SQL Server Performance Forum – Threads Archive

Sarbanes Oxley & SQL

I’m an System administrator, (SA) and I’ve been charged with developing a paper that clearly illustrates separation of duties between an SA and a DBA. Currently, the organization that I am a part of does not have adequate separation of these roles thereby making it very easy for an SA to use tools such as SQL Enterprise Manager to manipulate records within a database and for a DBA to perform operating system commands enabling him to cover his tracks. Can anyone direct me to a source that might help me develop the separation of duties we will need to satisfy Sarbanes Oxley requirements? Thanks in advance. Neil… [?]

---

I haven’t seen such stone carvings defining the seperation of roles between a system adminstrator and a DBA. I feel DBA should be involved in all the aspects of Sys.Admin role in order to define a strict security measures on the database, Sys.admin’s role is more on the operating system level and a DBA is on SQL Server side. http://www4.dogus.edu.tr/bim/bil_kay/dbase/mssql65dba/ch02.htm is a relevant link about the roles. HTH Satya SKJ
Moderator
http://www.SQL-Server-Performance.Com/forum
This posting is provided “AS IS” with no rights for the sake of knowledge sharing.

---

Thank you, this is a good start. NT

---

in sqlservercentral, there is special forum for Sarbanes Oxley
http://www.sqlservercentral.com/forums/messages.aspx?forumid=161

---

]]>