Search Results

Search found 707 results on 29 pages for 'audit'.

Page 3/29 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Oracle Tutor: Document Audit and Maintenance

    - by Emily Chorba
    Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman","serif";} Perhaps the most critical phase in the process of documenting policies and procedure -- and the greatest challenge to owners -- is the maintenance of published documents. Documents must reflect current practice and they must be accurate. The most effective way to ensure this is through the regular audit of documents. In the Tutor environment, a Document Owner must audit each of his/her documents once every 6 to 12 months to verify that the document reflects actual practice. If it does not, the document is updated or employees are retrained (depending on the nature of the discrepancy). If a document update is required, the Tutor system enables the owner to modify and redistribute the document within one work day. This is possible because: Documents contain a minimum of detail, thereby reducing the edits. Document format and structure are simple, so changes are easy to identify The Tutor Author software tool enables the Document Owner or the Document Administrator to update the file quickly. The Document Administrator verifies the document format and integration, publishes the document, and distributes it to all affected employees, thereby freeing the Document Owner of the more tedious tasks. Learn More For more information about Tutor, visit Oracle.Com or the Tutor Blog. Post your questions at the Tutor Forum. Emily Chorba Principle Product Manager Oracle Tutor & UPK

    Read the article

  • Limiting Audit Exposure and Managing Risk – Q&A and Follow-Up Conversation

    - by Tanu Sood
    Thanks to all who attended the live ISACA webcast on Limiting Audit Exposure and Managing Risk with Metrics-Driven Identity Analytics. We were really fortunate to have Don Sparks from ISACA moderate the webcast featuring Stuart Lincoln, Vice President, IT P&L Client Services, BNP Paribas, North America and Neil Gandhi, Principal Product Manager, Oracle Identity Analytics. Stuart’s insights given the team’s role in providing IT for P&L Client Services and his tremendous experience in identity management and establishing sustainable compliance programs were true value-add at yesterday’s webcast. And if you are a healthcare organization looking to solve your compliance and security challenges, we recommend you join us for a live webcast on Tuesday, November 29 at 10 am PT. The webcast will feature experts from Kaiser Permanente, PricewaterhouseCoopers and Oracle and the focus of the discussion will be around the compliance challenges a healthcare organization faces and best practices for tackling those. Here are the details: Healthcare IT News Webcast: Managing Risk and Enforcing Compliance in Healthcare with Identity Analytics Tuesday, November 29, 201110:00 a.m. PT / 1:00 p.m. ET Register Today The ISACA webcast replay is now available on-demand and the slides are also available for download. Since we didn’t have time to address all the questions we received during the live Q&A portion of the webcast, we have captured responses to the remaining questions here. Please continue to provide us your feedback and insights from your experience in deploying identity compliance solutions. Q. Can you please clarify the mechanism utilized to populate the Identity Warehouse from each individual application's access management function / files? A. Oracle Identity Analytics (OIA) supports direct imports from applications. Data collection is based on Extract, Transform and Load (ETL) that eliminates the need to write connectors to different applications. Oracle Identity Analytics’ import engine supports complex entitlement feeds saved as either text files or XML. The imports can be scheduled on a periodic basis or triggered as needed. If the applications are synchronized with a user provisioning solution like Oracle Identity Manager, Oracle Identity Analytics has a seamless integration to pull in data from Oracle Identity Manager. Q.  Can you provide a short summary of the new features in your latest release of Oracle Identity Analytics? A. Oracle recently announced availability of enhanced Oracle Identity Analytics. This release focused on easing the certification process by offering risk analytics driven certification, advanced certification screens, business centric views and significant improvement in performance including 3X faster data imports, 3X faster certification campaign generation and advanced auto-certification features, that  will allow organizations to improve user productivity by up to 80%. Closed-loop risk feedback and IT policy monitoring with Oracle Identity Manager, a leading user provisioning solution, allows for more accurate certification reviews. And, OIA's improved performance enables customers to scale compliance initiatives supporting millions of user entitlements across thousands of applications, whether on premise or in the cloud, without compromising speed or integrity. Q. Will ISACA grant a CPE credit for attending this ISACA-sponsored webinar today? A. From ISACA: Hello and thank you for your interest in the 2011 ISACA Webinar Program!  Unfortunately, there are no CPEs offered for this program, archived or live.  We will be looking into the feasibility of offering them in the future.  Q. Would you be able to use this to help manage licenses for software? That is to say - could it track software that is not used by a user, thus eliminating the software license? A. OIA’s integration with Oracle Identity Manager, a leading user provisioning solution, allows organizations to detect ghost accounts or unused accounts via account reconciliation. Based on company’s policies, this could trigger an automated workflow for account deletion or asking for further investigation. Closed-loop feedback between the two solutions would then allow visibility into the complete audit trail of when the account was detected, the action taken, by whom, when and the current status. Q. We have quarterly attestations and .xls mechanisms are not working. Once the identity data is correlated in Identity Analytics, do you then automate access certification? A. OIA’s identity warehouse analyzes and correlates identity data across various resources that allows OIA to determine a user’s risk profile, who the access review request should go to, along with all the relevant access details of the user. The access certification manager gets notification on what to review, when and the relevant data is presented in a business friendly screen. Based on the result of the access certification process, actions are triggered and results recorded and archived. Access review managers have visual risk indicators that also allow them to prioritize access certification tasks and efforts. Q. How does Oracle Identity Analytics work with Cloud Security? A. For enterprises looking to build their own cloud(s), Oracle offers a set of security services that cloud developers can leverage including Oracle Identity Analytics.  For enterprises looking to manage their compliance requirements but without hosting those in-house and instead having a hosting provider offer managed Identity Management services to the organizations, Oracle Identity Analytics can be leveraged much the same way as you’d in an on-premise (within the enterprise) environment. In fact, organizations today are leveraging Oracle Identity Analytics to manage identity compliance in both these ways. Q. Would you recommend this as a cost effective solution for a smaller organization with @ 2,500 users? A. The key return-on-investment (ROI) on Oracle Identity Analytics is derived from automating compliance processes thereby eliminating administrative overhead, minimizing errors, maintaining cost- and time-effective sustainable compliance processes and minimizing audit exposures and penalties.  Of course, there are other tangible benefits that are derived from an Oracle Identity Analytics implementation as outlined in the webcast. For a quantitative analysis of your requirements and potential ROI calculation, we recommend you refer to the Forrester Study on Total Economic Impact of Oracle Identity Analytics. For an in-person discussion, please email Richard Caldwell.

