grants a user will work with grants a user
application application application application application read access application read access
developers developers, developers, developers, developers, on views and developers, on views and
and owners to owners and owners and owners and owners and tables. owners and tables.
determine other other other other Typically, other Typically,
what data DB appropriate appropriate appropriate appropriate users read appropriate users read
users are individuals to individuals to individuals to individuals to data through individuals to data through
allowed to determine determine determine determine an determine an
read (view) what data DB2 what data DB what data DB2 what data DB2 application. what data DB2 application.
from within users are users are users are users are Applications users are Applications
their allowed to allowed to allowed to allowed to usually have allowed to usually have
respective read (view) read (view) read (view) read (view) their own read (view) their own
applications. from within from within from within from within level of from within level of
The System their their their their security which their security which
Administrator respective respective respective respective may further respective may further
should applications. A applications. A applications. A applications. A restrict that applications. A restrict that
develop a comparison comparison comparison comparison data which comparison data which
strategy for between the between the between the between the can be read between the can be read
37 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
duplicating the data a user is data a user is data a user is data a user is over what the data a user is over what the
READ allowed to allowed to allowed to allowed to user's DB2 allowed to user's DB2
privileges in read from read from read from read from account read from account
the application within an within an within an within an restricts. within an restricts.
to the application vs. application vs. application vs. application vs. Applications application vs. Applications
SELECT that data a that data a that data a that data a typically only that data a typically only
privileges in user is allowed user is allowed user is allowed user is allowed allow READ user is allowed allow READ
the database. to read when to read when to read when to read when to specific to read when to specific
connecting connecting connecting connecting rows within a connecting rows within a
directly to the directly to the directly to the directly to the table, DB2 is directly to the table, DB2 is
database will database will database will database will typically database will typically
be performed. be performed. be performed. be performed. configured to be performed. configured to
A strategy for A strategy for A strategy for A strategy for either allow or A strategy for either allow or
duplicating the duplicating the duplicating the duplicating the deny access duplicating the deny access
read privileges read privileges read privileges read privileges to all or no read privileges to all or no
allowed within allowed within allowed within allowed within rows of the allowed within rows of the
applications to applications to applications to applications to table. Not applications to table. Not
SELECT SELECT SELECT SELECT restricting a SELECT restricting a
privileges privileges privileges privileges user’s privileges user’s
allowed in the allowed in the allowed in the allowed in the SELECT allowed in the SELECT
database will database will database will database will privileges in database will privileges in
be developed. be developed. be developed. be developed. DB2 to match be developed. DB2 to match
that of the that of the
Determine Determine Determine Determine application Determine application
what accounts what accounts what accounts what accounts increases the what accounts increases the
have been set have been set have been set have been set risk that users have been set risk that users
up for users. up for users by up for users. up for users. will be able to up for users. will be able to
Determine if reviewing the Determine if Determine if read Determine if read
any SELECT following query any SELECT any SELECT unauthorized any SELECT unauthorized
privileges have with the privileges have privileges have data through privileges have data through
been assigned System been assigned been assigned use of a third- been assigned use of a third-
by determining Administrator by determining by determining party by determining party
the aggregate and User the aggregate the aggregate reporting the aggregate reporting
privileges groups: privileges privileges package or privileges package or
assigned to assigned to assigned to utility. assigned to utility.
"User" SELECT "User" "User" "User"
accounts. USERNAME accounts. accounts. accounts.
FROM
For "User" SYS.DBA_US For "User" For "User" For "User"
accounts that ERS; accounts that accounts that accounts that
have been have been have been have been
assigned Determine if assigned assigned assigned
SELECT any SELECT SELECT SELECT SELECT
privileges privileges have privileges privileges privileges
determine if been assigned determine if determine if determine if
this level of by determining this level of this level of this level of
"read" access the aggregate "read" access "read" access "read" access
is greater than privileges is greater than is greater than is greater than
that which the assigned to that which the that which the that which the
application "User" application application application
38 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.20 User The System The System The System The System The System Users should The System Users should
Object Administrator Administrator Administrator Administrator Administrator typically make Administrator typically make
Privileges will ensure will develop a will develop a will develop a will develop a updates to will develop a updates to
that users are report giving report giving report giving report giving data through report giving data through
not granted the aggregate the aggregate the aggregate the aggregate an the aggregate an
INSERT, object object object object application. object application.
UPDATE, or privileges privileges privileges privileges Applications privileges Applications
DELETE assigned to assigned to assigned to assigned to sometimes assigned to sometimes
privileges to (user) (user) (user) (user) require a (user) require a
objects (e.g., user's DB2 user's DB2
39 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
40 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
they have they have they have they have they have
taken. taken. taken. taken. taken.
2. Immediately 2. Immediately 2. Immediately 2. Immediately 2. Immediately
remove the remove the remove the remove the remove the
unauthorized unauthorized unauthorized unauthorized unauthorized
privileges from privileges from privileges from privileges from privileges from
the user. This the user. This the user. This the user. This the user. This
will will will will will
immediately immediately immediately immediately immediately
remove the remove the remove the remove the remove the
risk from the risk from the risk from the risk from the risk from the
system but system but system but system but system but
could make it could make it could make it could make it could make it
harder to harder to harder to harder to harder to
determine if determine if determine if determine if determine if
the user used the user used the user used the user used the user used
the privileges the privileges the privileges the privileges the privileges
in an in an in an in an in an
unauthorized unauthorized unauthorized unauthorized unauthorized
manner and, if manner and, if manner and, if manner and, if manner and, if
so, what so, what so, what so, what so, what
actions they actions they actions they actions they actions they
took. took. took. took. took.
Determine Determine Determine Determine Determine
what accounts what accounts what accounts what accounts what accounts
have been have been have been have been have been
setup for setup for users setup for setup for setup for
users. by reviewing users. users. users.
the dba_users
Determine if table with the Determine if Determine if Determine if
any UPDATE, System any UPDATE, any UPDATE, any UPDATE,
INSERT, or Administrator INSERT, or INSERT, or INSERT, or
DELETE and User DELETE DELETE DELETE
privileges have groups. privileges have privileges have privileges have
been assigned been assigned been assigned been assigned
by determining Determine if by by by
the aggregate any UPDATE,
privileges INSERT, determining determining determining
assigned to DELETE or the aggregate the aggregate the aggregate
user accounts. ALL privileges privileges privileges privileges
have been assigned to assigned to assigned to
For user assigned by user accounts. user accounts. user accounts.
accounts that
have been determining For user For user For user
assigned the aggregate accounts that accounts that accounts that
INSERT, privileges have been have been have been
UPDATE, or assigned to assigned assigned assigned
DELETE user accounts INSERT, INSERT, INSERT,
UPDATE, or UPDATE, or UPDATE, or
41 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
42 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
and the
manner in
which
excessive
privileges are
removed.
