Reports : PCI, SOX, and HIPAA reports : Report: Abnormal Use of Service Accounts
 
Report: Abnormal Use of Service Accounts
This report identifies the use of service accounts and the associated transaction origins. For example: The use of a service account from an origin other than the application server would be identified. The report should be reviewed and commented on by IT Management on a weekly basis.
COBIT objectives
This report is designed to meet the following COBIT objectives:
Objective Number
Description
DS5.3
Database transactions from unauthorized sources are tracked and reviewed by IT Management on a weekly basis
Setup requirements
Sox Abnormal Use of Service Accounts policy: Object Audit Options and/or User Audit Options
Report columns
The following columns are displayed in the report body.
Columns
Description
User ID
The ID of the database user that conducted the flagged activity
Terminal
The terminal IP address or name
Originating Application
The name, or other identifier, for the originating application, if the activity originated from an external application or from an application server
Number of Actions
The number of actions attempted by the account associated with the User ID
Timestamp
The exact time the flagged activity was conducted
See also
General steps for generating PCI, SOX, and HIPAA reports