Syllabus
Schedule
Reading
Discussion
Project
Test
Resource
Tip

Summary of
Chapter 7 Database Auditing Models

  1. An audit examines, verifies and validates that documents, procedure, processes, operations, systems, and other activities comply with the original objectives.
  2. Auditing activities are performed as a part of an audit. The activities can be considered an auditors responsibility and incorporated into audit policies.
  3. The auditing environment consists of objectives, procedures, people, and audited entities.
  4. The database-auditing environment consists of objectives, procedures, people, audited entities, and database.
  5. The purpose of an auditing process is to make sure that the system is working and compiles with the policies, standard, regulation, and law set forth by the organization, the industry, or the government.
  6. Auditing objectives are established and incorporated as part of the development process of the audited entity, regardless of the nature of the audited entity
  7. Auditing has four main objectives- compliance, informing, planning, and executing.
  8. A staff member of a company conducts an internal audit.
  9. A party outside the company conducts an external audit.
  10. An automatic audit is prompted and performed automatically through a system process without human intervention. Automatic audits are mainly used for system and database systems.
  11. A manual audit is performed completely by humans. The audit team uses various method to obtain auditable information, including interviews, documents, and observations. They may even perform the tasks of the audited entity.
  12. A hybrid audit is simply a combination of automatic and manual audits.
  13. Excessive use of auditing can degrade the performance of the system.
  14. Simple auditing model 1 is an auditing repository for audited entities such as user, table, column, and action.
  15. A control column is placeholder for data that the applications insert automatically when a record is created or updated.
  16. Simple auditing model 2 is an auditing repository for column changes only.
  17. The advanced auditing model contains data stores to register all entities that can be audited.
  18. The advanced auditing model is referred to as fine grained.
  19. The historical data model stores the entire row in a HISTORY table, before it is changed or deleted.
  20. The historical model is used mainly by financial institutions.
  21. The auditing application actions model is repository for audited operations or actions performed by an application.