2.21 Use of The System Inquire from Inquire from Inquire from Inquire from Inquire from
Profiles Administrator Database/ Database/ Database/ Database/ Database/
will work in System System System System System
conjunction Administrator Administrator Administrator Administrator Administrator
with the how user how user how user how user how user
Database privileges are privileges are privileges are privileges are privileges are
Administrator assigned. assigned. assigned. assigned. assigned.
to develop Users should Users should Users should Users should Users should
profiles for be assigned be assigned be assigned be assigned be assigned
each type of access to access to access to access to access to
account and database database database database database
user. These based on pre- based on based on based on based on
profiles should configured preconfigured preconfigured preconfigured preconfigured
be configured group profiles. group profiles. group profiles. group profiles. group profiles.
so their Ensure that Ensure that Ensure that
assignment to Ensure that Review the profiles profiles profiles
an account will profiles dba_profiles enforce enforce enforce
correctly limit enforce table and segregation of segregation of segregation of
a user's segregation of verify that all duties. duties. duties.
session and duties. users' access
resource was granted
rights. The through
System profiles.
Administrator Ensure that
should assign profiles
an appropriate enforce
profile to every segregation of
account. duties.
2.22 User Exists User Exists 1. Examine N/ N/ N/ Common for N/ Common for
and evaluate A A A the following A the following
by interview exits is that exits is that
whether DB2 they are they are
exits important for important for
developed and the correct the correct
programmed processing of processing of
by the data and for data and for
organization the access to the access to
exist, and both data and both data and
whether such DB2. For DB2. For
exits have exits, which exits, which
43 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
44 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
4. If
documentation
/
production
implementatio
n information
shows that
changes have
been made to
locally
developed
DB2 exits and/
or the
DSN30ATH
and
DSN30SGN
modules,
source code to
such changes
should be
compared to
the active load
module (only
differences in
date are
acceptable.).
(See Appendix
Q:AMBLIST)
5. Examine
and evaluate
whether
source and
load libraries
have been
adequately
protected.
2.23 The START Internal 1. Examine 1. Examine 1. Examine 1. Examine Any start of 1. Examine Any start of
Command controls are in whether whether whether whether DB2 involves whether DB2 involves
place to guidelines guidelines guidelines guidelines a certain risk guidelines a certain risk
ensure that have been have been have been have been that approved have been that approved
audited DB established to established to established to established to and established to and
system is ensure that ensure that ensure that ensure that documented ensure that documented
started in individual DB individual DB individual DB individual DB DB2 startup individual DB DB2 startup
accordance systems can systems can systems can systems can parameters systems can parameters
with the only be started only be started only be started only be started are changed only be started are changed
organization’s in the pre- by authorized by authorized by authorized in a way that by authorized in a way that
policies and determined individuals individuals individuals is a threat to individuals is a threat to
45 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
procedures. MVS (test and (test and (test and the security (test and the security
These internal environment production production production and/ production and/
controls (test and separately). separately). separately). or integrity of separately). or integrity of
include but not production Evaluate the Evaluate the Evaluate the the DB2 Evaluate the the DB2
limited to separately). guidelines. guidelines. guidelines. system. guidelines. system.
restricted Evaluate the Furthermore, Furthermore,
access to guidelines. 2. Examine 2. Examine 2. Examine changes to 2. Examine changes to
material DB and evaluate and evaluate and evaluate the startup and evaluate the startup
commands 2. Examine whether it is whether it is whether it is parameters whether it is parameters
(start/ and evaluate possible to possible to possible to may result in possible to may result in
stop and whether it is start individual start individual start individual inadequacies/ start individual inadequacies/
others) or possible to DB systems DB systems DB systems gaps in the DB systems gaps in the
review of the start individual with different with different with different system’s with different system’s
DB DB systems parameter parameter parameter audit trail. parameter audit trail.
configuration with different sets, and if so, sets, and if so, sets, and if so, sets, and if so,
parameters parameter if guidelines if guidelines if guidelines if guidelines
against a sets, and if so, have been have been have been have been
defined if guidelines established for established for established for established for
baseline have been this. this. this. this.
configuration. established for
this. 3. Examine 3. Examine 3. Examine 3. Examine
and evaluate and evaluate and evaluate and evaluate
3. Examine whether the whether the whether the whether the
and evaluate possibility to possibility to possibility to possibility to
whether the override the override the override the override the
possibility to system system system system
override the parameters parameters parameters parameters
system during startup during startup during startup during startup
parameters is controlled, is controlled, is controlled, is controlled,
during startup including including including including
(- START whether whether whether whether
PARM(xxx)) is console console console console
controlled, access and access and access and access and
including commands are commands are commands are commands are
whether controlled. controlled. controlled. controlled.
console
access and 4. Review and 4. Review and 4. Review and 4. Review and
commands are evaluate the evaluate the evaluate the evaluate the
controlled (this parameters for parameters for parameters for parameters for
is normally individual DB individual DB individual DB individual DB
covered by the systems. The systems. The systems. The systems. The
MVS audit). parameters parameters parameters parameters
should be should be should be should be
4. Review and same for same for same for same for
evaluate the similar DB similar DB similar DB similar DB
parameters for systems. systems. systems. systems.
individual DB
systems
according to
SYS1.PARMLI
46 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
B (IEFSSNxx).
The
parameters
should be
same for
similar DB2
systems. (The
member
IEFSSNxx in
parmlib
contains an
entry for each
individual MVS
subsystem.)
2.24 Stopping DISPLAY Examine Examine Examine Examine If a DB2 Examine If a DB2
DB2 THREAD is whether whether whether whether system is whether system is
always precautions precautions precautions precautions closed while precautions closed while
performed, have been have been have been have been remaining have been remaining
and any made to made to made to made to THREADs made to THREADs
remaining ensure that ensure that ensure that ensure that exist, there is ensure that exist, there is
THREADs are DISPLAY DISPLAY DISPLAY DISPLAY a risk that DISPLAY a risk that
closed before THREADs is THREADs is THREADs are THREADs is data objects THREADs is data objects
stopping a DB always always always always may in the always may in the
system. performed and performed and performed and performed and worst case be performed and worst case be
that any that any that any that any left in an that any left in an
remaining remaining remaining remaining inconsistent remaining inconsistent
THREADs are THREADs are THREADs are THREADs are state. THREADs are state.
closed before closed before closed before closed before closed before
a DB2 system a DB system is a DB system is a DB system is a DB system is
is stopped stopped either stopped either stopped either stopped either
either in the in the form of in the form of in the form of in the form of
form of automated automated automated automated
automated routines or in routines or in routines or in routines or in
routines or in the form of a the form of a the form of a the form of a
the form of a procedure. procedure. procedure. procedure.
procedure. Evaluate if Evaluate if Evaluate if Evaluate if
Evaluate if these work these work these work these work
these work and are and are and are and are
and are observed. observed. observed. observed.
observed. Specifically Specifically Specifically Specifically
Specifically ensure that ensure that ensure that ensure that
ensure that stop stop stop stop
stop instructions instructions instructions instructions
instructions are are are are
are documented. documented. documented. documented.
documented.