    Read the article

  • Unable to start auditd

    - by George Reith
    I am on CentOS 5.8 final I recently installed auditd via yum install audit however I am unable to start it. I edited the configuration file to give a verbose output of the error it is recieving in starting up and this is the output: # service auditd start Starting auditd: Config file /etc/audit/auditd.conf opened for parsing log_file_parser called with: /var/log/audit/audit.log log_format_parser called with: RAW log_group_parser called with: root priority_boost_parser called with: 4 flush_parser called with: INCREMENTAL freq_parser called with: 20 num_logs_parser called with: 4 qos_parser called with: lossy dispatch_parser called with: /sbin/audispd name_format_parser called with: NONE max_log_size_parser called with: 5 max_log_size_action_parser called with: ROTATE space_left_parser called with: 75 space_action_parser called with: SYSLOG action_mail_acct_parser called with: root admin_space_left_parser called with: 50 admin_space_left_action_parser called with: SUSPEND disk_full_action_parser called with: SUSPEND disk_error_action_parser called with: SUSPEND tcp_listen_queue_parser called with: 5 tcp_max_per_addr_parser called with: 1 tcp_client_max_idle_parser called with: 0 enable_krb5_parser called with: no GSSAPI support is not enabled, ignoring value at line 30 krb5_principal_parser called with: auditd GSSAPI support is not enabled, ignoring value at line 31 Started dispatcher: /sbin/audispd pid: 3097 type=DAEMON_START msg=audit(1339336882.187:9205): auditd start, ver=1.8 format=raw kernel=2.6.32-042stab056.8 auid=4294967295 pid=3095 res=success config_manager init complete Error setting audit daemon pid (Connection refused) type=DAEMON_ABORT msg=audit(1339336882.189:9206): auditd error halt, auid=4294967295 pid=3095 res=failed Unable to set audit pid, exiting The audit daemon is exiting. Error setting audit daemon pid (Connection refused) [FAILED] The only information I can find online is that this may be due to SELinux, however SELinux is giving me problems of it's own. No matter what I do it appears to be disabled (I want to enable it). The configuration is set to enforced and the server has been rebooted many a time however sestatus still returns SELinux status: disabled. Can anyone shine some light on this problem? EDIT: I don't know if it is related but I noticed the following message appearing in my /var/log/messages Jun 10 16:25:22 s1 iscsid: iSCSI logger with pid=2056 started! Jun 10 16:25:22 s1 iscsid: Missing or Invalid version from /sys/module/scsi_transport_iscsi/version. Make sure a up to date scsi_transport_iscsi module is loaded and a up todate version of iscsid is running. Exiting... I try to start the iSCSI daemon myself (I have not a clue what it does; I am a linux newbie) and I get the following error: Starting iSCSI daemon: FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory FATAL: Could not load /lib/modules/2.6.32-042stab056.8/modules.dep: No such file or directory [FAILED] If I go to /lib/modules/ I notice the directory exists but is completely empty.

