By Muthuvel Arumugam-Oracle on Mar 24, 2014
In a recent Customer Connect webcast on "Auditing Capabilities in Oracle Applications Cloud" (presentation; replay), questions were raised on how the existing audit functions offered using the Applications Audit Framework (also known as the APPLCORE Audit Framework) can be leveraged to audit the read access or selects made on specific objects and/or entities. While the Applications Audit Framework captures the insert, update or delete operations (also known as DML operations) on Fusion Business Objects, the select and read accesses on these objects can be captured using Oracle Audit Vault.
Oracle Audit Vault is a separately licensed security product — certified for Fusion Applications — that gathers auditing information from remote databases and stores it in a single centralized warehouse database. It can help customers to comply with Sarbanes-Oxley (SOX) and other regulations, perform proactive monitoring and mitigate security risks.
Oracle Audit Vault can be of immense value for organizations when their IT policies demand tighter access control to the applications, especially in situations:
- When every database change must be captured
- When business objects, not addressed currently by Applications Audit Framework, need to be audited
- When read access and SELECT statements need to be audited
For more information on Oracle Audit Vault and its capabilities, please review the Oracle Audit Vault Datasheet (click here).