Regardless of any regulations you are required to meet you can implement a security and audit scheme that will cover you for most, if not all, eventualities. Having good security and auditability should be desirable regardless of regulations. It protects your business.

In parts 1 and 2, I covered the security side of it. So what do I mean by Audit? Well, auditing is knowing what’s going on in your environment. Future research requirements, accountability, error correction, etc are all covered by audit.

So how does Oracle implement audit? There are several ways you can do it: Standard Audit, Fine Grained Audit and Trigger Based Audit.