47 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.25 Database Since the DB To verify that To verify that To verify that To verify that Anyone To verify that Anyone
Administration authorization the the the the creating a the creating a
ID used to organization’s organization’s organization’s organization’s database, or organization’s database, or
create a policies and policies and policies and policies and a table policies and a table
database or a procedures for procedures for procedures for procedures for automatically procedures for automatically
table in DB naming naming naming naming gains a naming gains a
implicitly gains standards, standards, standards, standards, number of standards, number of
an extensive ownership of ownership of ownership of ownership of extended ownership of extended
number of databases, databases, databases, databases, rights in databases, rights in
powerful rights tables and tables and tables and tables and relation to the tables and relation to the
and privileges objects are objects are objects are objects are object that is objects are object that is
as the owner adequate and adequate and adequate and adequate and created. adequate and created.
of the object, it that they are that they are that they are that they are Among these that they are Among these
is important observed. observed. observed. observed. rights is the observed. rights is the
that the possibility to possibility to
maintenance Anyone Anyone Anyone Anyone use the Anyone use the
of databases creating a creating a creating a creating a ‘GRANT’ creating a ‘GRANT’
and tables is database, database, database, database, command database, command
performed in table space or table space or table space or table space or and thereby table space or and thereby
accordance a table in DB2 a table a table a table pass on their a table pass on their
with a set of implicitly gains implicitly gains implicitly gains implicitly gains rights and implicitly gains rights and
formalized a number of a number of a number of a number of privileges to a number of privileges to
procedures extensive extensive extensive extensive other DB2 extensive other DB2
and rights and rights and rights and rights and user IDs. It is rights and user IDs. It is
guidelines. privileges in privileges in privileges in privileges in therefore privileges in therefore
relation to this relation to this relation to this relation to this important relation to this important
object. object. object. object. procedures object. procedures
Subsequently, Subsequently, Subsequently, Subsequently, for creation Subsequently, for creation
these are very these are very these are very these are very and these are very and
difficult to difficult to difficult to difficult to maintenance difficult to maintenance
remove. remove. remove. remove. of objects are remove. of objects are
Therefore, the Therefore, the Therefore, the Therefore, the implemented Therefore, the implemented
auditor should auditor should auditor should auditor should in accordance auditor should in accordance
review and review and review and review and with the review and with the
evaluate evaluate evaluate evaluate organization’s evaluate organization’s
whether the whether the whether the whether the regulations. whether the regulations.
predetermined predetermined predetermined predetermined predetermined
DB2 user IDs DB user IDs DB user IDs DB user IDs DB user IDs
are used when are used when are used when are used when are used when
creating creating creating creating If this is not creating If this is not
databases and databases and databases and databases and implemented databases and implemented
tables. tables. tables. tables. consistently, tables. consistently,
the the
Review and Review and Review and Review and maintenance Review and maintenance
evaluate the evaluate the evaluate the evaluate the of DB2 is evaluate the of DB2 is
existing existing existing existing connected existing connected
procedures for procedures for procedures for procedures for with major procedures for with major
database database database database risks because database risks because
administration. administration. administration. administration. the security administration. the security
Are the Are the Are the Are the level is Are the level is
48 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
49 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
50 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.26 Operations The To evaluate Interview the Interview the Interview the The operation Interview the The operation
Planning operations the procedures appropriate appropriate appropriate planning is appropriate planning is
planning for production individual and individual and individual and often a part in individual and often a part in
should ensure implementatio request for request for request for the request for the
that the n of DB2 management management management segregation management segregation
production production authorization authorization authorization of duties of authorization of duties of
environment elements, to implement to implement to implement the to implement the
DB systems including BIND the database the database the database production the database production
and related of applications and related and related and related implementatio and related implementatio
applications to DB2 applications in applications in applications in n, which is applications in n, which is
and programs resources. It is the production the production the production needed to the production needed to
are defined important to be environment. environment. environment. ensure a environment. ensure a
such that the aware of all proper proper
connection software run production production
between the against DB2 environment. environment.
database and production Any Any
the tables, weaknesses weaknesses
applications is including any in this in this
ensured and “one-time function may function may
that only batches” for create create
approved error uncertainty uncertainty
databases and correction, about the about the
applications conversion, credibility of credibility of
are included in etc. Verify that both the date both the date
the production creation of/ and and
environment. changes to applications applications
DB2 elements in production. in production.
is performed in
accordance
with
predetermined
guidelines,
including
ensuring
proper
authorization
and
documentation
Verify that it is
checked prior
to production
implementatio
n that
application
programs can
only access
relevant DB2
data.
51 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
Evaluate
whether
guidelines are
up-to-date and
adequate, and
whether they
are sufficient
to ensure
stabile
processing
and
appropriate
use of DB2.
Review and
evaluate
CREATOR of
plans and
packages in
the production
environment.
CREATOR
should be an
approved DB2
authorization
ID. Common
practice is to
use a “non-
personal DB2
authorization
ID” by using
“set current
SQL-ID”. See:
Appendix I:
SQL
EXAMPLE:
Find
CREATOR in
the SYS-PLAN
table different
from
predetermined
CREATOR.
–Review and
evaluate plans
in the
production
environment
with
52 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
GRANTEE=P
UBLIC and
EXECUTEAU
TH=Y or G for
plans assigned
to batch
programs. This
should only
exist for really
harmless
programs.
See: Appendix
J: SQL
EXAMPLE:
Find plans
granted to
PUBLIC where
EXECUTEAU
TH is not
blank.
2.27 Access A number of To evaluate To evaluate To evaluate To evaluate Some of To evaluate Some of
Through end-user tools whether whether whether whether these utilities whether these utilities
Utilities exist that can unnoticed unnoticed unnoticed unnoticed have unnoticed have
be used for circumvention circumvention circumvention circumvention independent circumvention independent
data of the of the of the of the authorizations of the authorizations
processing in segregation of segregation of segregation of segregation of to DB2 and segregation of to DB2 and
the DB duties is duties is duties is duties is may, duties is may,
environment. possible possible possible possible therefore, possible therefore,
A deciding through the through the through the through the provide the through the provide the
factor for the use of utilities, use of utilities, use of utilities, use of utilities, user with use of utilities, user with
extent of this and whether and whether and whether and whether greater and whether greater
data access has access has access has access has authorizations access has authorizations
processing is been granted been granted been granted been granted than the user been granted than the user
which access in accordance in accordance in accordance in accordance would have in accordance would have
the individual with work with work with work with work had through with work had through
user has to the related needs. related needs. related needs. related needs. the normal related needs. the normal
data. For this security security
reason, it is Examine and Examine and Examine and Examine and administration Examine and administration
necessary for evaluate evaluate evaluate evaluate procedure. If evaluate procedure. If
the whether whether whether whether that is the whether that is the
administration various utilities various utilities various utilities various utilities case, the various utilities case, the
of access to have been have been have been have been administration have been administration
be effective protected protected protected protected of access to protected of access to
and well against against against against the utility against the utility
documented. unauthorized unauthorized unauthorized unauthorized should be unauthorized should be
Utilities is the use. use. use. use. evaluated. use. evaluated.
common term Examine Examine Examine Examine Examine
used to
53 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
54 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
1. COPY AND N/ N/ N/ N/
MERGECOPY A A A A
Determine
who has the
55 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
authority to run
these utilities
against the
particular
database. In
addition to the
person with
SYSADM
authority,
DBADM,
DBCTRL OR
DBMAINT
authority over
the particular
database the
utility can also
be run by
anyone who
has been
granted the
IMAGCOPY
privilege for
the database
containing the
table space
named. This
can be
determined
from the
IMAGCOPYA
UTH
parameter of
the
SYSDBAUTH
table in the
catalog.
