FortiDB 5.1.13 Admin Guide

PCI, SOX, and HIPAA alert policies

Regulatory compliance policies record all types of database activities and store the data in the FortiDB repository. You can use these policies to generate the following compliance reports:

• Sarbanes-Oxley (SOX)
• Payment Card Industry Data Security Standard (PCI DSS)
• HIPAA (Health Insurance Portability and Accountability Act)

You cannot create these types of policies, but you can change the configuration of the pre-defined metadata policies.

For details about compliance reports, see PCI, SOX, and HIPAA reports .

To view regulatory compliances policies:

1. Go to Policy > DAM Alert Policies.
2. Select the policy type from the View dropdown.

   For example, select PCI Policies.

For Oracle databases, if the Security Alerts pages does not display alerts generated by regulatory compliance policies as expected, you can run a script that can fix the problem. See Configuring an Oracle database for PCI, SOX, and HIPAA alert policies.

See also

• Configuring PCI, SOX and HIPAA policies
• Selecting which tables tracks for PCI, SOX and HIPAA reports (Object Audit Options)
• Select users to audit for PCI and SOX reports (User Audit Options)