Database Activity Monitoring (DAM) policies : PCI, SOX, and HIPAA alert policies
PCI, SOX, and HIPAA alert policies
Regulatory compliance policies record all types of database activities and store the data in the FortiDB repository. You can use these policies to generate the following compliance reports:
Sarbanes-Oxley (SOX)
Payment Card Industry Data Security Standard (PCI DSS)
HIPAA (Health Insurance Portability and Accountability Act)
You cannot create these types of policies, but you can change the configuration of the pre-defined metadata policies.
For details about compliance reports, see “PCI, SOX, and HIPAA reports”.
To view regulatory compliances policies:
1. Go to Policy > DAM Alert Policies.
2. Select the policy type from the View dropdown.
For example, select PCI Policies.
For Oracle databases, if the Security Alerts pages does not display alerts generated by regulatory compliance policies as expected, you can run a script that can fix the problem. See “Configuring an Oracle database for PCI, SOX, and HIPAA policies”.
See also
Configuring PCI, SOX and HIPAA policies
Selecting which tables FortiDB tracks for PCI, SOX and HIPAA reports (Object Audit Options)
Select users to audit for PCI and SOX reports (User Audit Options)