Ensure that
this authority is
limited. Ensure
that back-up
image copies
are taken
regularly and
that
MERGECOPY
is used only
when required
for recovery
56 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
purposes.
2. LOAD
Determine
who has the
authority to
use this utility
to load data
into database
tables. In
addition to the
persons with
SYSADM
authority,
DBADM or
DBCTRL
authority over
the particular
database.
2.28 Physical The To evaluate To evaluate To evaluate To evaluate The risk that To evaluate The risk that
Data Set foundation for the security the security the security the security data can be the security data can be
DB databases precautions precautions precautions precautions read or precautions read or
is a number of that have been that have been that have been that have been manipulated that have been manipulated
data sets in taken with taken with taken with taken with outside DB2 taken with outside DB2
which data is regard to regard to regard to regard to is not very regard to is not very
placed under physical data physical data physical data physical data big. However, physical data big. However,
the control of sets used by sets used by sets used by sets used by the biggest sets used by the biggest
DB system DB2. the database. the database. the database. risk is that the the database. risk is that the
(these data data could be data could be
sets should be Determine Determine Determine Determine deleted or Determine deleted or
stored on a (through (through (through (through destroyed (through destroyed
different documentation documentation documentation documentation (intentionally documentation (intentionally
partition from / / / / or / or
database interview) the interview) the interview) the interview) the unintentionall interview) the unintentionall
files.) The data naming naming naming naming y). This risk is naming y). This risk is
is thus not standards for standards for standards for standards for material. standards for material.
directly the relevant the relevant the relevant the relevant the relevant
accessible data sets and data sets and data sets and data sets and data sets and
outside DB evaluate evaluate evaluate evaluate evaluate
and, thereby, whether the whether the whether the whether the whether the
the DB naming naming naming naming naming
authorization standards standards standards standards standards
system. provide for provide for provide for provide for provide for
adequate adequate adequate adequate adequate
RACF/ security. security. security. security.
ACF2 security.
Review DB Review DB Review DB Review DB
Review RACF/ profiles for profiles for profiles for profiles for
ACF2 profiles these data these data these data these data
57 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
for these data sets and sets and sets and sets and
sets and evaluate evaluate evaluate evaluate
evaluate whether the whether the whether the whether the
whether the profiles are profiles are profiles are profiles are
profiles are unambiguous unambiguous unambiguous unambiguous
unambiguous and sufficient. and sufficient. and sufficient. and sufficient.
and sufficient.
Review DB Review DB Review DB Review DB
Review RACF/ access lists for access lists for access lists for access lists for
ACF2 access these data these data these data these data
lists for these sets, and sets, and sets, and sets, and
data sets, and evaluate evaluate evaluate evaluate
evaluate whether all whether all whether all whether all
whether all given access given access given access given access
given access is relevant, is relevant, is relevant, is relevant,
is relevant, work related work related work related work related
work related and in and in and in and in
and in accordance accordance accordance accordance
accordance with the policy with the policy with the policy with the policy
with the policy for the area. for the area. for the area. for the area.
for the area. Only the DB Only the DB Only the DB Only the DB
Only the DB2 system’s own system’s own system’s own system’s own
system’s own DB user IDs DB user IDs DB user IDs DB user IDs
RACF/ should have should have should have should have
ACF2 user IDs access. access. access. access.
should have
access. The auditor The auditor The auditor The auditor
may choose to may choose to may choose to may choose to
The auditor select a select a select a select a
may choose to sample from a sample from a sample from a sample from a
select a DB system to DB system to DB system to DB system to
sample from a evaluate evaluate evaluate evaluate
DB2 system to whether the whether the whether the whether the
evaluate DB data sets DB data sets DB data sets DB data sets
whether the actually follow actually follow actually follow actually follow
DB2 data sets the naming the naming the naming the naming
actually follow standard. standard. standard. standard.
the naming
standard.
High-level
qualifier
appears from
the allocation
according to
SDSF.
Alternatively,
the prefix for
log data sets
for the
database can
58 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
be found in the
installation
information in
DSNZPARx,
member
DSNTIJUZ.
This includes
“CATALOG=x
yz”, where xyz
represents the
data set prefix.
Then ISPF
Utilities, 4
“Data Set List
Utility” can be
used to find
the relevant ds
names.
2.29 Access to Through SNA The objective The objective The objective The objective If rules and The objective If rules and
DB from networks and is to evaluate is to evaluate is to evaluate is to evaluate procedures is to evaluate procedures
Distributed VTAM, whether whether whether whether have not whether have not
Systems distributed procedures procedures procedures procedures been procedures been
systems such exist for exist for exist for exist for established exist for established
as AS/ granting granting granting granting for granting for
400 or central access from access from access from access from authorization access from authorization
systems at distributed distributed distributed distributed control of distributed control of
other data systems to the systems to the systems to the systems to the distributed systems to the distributed
centers can central DB2 central DB central DB central DB systems, the central DB systems, the
get access to systems, and systems, and systems, and systems, and many systems, and many
a central DB whether the whether the whether the whether the possible whether the possible
system if the access is access is access is access is combinations access is combinations
system granted in granted in granted in granted in result in a risk granted in result in a risk
configuration accordance accordance accordance accordance of losing track accordance of losing track
allows it. with with with with of which DB2 with of which DB2
regulations so regulations so regulations so regulations so systems have regulations so systems have
that no one that no one that no one that no one access to that no one access to
can gain can gain can gain can gain central DB2 can gain central DB2
unauthorized unauthorized unauthorized unauthorized systems and unauthorized systems and
access to the access to the access to the access to the which access to the which
central central central central authorizations central authorizations
systems. systems. systems. systems. individual systems. individual
users will get. users will get.
Review the Review the Review the Review the Review the
documentation documentation documentation documentation For example, documentation For example,
of the DB2 of the DB of the DB of the DB an AS/ of the DB an AS/
system to system to system to system to 400 system system to 400 system
evaluate evaluate evaluate evaluate may have a evaluate may have a
whether the whether the whether the whether the user defined whether the user defined
59 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
principles for principles for principles for principles for with the same principles for with the same
the access of the access of the access of the access of name as a the access of name as a
distributed distributed distributed distributed user in the distributed user in the
systems to the systems to the systems to the systems to the central systems to the central
DB2 system DB system are DB system are DB system are system, which DB system are system, which
are adequately adequately adequately adequately may have adequately may have
described, and described, and described, and described, and high described, and high
whether whether whether whether authorizations whether authorizations
guidelines for guidelines for guidelines for guidelines for (SYSADM or guidelines for (SYSADM or
this exist. this exist. this exist. this exist. similar) in the this exist. similar) in the
central central
The following 1. Understand system. The system. The
parameter and document AS/ AS/
should be set the policies 400 will 400 will
in the APPL and assume these assume these
definition of procedures authorizations authorizations
the DB2 which the when the when the
system in organization request is request is
SYS1.VTAML has sent to the sent to the
ST: established central central
around system system
q database links
SECACPT=AL unless the unless the
and database configuration configuration
READYV link security. anticipates anticipates
Review and Through this problem. this problem.
evaluate the inquiry of
contents of the management
SYSIBM.LUN personnel,
AMES table: data owners,
and database
q There should administrators,
be no dummy determine
entries (rows whether
without LU database links
name). have been
used, are
q The used, and/
specified LU or will be used
names should in the
be compared organization. If
to the database links
documentation are utilized,
to evaluate inquire the
how well they nature (roles,
correspond. responsibilities
Discrepancies , and scope) of
should be the
explained and administration
evaluated. functions
60 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
61 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
q DSNR 4. If outgoing N/ N/ N/
db2id.DIST database links A A A
where db2id is are employed,
the name of verify that
the central DBLINK_ENC
62 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
63 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
focus on the
need for such
a link.
2.30 The The objective The objective The objective The objective If the The objective If the
Documentation documentation is to evaluate is to evaluate is to evaluate is to evaluate documentatio is to evaluate documentatio
for the of the whether the whether the whether the whether the n is not whether the n is not
Configuration configuration, available available available available adequate, available adequate,
and Use of DB maintenance, documentation documentation documentation documentation available and documentation available and
operations and adheres to the adheres to the adheres to the adheres to the up to date, adheres to the up to date,
use of the DB standards; standards; standards; standards; there is a risk standards; there is a risk
system is whether it is whether it is whether it is whether it is of a whether it is of a
included as a complete, complete, complete, complete, dependency complete, dependency
part of the relevant, up to relevant, up to relevant, up to relevant, up toon individual relevant, up toon individual
other audit date; and date; and date; and date; and persons, of date; and persons, of
steps. whether it is whether it is whether it is whether it is operating whether it is operating
available to available to available to available to errors and of available to errors and of
In this section, the relevant the relevant the relevant the relevant degraded the relevant degraded
the focus staff. staff. staff. staff. stability of staff. stability of
should operations operations
primarily be on Examine the Examine the Examine the Examine the and, in the Examine the and, in the
whether the available available available available worst case, a available worst case, a
documentation documentation documentation documentation documentation risk of data documentation risk of data
: and evaluate and evaluate and evaluate and evaluate being and evaluate being
whether whether whether whether compromised whether compromised
q Adheres to operating, operating, operating, operating, operating,
the set or lost. or lost.
system, and system, and system, and system, and system, and
standards user user user user user
q Is complete, documentation documentation documentation documentation documentation
relevant and adheres to the adheres to the adheres to the adheres to the adheres to the
up to date standards of standards of standards of standards of standards of
the the the the the
q Is available organization. organization. organization. organization. organization.
and adequate
for those staff During the During the During the During the During the
groups who review, review, review, review, review,
need the attention attention attention attention attention
information. should be should be should be should be should be
given to given to given to given to given to
The whether the whether the whether the whether the whether the
documentation documentation documentation documentation documentation documentation
should is up-to-date, is up-to-date, is up-to-date, is up-to-date, is up-to-date,
include: adequate and adequate and adequate and adequate and adequate and
available to available to available to available to available to
q Operational those those those those those
documentation members of members of members of members of members of
staff who need staff who need staff who need staff who need staff who need
q User
it. The it. The it. The it. The it. The
documentation
documentation documentation documentation documentation documentation
64 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
q System should include: should include: should include: should include: should include:
documentation
q Description q Description q Description q Description q Description
q Test of the of the of the of the of the
documentation installation’s installation’s installation’s installation’s installation’s
use of RACF/ use of OS use of OS use of OS use of OS
ACF2 classes classes classes classes classes
q Written q Written q Written q Written q Written
guidelines for guidelines for guidelines for guidelines for guidelines for
assigning and assigning and assigning and assigning and assigning and
administrating administrating administrating administrating administrating
authorizations authorizations authorizations authorizations authorizations
q Description q Description q Description q Description q Description
of any EXIT of any of any of any of any
routines/ privileged privileged privileged privileged
programs routines/ routines/ routines/ routines/
programs programs programs programs
q Description
of change and q Description q Description q Description q Description
control of change and of change and of change and of change and
procedures control control control control
procedures procedures procedures procedures
q Description
of operating q Description q Description q Description q Description
procedures of operating of operating of operating of operating
procedures procedures procedures procedures
q User
manuals, q User q User q User q User
especially with manuals, manuals, manuals, manuals,
regard to especially with especially with especially with especially with
changes made regard to regard to regard to regard to
directly in DB2 changes made changes made changes made changes made
tables directly in DB directly in DB directly in DB directly in DB
tables. tables. tables. tables.
2.31 Logging The DB The objectives 1. Understand The objectives The objectives If all active The objectives If all active
Transactions system of the audit are and document of the audit are of the audit are log data sets of the audit are log data sets
immediately to evaluate policies, to evaluate to evaluate are filled to evaluate are filled
records all whether the procedures, whether the whether the without being whether the without being
changes to number of log standards, and number of log number of log copied to number of log copied to
data and other data sets guidance data sets data sets archive data data sets archive data
important defined is regarding defined is defined is sets, the DB2 defined is sets, the DB2
events in an sufficient to auditing within sufficient to sufficient to system and sufficient to system and
active log date ensure the Oracle ensure ensure all user ensure all user
set. When an uninterrupted database. If uninterrupted uninterrupted applications uninterrupted applications
active log data operations of management operations of operations of will stop. If operations of will stop. If
set is full, or if the DB2 chooses not to the DB the DB the log data the DB the log data
a special system, and use or rely on system, and system, and sets are system, and sets are
65 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
command is whether the Oracle whether the whether the incomplete or whether the incomplete or
issued to the log data sets database log data sets log data sets inadequately log data sets inadequately
database, the are adequately auditing to log are adequately are adequately secured, are adequately secured,
database protected use of system protected protected there is a risk protected there is a risk
copies the against loss privileges, no against loss against loss of loss of against loss of loss of
content of the and further testing and and date, if data is and date, if data is
log data set to destruction. is required for destruction. destruction. to be destruction. to be
an archive this control recreated recreated
data set on The following activity. Review the Review the after an error Review the after an error
disk or tape. parameters in current current or after being current or after being
DB uses the DSNZPARM 2. Verify that configuration configuration destroyed. configuration destroyed.
log for restart should be set the Audit trail of the logging of the logging of the logging
and recovery. for maximum is configured environment to environment to environment to
For example, security: correctly in the evaluate the evaluate the evaluate the
the logging database by reasonablenes reasonablenes reasonablenes
q obtaining a s of the s of the s of the
environment in TWOACVT=Y
DB2 is copy of settings. The settings. The settings. The
ES: INIT.ORA and number and number and number and
configured Determines
through ensuring that size of log size of log size of log
that dual the data sets data sets data sets
parameters in logging is
DSNZPARM. AUDIT_TRAIL should be should be should be
used. The two parameter is sufficient to sufficient to sufficient to
logs should be set to DB, OS, ensure that ensure that ensure that
on separate or TRUE. there is no risk there is no risk there is no risk
disk volumes. Further verify that the DB that the DB that the DB
q that the audit system will system will system will
TWOARCH=Y trail is active stop before the stop before the stop before the
ES: for all active current current current
Determines instances of archiving is archiving is archiving is
that two Oracle by completed. completed. completed.
archive copies issuing the The number of The number of The number of
are used. command active log data active log data active log data
"SHOW sets is sets is sets is
Review the PARAMETER determined by determined by determined by
current AUDIT" in how many how many how many
configuration SERVER data sets have data sets have data sets have
of the logging MANAGER. been created. been created. been created.
environment to Note whether
evaluate the the audit trail Write access Write access Write access
reasonablenes is set to OS or to both active to both active to both active
s of the DB. If the audit log data sets log data sets log data sets
settings. The trail is set to and archive and archive and archive
number and FALSE, no data should be data should be data should be
size of log further testing limited to the limited to the limited to the
data sets is required. DB system DB system DB system
should be This is an user ID. user ID. user ID.
sufficient to exception.
ensure that
there is no risk 3. To verify
that the
66 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
67 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
68 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
for
the oracle
home
directory.
