AUC Report Sample | Fortinet FortiDB specification


SOX Report Specifics	Abnormal or Unauthorized Changes to Data Report (AUC)

Abnormal or Unauthorized Changes to Data Report (AUC)

AUC Report Sample

COBIT Objectives and Setup Requirements

Objective		FortiDB MA Module
Number(s)	Objective Description	Setup Requirement

AI2.3	Unauthorized changes to data by non-application1	UBM: Object policies,
	accounts are tracked and reviewed by IT	since this will focus on
	Management on a quarterly basis.	data changes in specific
		tables containing financial
		information.

1.Non-application accounts have User IDs that belong to individual users. Application accounts have User IDs as well but they are not typically associated with individual users.

Report Body Columns

The following columns are displayed in the report body:

Column	Description

User ID	The ID of the database user that conducted the flagged activity.

Object	The name and owner of the database object that was directly manipulated by
	the flagged activity

Time Stamp	The exact time the flagged activity was conducted.

Terminal Name	The terminal IP address or name.

Origin Application	The name, or other identifier, for the originating application, if the activity
	originated from an external application or from an application server.

Action Type	The type of action successfully enacted by the User ID.

	Note: By default, all actions are considered unauthorized. If you want, for
	example, to only mark UPDATEs as unauthorized actions, use an Action Type
	filter in the Settings dialog in order to filter out the other action types You can also
	distinguish (un)authorized users by defining a User ID filter in the Settings dialog.

FortiDB Version 3.2 Utilities	User Guide
15-32000-81369-20081219	45

Image 47

Fortinet FortiDB manual Abnormal or Unauthorized Changes to Data Report AUC, AUC Report Sample

Contents

Utilities User Guide Trademarks FortiDB Utilities User Guide Table of Contents Index FortiDB MA Utilities Selecting Addresses for Auto-Discovery Auto Discovery Results from Auto-Discovery Selecting Non-Standard Ports for Auto-Discovery Discovered Database Information Populating Connection Form MS-SQL MS-SQL Connection Summary Button Connection Summary Output Connection Summary Rule Chaining Rule Chaining Setting Screen Rule Chaining Chaining with Parameterized User-Defined Rules General Pudr Steps Parameterized User-Defined Rule Flow Diagram Validating the Pudr before Saving Disabled Parameter Checkboxes Example of Chaining to a PL/SQL-based Pudr Item Setting for Session Policy Policy Settings for Suspicious Login Time Immediate Resulting Killed Session Table Columns That Could Appear in AlertsChained-Rule Alerts UBM Session Policy and Pudr DB Example Multiple Source-Rule-Violation Behavior Rule Chaining Alert Report Manager Setting a Report ScheduleSetting a Timer-based Schedule Deleting a Timer Schedule Deleting a Previously Set Timer ScheduleSetting a Calendar-based Schedule Setting a Timer-Based Schedule Setting a Randomized Interval Setting a Combined ScheduleSetting a Randomized Interval Setting a Calendar-Based Schedule ARM Reporting by Time ARM Reporting by Time Calendar Pop-up Reporting by TimeEnabling Email Recipients Specifying Report Parameters New Reports Menu New Report Setting Screen top New Report Setting Screen bottom Using the Select Checkbox to Affect Multiple Reports Saved and Enabled Report View Reports Dropdown List on Current Reports Screen Activating ARMRunning and Analyzing Reports Status Menu Status Dialog Summary-Action Output Types Current Report ConfigurationReport Summary Action Choosing Summary Report Action Report Size Archiving Reports Report Detailed ActionLimitation Custom Reports Using This FeatureCustom Reports Scheduling Time-only Schedule Settings Daily Schedule Settings Customer and Company Information Weekly Schedule SettingsMonthly Schedule Settings Custom Reports Main Report and Template Generation and ManagementCompany Information Dialog Adding a Report Adding ReportsModifying Reports Deleting a Report Deleting ReportsModifying a Report Modifying Report Templates Templates Manager Modifying a Template Generating ReportsReport Result Generated Html Report Example Report History Report History Property Purpose Possible Values Default Licensing and AdministrationUser Administration for Custom Reports and SOX Reports Reports radio button on the User Administration screen Limitations Property Purpose Possible Values Default1 SOX Reports within Custom Reports Manager SOX Compliance Reports Report Name Acronym General Setup InstructionsReports and Acronyms Common Report Header Fields HPC Report Sample Cobit Objectives and Setup RequirementsHistory of Privilege Changes Report HPC Report Body Columns AUC Report Sample Abnormal or Unauthorized Changes to Data Report AUC AUS Report Sample Abnormal Use of Service Accounts Report AUS ATD Report Sample Abnormal Termination of Database Activity Report ATD EPA Report Sample End of Period Adjustments Report EPASettings Dialog for the EPA Report Assumptions Case VAS Report Sample Verification of Audit Settings Report VAS Report Size Licensing and AdministrationArchiving Reports Verification of Audit Settings Report VAS Index