    Read the article

  • Cookies Audit help

    - by Gino
    Someone can explain to me what is the purpose of these cookies? I'm doing a cookies audit and I didn't find anything on the web Domain: google.com(google maps), Name: NID Domain: google.com(google maps), Name: SNID Domain: google.com(google maps), Name: khcookie Domain: google.com(google maps), Name: PREF and Domain: tripadvisor.com, Name: ServerPool Domain: tripadvisor.com, Name: TAReturnTo Domain: tripadvisor.com, Name: TAUnique Domain: tripadvisor.com, Name: v1st Thank you very much, Gino

    Read the article

  • Regularly Audit Your Website to Apply Improved SEO Techniques

    An SEO audit report helps you understand your exact search engine results position internet. It offers you complete review of the website's SEO history, present performance and suggestions for future growth. On analyzing your existing SEO process it renders you with efficient services to gain top organic search engine rankings.

    Read the article

  • Cannot delete audit logs with sudo

    - by DazSlayer
    I am using auditctl to log all commands run on my Ubuntu system and I working on a script that parses the log into a more readable format. Since these logs tend to become very large, I want to periodically delete the logs. I found that by running sudo rm /var/log/audit/* I would get rm: cannot remove `/var/log/audit/*': No such file or directory however by running sudo su rm /var/log/audit/* The logs would be deleted without any problem. What could be the cause of this?

    Read the article

  • Audit success in event log from not administrator IP - is that immediately a hack success indicator?

    - by Valentin Kuzub
    I checked event log today and between mass of failed audit events I found some successes which originated from not my country. However they look a little weird and no process is specified, while when I logon using RDP it says winlogon.exe I am wondering whether that means my system was compromised or there are good variants and it doesnt mean its all that bad. I am using a VPS solution if thats useful.

    Read the article

  • How to audit a specific folder in Windows Server 2003?

    - by saint
    We have had several cases of file deletion in one of our windows file servers. Server is also a domain controller. Unfortunately we kept the auditing disabled completely due it being such a resource hog. So I was wondering If there is a way to audit a specific folder for a specific security group, for just file and folder deletions within the specified folder. Also is there a recommended third party application for auditing or monitoring. Many Thanks.

    Read the article

  • How to Add Policy-based Audit Compliance to you existing MySQL applications

    - by Rob Young
    As a follow up to an earlier blog on the subject, please join us today at 0900 US PT to learn how to easily add policy-based auditing compliance to your existing MySQL applications.  This brief, informative session will provide an overview of the new MySQL Enterprise Audit plugin and will include a simple, practical step-by-step "how to" approach to get up and running with the new functionality. You can learn more and secure your seat for the presentation here.  Thanks for your continued support of MySQL!

    Read the article

  • How do I audit CD/DVD tray opening events in Windows 7?

    - by MetaHyperBolic
    Since installing Windows 7, the entire office has experienced random CD tray openings, sometimes while we are in the office, sometimes not. On my PC, I have two disc-reading devices, but only the top one ever slides open. I have found nothing in the event logs to that looks appropriate, even going to them right after I saw my own tray slide open all by itself. Although it's not hurting anything (that I can tell), I'd like to know what is going on. To that end, are there any useful ways to audit these events?

    Read the article

  • Extend base type and automatically update audit information on Entity

    - by Nix
    I have an entity model that has audit information on every table (50+ tables) CreateDate CreateUser UpdateDate UpdateUser Currently we are programatically updating audit information. Ex: if(changed){ entity.UpdatedOn = DateTime.Now; entity.UpdatedBy = Environment.UserName; context.SaveChanges(); } But I am looking for a more automated solution. During save changes, if an entity is created/updated I would like to automatically update these fields before sending them to the database for storage. Any suggestion on how i could do this? I would prefer to not do any reflection, so using a text template is not out of the question. A solution has been proposed to override SaveChanges and do it there, but in order to achieve this i would either have to use reflection (in which I don't want to do ) or derive a base class. Assuming i go down this route how would I achieve this? For example EXAMPLE_DB_TABLE CODE NAME --Audit Tables CREATE_DATE CREATE_USER UPDATE_DATE UPDATE_USER And if i create a base class public abstract class IUpdatable{ public virtual DateTime CreateDate {set;} public virtual string CreateUser { set;} public virtual DateTime UpdateDate { set;} public virtual string UpdateUser { set;} } The end goal is to be able to do something like... public overrride void SaveChanges(){ //Go through state manager and update audit infromation //FOREACH changed entity in state manager if(entity is IUpdatable){ //If state is created... update create audit. //if state is updated... update update audit } } But I am not sure how I go about generating the code that would extend the interface.

