Viewing 10 posts - 1 through 10 (of 10 total)
Again, being an auditor who does SAS 70's all the time, I will again say there is no "database compliance program" specified in the AICPA's guide to performing a SAS...
March 21, 2009 at 6:52 pm
No standard including SOX, RFR/fact, sas 70, hipaa, pci, MA 201 etc. Provide guidance on implementation. At the end of the day you dbas know your systems and...
December 26, 2008 at 2:59 pm
Depends completely on the objectives of the audit
December 26, 2008 at 9:26 am
have you tried sp_helprotect?
July 17, 2007 at 2:47 pm
A.J.
- Absolutely awesome programming -
Any suggestions on making it such that I am not actually creating a database object and having to leave it on the server? My goal...
May 29, 2007 at 1:41 pm
I believe you need to grant 'exec any' to the users fixed server ID. I believe you need to enable some of those stored procedures, such as xp_cmdshell in...
May 16, 2007 at 4:41 pm
Basically, if the users have no server logins, they can't connect to data. You need a server level login thats linked to a sql login to connect to the...
May 16, 2007 at 6:46 am
You don't need server permissions. If TCP/IP is enabled, SQL has listening ports (1443, i think) that you can point your ODBC driver to and use access to update...
May 16, 2007 at 6:45 am
Having been through this about a billion times, I would say the suggestions the folks above have given is are very good. SQL Security is tough to get right...
May 16, 2007 at 6:41 am
are those SQL logins mapped to an server level login which uses Windows authentication? If so, you'll never need the password for the sql database level login. Correct me if I...
May 15, 2007 at 8:45 am
Viewing 10 posts - 1 through 10 (of 10 total)