Since each
operating
system is
unique, refer
to operating
system
documentation
for specific
information on
testing the
date and time
stamps for
files.
4. Corroborate
with the
database
administrator(s
) and security
administrator(s
) the extent
and use of
database
auditing
related to
system
privileges.
Specifically
identify all the
database
auditing
options set for
system
privilege
auditing by
reviewing
dba_priv_audit
_opts
table (where
user_name is
NULL)
69 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.32 Other Built into the The objectives The objectives The objectives The objectives If necessary The objectives If necessary
Activities and DB system is of the audit are of the audit are of the audit are of the audit are information is of the audit are information is
Statistics the possibility to evaluate to evaluate to evaluate to evaluate not logged to evaluate not logged
for various whether whether whether whether and stored, whether and stored,
forms of adequate adequate adequate adequate there is a risk adequate there is a risk
logging that logging of logging of logging of logging of of an logging of of an
should be events in the events in the events in the events in the inadequate events in the inadequate
used to DB2 system is DB system is DB system is DB system is audit train, DB system is audit train,
register performed and performed and performed and performed and and it may not performed and and it may not
security whether the whether the whether the whether the be possible to whether the be possible to
events and log is log is log is log is investigate log is investigate
information adequately adequately adequately adequately security adequately security
which could be protected. protected. protected. protected. events or protected. events or
of significance other other
to the audit Examine the Examine the Examine the Examine the significant Examine the significant
trail. Ensure extent of extent of extent of extent of incidents. extent of incidents.
that statistics and statistics and statistics and statistics and statistics and
appropriate log collection log collection log collection log collection log collection
security and compare and compare and compare and compare and compare
events are this to the this to the this to the this to the this to the
logged. system system system system system
documentation documentation documentation documentation documentation
and relevant and relevant and relevant and relevant and relevant
guidelines. guidelines. guidelines. guidelines. guidelines.
Discrepancies Discrepancies Discrepancies Discrepancies Discrepancies
should be should be should be should be should be
explained and explained and explained and explained and explained and
evaluated. evaluated. evaluated. evaluated. evaluated.
Since this type Since this type Since this type Since this type Since this type
of logging can of logging can of logging can of logging can of logging can
seriously affect seriously affect seriously affect seriously affect seriously affect
the the the the the
performance performance performance performance performance
of the DB2 of the DB of the DB of the DB of the DB
system, the system, the system, the system, the system, the
choice of choice of choice of choice of choice of
settings should settings should settings should settings should settings should
be based on be based on be based on be based on be based on
careful careful careful careful careful
evaluation. evaluation. evaluation. evaluation. evaluation.
The collection
is controlled
through the
following
parameters in
DSNZPARM
(described in
more detail in
6.3.1
70 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
Installation):
q SMFACCT
q SMFSTAT
q AUDITST
Verify via
member
SMFPRMxx in
SYS1.PARNLI
B that SMF
records 100,
101 and 102,
which all relate
to DB2, are
collected.
These records
should be
included in the
parameter
TYPE and
should not be
included in any
NOTYPE
parameter.
See Appendix
P: Example of
SMFPARM.
Verification
that SMF
information
cannot be
changed and
that it is
archived in
accordance
with
regulations is
usually
performed
during an MVS
audit.
2.33 Monitoring Built into the The objective The objective The objective The objective Inadequate The objective Inadequate
and Review DB system is of the audit is of the audit is of the audit is of the audit is review of the of the audit is review of the
the possibility to evaluate to evaluate to evaluate to evaluate DB2 system to evaluate DB2 system
for various whether the whether the whether the whether the functionality whether the functionality
71 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
forms for collected logs collected logs collected logs collected logs may result in collected logs may result in
logging which are are are are problems are problems
should be subsequently subsequently subsequently subsequently regarding subsequently regarding
used to used for used for used for used for security, used for security,
monitor realistic realistic realistic realistic functionality realistic functionality
system review/ review/ review/ review/ and operating review/ and operating
functionality monitoring. monitoring. monitoring. monitoring. stability not monitoring. stability not
and security being being
related events. Review Understand Review Review detected in Review detected in
system and document system system time. system time.
documentation company documentation documentation documentation
and relevant policies, and relevant and relevant A typical DB2 and relevant A typical DB2
procedures procedures, procedures procedures system procedures system
and evaluate standards, and evaluate and evaluate undergoes and evaluate undergoes
whether the and/ whether the whether the continuous whether the continuous
necessary or guidance necessary necessary change which necessary change which
monitoring and regarding monitoring and monitoring and usually has a monitoring and usually has a
review of periodic review review of review of potential review of potential
significant of security significant significant effect on significant effect on
information is violations. It information is information is performance, information is performance,
performed. It should be performed. It performed. It operating performed. It operating
should be described who should be should be stability and should be stability and
described who uses the described who described who security. described who security.
uses the collected uses the uses the These uses the These
collected registrations collected collected changes and collected changes and
registrations for what. registrations registrations their registrations their
for what. Corroborate for what. for what. consequence for what. consequence
the functioning s should s should
Special and Special Special appear from Special appear from
attention effectiveness attention attention the DB2 attention the DB2
should be of such should be should be system log, should be system log,
given to policies, given to given to and the log given to and the log
whether procedures, whether whether should be whether should be
continuous standards, and continuous continuous included in a continuous included in a
review is guidance review is review is continuous review is continuous
performed of through (a) performed of performed of performance performed of performance
security inquiry of security security evaluation of security evaluation of
related events, individuals related events, related events, the DB2 related events, the DB2
such as responsible for such as such as system. such as system.
activities database and activities activities activities
performed by security performed by performed by Since this performed by Since this
Privileged administration, Privileged Privileged logging can Privileged logging can
users, or and (b) users, or users, or be very users, or be very
access to reference to access to access to complex, and access to complex, and
sensitive data. client sensitive data. sensitive data. log review sensitive data. log review
documentation correspondin correspondin
of the gly difficult, gly difficult,
procedures the the
performed. monitoring monitoring
should be should be
72 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
2.34 Physical Physical The objectives The objectives The objectives The objectives If the The objectives If the
Security security is of the review of the review of the review of the review Information of the review Information
made up of a Systems of Systems of
73 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
remedy any remedy any remedy any remedy any remedy any
disruptions in disruptions in disruptions in disruptions in disruptions in
supply supply supply supply supply
(electricity, (electricity, (electricity, (electricity, (electricity,
telephony, telephony, telephony, telephony, telephony,
water). water). water). water). water).
