Using Audit Vault with Oracle E-Business Suite
By Steven Chan - EBS-Oracle on Jul 14, 2011
- Sarbanes-Oxley (SOX) Act
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry (PCI) Data Security Standards (DSS)
From the Oracle Audit Vault FAQ:
Audit Vault extracts audit records produced by the database's native audit facility so no special certification is required by the application since it is transparent. Any packaged application such as Oracle E-Business Suite, PSFT, Siebel, and SAP work seamlessly with Audit Vault to collect the native audit records.
E-Business Suite suggests that auditing and monitoring of privileged users, user sessions, database links, and database changes is a key element in monitoring and securing your applications. Please see Metalink Note 189367.1. Audit Vault supports all versions of E-Business Suite that sit on top of Oracle database versions 9.2.x forward.
In addition, the Oracle database column, client_identifier, can be used to pass the end application user to the native audit record. E-Business Suite updates client_identifier automatically starting with version 12 of the application, PeopleTools starting with 8.50, and SAP kernal version starting with 7.10. The client_identifier value can be used in the Audit Vault reports to view the application user, OS user, and database connection user information for forensic analysis.
No special setups required for EBS
In other words, you can use Audit Vault's generic documentation for E-Business Suite databases. No special EBS-specific documentation or setups are required to enable Audit Vault in EBS instances.
- 11gR2 18.104.22.168 Database Certified with E-Business Suite
- TDE Tablespace Encryption 22.214.171.124 Certified with E-Business Suite
- Using SecureFiles with E-Business Suite Databases