I'm a database security engineer and quite unfamiliar with SAP.
From the viewpoint of SOX/IT control, I just wonder if there is any necessity to audit Oracle database using Oracle's auditing features (audit_trail=db/os).
Privileged Oracle users can login to the database bypassing SAP application. In addition, they may be able to change any financial data by executing DML commands directly.
Is such scenario realistic?
I'd like your opinions.
Thanks in advance,