Home
Maximum Availability Series
Automated Storage Management (ASM)
Data Guard
Dynamic Reconfiguration
Flashback
Grid Control
Online Redefinition
Real Application Clusters (RAC)
Resumable Transactions
DBA Series
11g New features for DBAs
Audit Vault
Disaster Prevention and RMAN
Managing Terabyte Databases
Oracle Security Workshop
Sarbanes-Oxley & HIPAA Compliance
Developer Series
11g New Features for Developers
Advanced Queuing and Streams
Array Processing and Bulk Binding
Exception Handling
Procedures, Functions, & Packages
Security and Fine Grained Access Control
SQL and PL/SQL Tuning
SwingBench Installation & Configuration
Triggers
Applications Series
E-Business Suite
Fusion Middleware Series
Oracle Application Server
Oracle Identity Management
Independent Classes
Interviewing and Hiring Oracle Pros
Oracle for DB2/UDB DBAs & Developers
Oracle for Informix DBAs & Developers
Oracle for SQL Server DBAs & Developers
Oracle for Sybase DBAs & Developers
UNIX, Linux and vi
Evening Workshops
Constraints
Exception Handling
Functions & Pipelined Table Functions
Interviewing
Linux and UNIX Skills
Loops Cursors and Array Processing
Materialized Views
Sarbanes-Oxley - HIPAA Compliance
Triggers
Tuning SQL and PL/SQL
Writing PL/SQL Packages
Writing Stored Procedures
|
|
Auditing,
Compliance, Governance, SarbOx PCI, GLB, HIPAA, FACTA, PIPEDA, Basel II
|
 |
Ten years ago security equated
with users having passwords. Auditing was a big deal, and
compliance was not even on the radar screen. Today we live
in a world where Sarbanes-Oxley, FACTA, HIPAA, PIPEDA, and
Basel II are spoken with fear and loathing and where we
all know that the only reason we "comply" is the
ignorance of our corporate leadership. Lets change that
before things become even worse.
|
Here's what we cover:
- The reality of what
compliance with these laws means
- The technologies that we
can use to achieve compliance
- Auditing SELECT
statements with Fine Grained Auditing
- Auditing the tools and
applications used to access the database
- Stopping non-compliant
access
|
|
The PSOUG's *NIX class is a
stand-alone class intended to help those whose experience
with computer operating systems is primarily, or only,
Windows learn to work with a real operating system. This 3
hour, hands-on, evening workshop is priced at only
$100/person.
|
|
Syllabus
|
| 5:45-6:00pm |
Introductions |
Join us for coffee
before class begins.
To attend a workshop you must register at least
one day in advance. |
| 6:00-7:00pm |
Discussion |
Compliance
Every country, every state, and even some
municipalities have their own rules. Our job is to
get something done while complying with all of
them.
This discussion
focuses on the major legal requirements, their
implications, and the various techniques that can
be used to create a compliant environment, audit
activities, and enforce governmental and business
rules. The discussion includes the use of
cryptography.
|
| 7:00-8:00pm |
Lab
1 |
Fine
Grained Auditing
Oracle added fine grained auditing to the 9i
database and enhanced it 10g
and 11g. This hands-on
lab teaches how to define application code from
business requirements and how to implement them
using the DBMS_FGA built-in package. |
| 8:00-9:00pm |
Lab
2 |
After
Logon Triggers
After logon system event triggers can be used
to monitor who logs on, what they access, when
they access it, the tool used, and to kill policy
violating sessions.
This hands-on
session teaches the skills required to build
System Event Triggers, and the user environment
variables and data dictionary objects that can be
used to verify compliance.
|
|
|
Instructors |
Jack Cline is the chairman of the Puget Sound Oracle Users Group and has done Oracle contract work in the Puget Sound area for the past 11 years including engagements at Boeing, Bank of America, King County, the City of Seattle, Puget Sound Energy, and the Seattle-King Country Department of Health. He is a frequent guest lecturer at the University of Washington's Oracle Certification Program.
Dan Morgan is an Oracle Ace Director, a 10g and 11g Beta
tester for Oracle, and the instructor of the Oracle program at the University of Washington
since its inception in 1999. He began his IT career in 1969 with an IBM 370/145,
punch cards, and Fortran IV, and though he will vigorously deny
it, wrote COBOL for a decade before moving into Oracle about when version 6 hit the market.
In addition to Dan's work at the university he is the Education
Chair of the Puget Sound Oracle Users Group, a member of UKOUG,
and a member of the British-American Chamber of Commerce in
Seattle. He is also a frequent lecturer at training events and
at conferences and has presented at Oracle OpenWorld on RAC
(2005), at Seattle OracleDay (2004-2007), at numerous government
and corporate training events including Apple Computer, Argonne
National Laboratory, Boeing Commercial Airplane Group, Dow Jones
& Company, Lawrence Livermore National Laboratory, NASA,
T-Mobile, US Navy at Pearl Harbor, and Weyerhaeuser to name but
a few and presented on Streams and Change Data Capture at UKOUG in 2006.
Dan Morgan is the Morgan behind the "Morgan's Library"
website
that contains the many demos he has created for his University
of Washington classes as well as for his frequent lectures. He
is the former publisher of MacTech Journal, has presented Oracle
technical lectures in the US, Canada, Great Britain, and
Japan. Morgan is also the author of this course.
Caleb Small is the primary instructor for the
Oracle Workforce Development program at Camosun College in
Victoria BC, and a private consultant with years of
experience implementing and teaching Oracle throughout
North America. He has over 30 years experience in the IT
industry in numerous business areas including both public
and private sectors.
Caleb is also active as a director of the Victoria and
Puget Sound Oracle User Groups, and has delivered numerous
lectures, presentations, live demos and articles to other
groups. He has authored and led many of the PSOUG
workshops including RAC, ASM, RMAN and Data Guard.
Caleb was one of the first people to build an 11g RAC
cluster and has been a primary consultant on RAC to
publicly held corporations including Areva T&D and
Montana Dakota Utilities (MDU).
|
|
