A database audit is a database security control involving several monitoring aspects. It allows administrators to control access, know who is using the database and what users are doing with the database. Auditing is done to prevent database theft and also to keep users from messing up the database code. Some of the monitoring aspects involved in a database audit include identifying users, logging actions performed on the database and checking database changes. A database audit is rarely performed by a person; it is more often handled by a program.
A variety of users access databases associated with businesses or large websites on a daily basis. These users are able to see the data and perform high- or low-level changes to the information based on their access level, and they can store the data in other programs. Without any form of protection, the risk of data theft is very high, because no user could be implicated if any information were stolen.
When a database audit program is installed, this program creates a trail that watches all the users. One basic form of protection is that the audit identifies all users and watches what each user does. Low-level functions normally are not monitored. This is because the functions do not present a threat and because these functions are performed so regularly that the auditing program may be overwhelmed by the amount of data it has to monitor.
Along with knowing what the user is doing, the auditing program will log actions performed on the database. For example, whenever a user performs a large database change, the auditing program will watch the user and show that the user made the change. The database audit may be set to activate whenever a high-level action is performed, so there is no chance the action is missed by the audit.
These database audits, unless the database is especially small with a few users accessing it, is rarely performed by a person. This is because a person cannot check all of the changes or identify all the users without a high potential of inaccuracy. A program also ensures only potentially threatening or damaging changes are logged.
While theft is the main reason for performing a database audit, it is not the only reason. When the database is changed, an incorrectly coded section can corrupt all database information. With high-level actions such as this logged, the auditor can assign blame to the user who performed the change and appropriate actions can be taken.