|Awarding Body:||IT Audit Training|
The course will address the security of the main types of relational database management systems, using a risk-based approach. Each risk will be considered in relation to each type of database, allowing RSM auditors to learn how the risk is addressed by the databases under consideration.
(Duration: 3 days)
Databases and their relationship to the host operating system
Database schemas and the risk of improper separation of access
Network access controls
Database login controls
Database administrators and privileged users
Object access permissions and how to audit the high-risk ones
Virtual Private Databases, Row-level security and their uses in enforcing separation of duties
Developing database auditing tools with scripting languages and SQL
The course will be presented in hands-on format for Windows, Oracle 9, 10g, 11g and SQL Server 2000/2005, structured around a series of audit risk areas. For each area, the course will describe the nature of the risk, any available controls and countermeasures, and the exposure if the controls are not implemented. A course manual in PowerPoint format will be provided, together with a detailed audit program, structured into risk areas to correspond with the course manual. Guidance will be provided on how to perform a ‘limited time’ review, indicating which areas in the audit programs should receive the highest priority.
For the ‘hands-on’ aspects of the course, students will be provided with a laptop containing VMWare images of Windows 2003R2 servers, Oracle and SQL Server databases, with full database administrator access.
The courses will be presented by our Senior IT Management Consultant, Steve Rimell
If you have any questions regarding this or any of our other courses please do not hesitate to contact us. You can send us a message by completing the following enquiry form.
Hi. I'm Mark Barnes one of the directors at BHBi.
Is there anything I can help you with? Perhaps you are keen to find out more about a course?
Thanks for your message or question.
I'll get back to your shortly. I look forward to chatting more with you.