Ask for a tour Ask for a tour Ask for a tour Ask for a tour Ask for a tour
of the location of the location of the location of the location of the location
where where where where where
individual individual individual individual individual
pieces of pieces of pieces of pieces of pieces of
hardware have hardware have hardware have hardware have hardware have
been placed been placed been placed been placed, been placed,
and ask for and ask for and ask for and ask for and ask for
74 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
75 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedures
Procedures Procedures Procedures Procedures Impact Impact
Objectives Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
CHANGE MANAGEMENT
1. Change To ensure a formally documented change • Determine if a change management process(es) exists and is formally
Management management process exists and is documented.
Documentation maintained to reflect the current process.
• Obtain a copy of the change management procedures and verify that they (at a
minimum) include:
− Accountability for managing and coordinating changes;
− The change management flow(s) within the organization;
− The change management responsibilities of each organizational function;
− The deliverables from each organizational component;
− Specific timetables for reviewing and scheduling planned changes;
− Specific timetables for the retention of historical records;
− The handling of all changes, including change back-outs;
− The circumstances when normal change management controls can be waived,
and the methodology to be followed in those situations (e.g., emergency).
2. Change Initiation To ensure change requests are properly • Verify a methodology is used for initiation and approval of changes.
and Approval initiated and approved.
• Ensure the request form includes (at a minimum) the following information:
− name of requester
− phone number and department
− requester's signature
− reason for change
76 Source: www.knowledgeleader.com
Control Objective Control Activity Audit Procedure Conclusion Signoff
• Evaluate the process used to control and monitor change requests (central
repository and aging mechanism).
3. Modification or Ensure code modification/ • Ensure all changes are applied to a copy of the latest production version of code.
Development development is performed in a segregated,
controlled environment (separate from quality • Verify code is modified/
assurance (QA) and production). developed in an area separate from testing/
quality assurance, and production.
• Determine if a version control process exists to ensure the correct module was
copied from production.
• Determine how the programmer is made aware of all the modules that need to be
changed.
4. Testing and To ensure changes made to applications/ • Verify code is tested in a segregated/
Acceptance systems are adequately tested before being controlled environment (a testing/
placed into a production environment. QA region which is separate from development and production).
• Determine a process exists to "freeze" code once migrated into the testing/
quality assurance environment. This ensures no further changes can be made to
the code while awaiting User acceptance.
• Determine to what extent the User is involved in the testing process (e.g.,
77 Source: www.knowledgeleader.com
Control Objective Control Activity Audit Procedure Conclusion Signoff
• Ensure the test results are reviewed and approved by the User. Verify the method
of User acceptance (e.g., verbal, written).
• Verify the existence of back-out procedures. These procedures should outline the
process used to back code out of the testing/
QA region, in the event the user does not approve the original changes and
additional modifications are necessary.
5. Implementation To ensure only authorized/ • Verify procedures exist to ensure the approved code from the test environment is
approved software is moved into production. the version moved into production.
• Verify the existence of back-out procedures. These procedures should outline the
process used to back code out of the production.5. Determine if a baseline of the
database application is updated and maintained after changes are made to the
database.6. Determine if a process exists to reconcile changes. Verify who
performs this process and how often the process takes place.
6. Non-Emergency To verify changes are properly authorized • Select a sample of non-emergency changes (application/
Changes and adhere to the established change control system) that have occurred during the period of review from the source program
methodology. library directory.
• Obtain a copy of the change reconciliation report. Verify evidence exists for the
review and reconciliation of changes.
7. Emergency Changes To ensure a process exists to control and • Determine if a process exists to control and supervise emergency changes.
supervise changes made in an emergency
situation. • Determine the use of emergency user ids. If emergency changes are made through
the use of emergency ids, ensure a process exists to enable and disable them (at a
78 Source: www.knowledgeleader.com
Control Objective Control Activity Audit Procedure Conclusion Signoff
• Ensure an audit trail exists of all emergency id usage and that it is independently
reviewed.
• Ensure back-out procedures exist. These procedures should outline the process
used to back code out of the production.
8. Security Patch To ensure that the latest security patch has • Based on a review of the DB system determine the last security update that was
Updates been installed. made to the system.
• Determine from the OEM what the latest security update was.
• Confirm with the DB Administrator if the latest security patch has been installed and
if not, why it has not been installed.
Monitoring
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
Ensure Continuity
79 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
3.2 Data Backup Procedures "1. Obtain and "1. Obtain and "1. Obtain and "1. Obtain and "1. Obtain and
exist to ensure review the review the review the review the review the
that backups policies and policies and policies and policies and policies and
of data and procedures procedures procedures procedures procedures
programs are addressing addressing addressing addressing addressing
performed, data backups, data backups, data backups, data backups, data backups,
stored in an tape retention tape retention tape retention tape retention tape retention
appropriate period and off- period and off- period and off- period and off- period and off-
onsite/ site tape site tape site tape site tape site tape
offsite storage. storage. storage. storage. storage.
location. Ensure that Ensure that Ensure that Ensure that Ensure that
Onsite/ the the the the the
offsite documented documented documented documented documented
locations are policies and policies and policies and policies and policies and
adequately procedures procedures procedures procedures procedures
safeguarded adequately adequately adequately adequately adequately
from address the address the address the address the address the
unauthorized data backups, data backups, data backups, data backups, data backups,
personnel. tape retention tape retention tape retention tape retention tape retention
and off-site and off-site and off-site and off-site and off-site
tape storage tape storage tape storage tape storage tape storage
requirements. requirements. requirements. requirements. requirements.
In addition, In addition, In addition, In addition, In addition,
ensure that ensure that ensure that ensure that ensure that
policies and policies and policies and policies and policies and
procedures procedures procedures procedures procedures
are up to date are up to date are up to date are up to date are up to date
to reflect to reflect to reflect to reflect with to reflect
current current current current current
environment. environment. environment. environment. environment.
80 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
81 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
daily updates daily updates daily updates daily updates daily updates
determines determines determines determines determines
what what what what what
combination of combination of combination of combination of combination of
the two forms the two forms the two forms the two forms the two forms
of imagecopy of imagecopy of imagecopy of imagecopy of imagecopy
should be should be should be should be should be
used. used. used. used. used.
3. Interview 3. Interview 3. Interview 3. Interview 3. Interview
the the the the the
appropriate appropriate appropriate appropriate appropriate
individual to individual to individual to individual to individual to
determine if determine if determine if determine if determine if
backup tapes backup tapes backup tapes backup tapes backup tapes
are rotated to are rotated to are rotated to are rotated to are rotated to
off-site off-site off-site off-site off-site
location. location. location. location. location.
4. Ensure that 4. Ensure that 4. Ensure that 4. Ensure that 4. Ensure that
all changes to all changes to all changes to all changes to all changes to
the backup the backup the backup the backup the backup
schedules are schedules are schedules are schedules are schedules are
controlled controlled controlled controlled controlled
through a through a through a through a through a
formal change formal change formal change formal change formal change
control control
process. control control process. control
process. process. process.
5. Ensure that 5. Examine
the DSNTIJUZ 5. Examine 5. Examine and evaluate 5. Examine
job that builds and evaluate and evaluate whether log and evaluate
the whether log whether log tapes are whether log
DSNZPARM is tapes are tapes are moved from tapes are
protected. moved from moved from the computer moved from
the computer the computer room to a the computer
6. Examine room to a room to a secure room to a
and evaluate secure secure location (such secure
whether log location (such location (such as a fireproof location (such
tapes are as a fireproof as a fireproof vault or an as a
moved from vault or an vault or an archive in a
the computer archive in a archive in a fireproof vault
different or an archive
room to a different different building) in
secure building) in building) in in a different
accordance building) in
location (such accordance accordance with
as a fireproof with with accordance
predetermined with
vault or an predetermined predetermined guidelines (for
archive in a guidelines guidelines predetermined
instance, when guidelines
different they are full or
building) in (for instance, (for instance,
82 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
accordance when they are when they are at regular (for instance,
with full or at full or at intervals), and when they are
predetermined regular regular that they are full or at
guidelines (for intervals), and intervals), and retained at regular
instance, when that they are that they are least for a intervals), and
they are full or retained at retained at period which that they are
at regular least for a least for a covers the retained at
intervals), and period which period which time back to least for a
that they are covers the covers the the last period which
retained at time back to time back to imagecopy. covers the
least for a the last the last time back to
period which imagecopy. imagecopy. 6. Examine the last
covers the whether it is imagecopy.
6. Examine 6. Examine continuously/
time back to whether it is whether it is periodically 6. Examine
the last continuously/ continuously checked that whether it is
imagecopy. / backup copies continuously/
periodically periodically are complete
7. Examine checked that checked that and readable periodically
whether it is backup copies backup copies and evaluate checked that
continuously/ are complete are complete these checks." backup copies
periodically and readable and readable are complete
checked that and evaluate and evaluate and readable
backup copies these checks." these checks." and evaluate
are complete these checks."
and readable
and evaluate
these checks."
"Determine if
archiving
procedures
have been
defined and
implemented
for data and
re-do logs:
7 Obtained
current archive
log setting at
the PRD
database by
executing the
following at
Server
Manager
(SVRMGR):
SVRMGR>
83 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
ARCHIVE
LOG LIST
Here is a
sample of the
return value:
Database log
mode Archive
Mode
Automatic
archival
Enabled
Archive
destination/
oracle/
PRD/
saparch/
PRDarch
Oldest online
log sequence
30879
Next log
sequence to
archive 30882
Current log
sequence
30882
Review the
output, and
make sure that
‘database log
mode’ is
‘archive
mode’,
indicating
archive mode
is turned on. In
addition,
ensure that
‘automatic
archival’ is
‘enabled’,
indicating that
re-do logs are
automatically
84 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
copied to the
‘archive
destination’
once it is filled.
If any of these
two are not
turned,
communicate
with DBA and
obtain the
rationale why it
is not turned
on.
Review the
‘archive
destination’
and ensure
that the
archive logs
are written to a
separate disk
from re-do
logs.
8. Review the
‘alert_<SID>.lo
g’ file for the
PRD
database. This
file includes all
parameters
that the
instance read
when it was
started. If the
following
shows up in
the
alert_<SID>.lo
g at the start of
the db, it
indicates that
archiving
mode was
turned since
the start of the
instance.
85 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
log_archive_st
art = TRUE
log_archive_d
est =/
oracle/
PRD/
saparch/
PRDarch"
3.3 Contingency There is a risk "The objective "The objective "The objective "The objective "The objective
Plans that recovery of the audit is of the audit is of the audit is of the audit is of the audit is
of data may to examine: to examine: to examine: to examine: to examine:
take
disproportionat Whether Whether Whether Whether Whether
ely long time, procedures procedures procedures procedures procedures
or in the worst and guidelines and guidelines and guidelines and guidelines and guidelines
case, that for recovery of for recovery of for recovery of for recovery of for recovery of
recovery is DB2 systems DB systems in DB systems in DB systems in DB systems in
impossible, if in case of case of case of case of case of
documented disruptions or disruptions or disruptions or disruptions or disruptions or
and tested disasters exist. disasters exist. disasters exist. disasters exist. disasters exist.
plans for Whether Whether Whether Whether Whether
recovery of DB descriptions descriptions descriptions descriptions descriptions
data do not intended to aid intended to aid intended to aid intended to aid intended to aid
exist. in the restore in the restore in the restore in the restore in the restore
of libraries and of libraries and of libraries and of libraries and of libraries and
data exist on data exist on data exist on data exist on data exist on
in external in external in external in external in external
archive. archive. archive. archive. archive.
Whether Whether Whether Whether Whether
regular testing regular testing regular testing regular testing regular testing
of the of the of the of the of the
contingency contingency contingency contingency contingency
plans is plans is plans is plans is plans is
performed. performed. performed. performed. performed.
Evaluate the Evaluate the Evaluate the Evaluate the Evaluate the
procedures in procedures in procedures in procedures in procedures in
the the the the the
contingency contingency contingency contingency contingency
plans/ plans/ plans/ plans/ plans/
emergency emergency emergency emergency emergency
procedures for procedures for procedures for procedures for procedures for
the recovery of the recovery of the recovery of the recovery of the recovery of
DB2 systems DB systems DB systems DB systems DB systems
and data and and data and and data and and data and and data and
examine examine examine examine examine
86 Source: www.knowledgeleader.com
Conclusion
Conclusion
Conclusion
Conclusion
Conclusion
Audit
Signoff
Signoff
Signoff
Signoff
Signoff
Audit Audit Audit Audit
Control Control Procedure
Procedure Procedure Procedure Procedure Impact Impact
Objective Activity (Oracle
(DB2) (Oracle) (SYBASE) (Progress)
RDB7)
whether these whether these whether these whether these whether these
have been have been have been have been have been
tested in tested in tested in tested in tested in
accordance accordance accordance accordance accordance
with with with with with
predetermined predetermined predetermined predetermined predetermined
requirements. requirements. requirements. requirements. requirements.
Examine and Examine and Examine and Examine and Examine and
evaluate evaluate evaluate evaluate evaluate
whether whether whether whether whether
reports have reports have reports have reports have reports have
been made in been made in been made in been made in been made in
connection connection connection connection connection
with testing of with testing of with testing of with testing of with testing of
the the the the the
contingency contingency contingency contingency contingency
plans and, if plans and, if plans and, if plans and, if plans and, if
so, whether so, whether so, whether so, whether so, whether
the relevant the relevant the relevant the relevant the relevant
departments departments departments departments departments
have reviewed have reviewed have reviewed have reviewed have reviewed
the reports." the reports." the reports." the reports." the reports."
Sample
Database Platform Number of Instances Sample Size Selection Criteria Sample Database Name(s)
DB2 # # # Mainframe
# AIX
Oracle 8i # # # Windows
Sybase # # # Windows
87 Source: www.knowledgeleader.com
SOX 404 Applications
Database Platform Number of Instances Sample Size Selection Criteria Sample Database Name(s)
Progress # # # AIX
# Mainframe
# #
88 Source: www.knowledgeleader.com