    Read the article

  • AutoAudit 1.10c

    - by Paul Nielsen
    AutoAudit is a free SQL Server (2005, 2008) Code-Gen utility that creates Audit Trail Triggers with: · Created, Modified, and RowVersion (incrementing INT) columns to table · Creates View to reconstruct deleted rows · Creates UDF to reconstruct Row History · Schema Audit Trigger to track schema changes · Re-code-gens triggers when Alter Table changes the table Version 1.10c Adds: · Createdby and ModifiedBy columns. Pass the user to the column and AutoAudit records that username instead of the Suser_Sname...(read more)

    Read the article

  • How would you audit ASP.NET Membership tables, while recording what user made the changes?

    - by Pete
    Using a trigger-based approach to audit logging, I am recording the history of changes made to tables in the database. The approach I'm using (with a static sql server login) to record which user made the change involves running a stored procedure at the outset of each database connection. The triggers use this username when recording the audit rows. (The triggers are provided by the product OmniAudit.) However, the ASP.NET Membership tables are accessed primarily through the Membership API. I need to pass in the current user's identity when the Membership API opens its database connection. I tried subclassing MembershipProvider but I cannot access the underlying database connection. It seems like this would be a common problem. Does anyone know of any hooks we can access when the ASP.NET Membership makes its database connection?

    Read the article

  • What tool or scripts do you use to audit a Linux box?

    - by Sharjeel Sayed
    I use the following tools for my auditing needs A) System Auditing and Hardening (One time) 1) Linux Security Auditing Tool (Security centric,Text based output ) 2) Dmidecode ( Retrieves info from BIOS ) 3) Systeminfo ( Generates a nice html report) 4) Syssumm (Inactive since Oct 2000) 5) Rootkit Hunter (Does a basic config check in addition to rootkit checks) 6) CIS benchmarks 7) Bastille ( Interactive hardening and a security scoring tool) B) Automatic Auditing (as a cron job or a service) 1) Logwatch 2) Psad C) Remote Auditing 1) Nmap (Port scanning) 2) Nessus ( Remote Vulnerability check) D) Wikipedia 1) System profiler Any other tools/scripts which you can recommend?

    Read the article

  • Configuring SQL Server Audit Logging with Powershell

    - by Jonathan Kehayias
    One of the standard configuration options that I set on all SQL Server installs is to log Failed Login Attempts to the SQL Server Error Log.  I recently inherited an environment that this option wasn’t standardized across all of the servers and needed to configure it for multiple servers in a scripted manner.  There are a couple of ways to handle this kind of task.  First I could log on to every server in SSMS, open the Server Properties, and set the option on the Security sheet for...(read more)

    Read the article

  • File audit in Linux: how to watch directory tree for deletions?

    - by FractalizeR
    Hello. I have a forum script running on server and somehow small number of attachments begin to get lost. I want to find out what is deleting them and at what time. How can I setup Linux auditd (auditctl) to watch directory tree (attachments are stored inside multi-level directory tree) to watch for file deletions there? May be I should use some other tool for this?

    Read the article

  • ACL tool for audit of Ubuntu production servers

    - by migrator
    In my production environment, I have close to 10 Ubuntu 12.04 Servers and I want to get the list of users from them. I am looking for some kind of script or tool (non-gui) to get the same. Yes, I can get the list from /etc/passwd and /etc/groups files but it would be good to have a tool or script to do this due to the following reasons. I have right now 10 systems in Ubuntu and 30 systems in Windows 2003. I am recommending my organization and IT to move all the systems to Ubuntu except the one running MS SQL server We do not have good Ubuntu admins with us and they should not mess up with the system if I give some manual commands I also need to find out date of creation of user, group, password standards like strength, expiry etc Please help me as I want to automate the process and get the list on weekly basis from IT team. Thanks in advance.

    Read the article

  • Audit Windows Server/Desktop Product Key usage

    - by neildeadman
    The company I work for has a fairly big domain of Windows Desktops and Servers. We also have standalone servers that are remote to our site but we have direct access to. We need to audit our license usage across all Windows machines (including some VMs). I have tried a few products downloaded, but the key returned is not the one used during installation. I have one product that gives the last 5 characters correctly but needs to be installed so its not really suitable. I also have tried some PowerShell scripts one of which is here Ideally I am looking for one that can be used over a network and if possible can audit Office keys too. I've just tried Jelly Bean and some other product key tools that all return BBBBB-BBBBB-BBBBB-BBBB-BBBBB as the product key.

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >