Auditing Databases

In this chapter we discuss auditing the lockboxes of company information. We will discuss how to conduct audits on the following components that affect the operational security of your data stores:

•   Database permissions

•   Operating system security

•   Password strength and management features

•   Activity monitoring

•   Database encryption

•   Database vulnerabilities, integrity, and the patching process


The term database typically refers to a relational database management system (RDBMS). Database management systems (DBMS) maintain data records and their relationships, or indexes, in tables. Relationships can be created and maintained across and among the data and tables.

The more generic term ...

Get IT Auditing Using Controls to Protect Information Assets, Third Edition, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.