DB2 Audit Management Expert for z/OS

Sarbanes-Oxley and other regulations have placed a heavy technical burden on IT staff to fulfill auditors’ requests for views of data. Auditors must track, analyze and report on the status of legal and regulatory compliance efforts. Until now, there has been no easy way for auditors to access the data they need, other than relying on the IT department.

IBM has changed the game with DB2® Audit Management Expert, giving auditors, security administrators and database administrators (DBAs) the capabilities they need to deliver accurate, timely data and reports for use in auditing activities.

• Selectively audits inserts, updates, deletes, and reads of DB2 systems

• Provides views of all reported activity on specific DB2 objects (such as read, change, and z/OS utility access)

• Collects trace data in an audit repository, and then views, analyzes and generates reports on the data

• Does not require auditors to log into DB2 and does not permit them to directly manipulate any DB2 resource

• Supports an easy to use interface for both auditors, DBAs, and security administrators allowing them to work together to deliver accurate data for use in audit activity

• Allows an authorized auditor to investigate an exposure by reviewing what data has been changed in the system

• Offers a user-friendly administration interface that enables DB2 AME administrators to easily define DB2 AME entities such as users, groups and collection criteria

For auditing DB2 in a z/OS environment DB2 Audit Management Expert also lets you:

• View all DML SQL statements and their host variables allowing the user to identify the actual row that was accessed

• Take advantage of a Data Capture Facility that provides controllable, time-unlimited data capture without DB2 trace dependency or limitations
  - Captures SQL statements (dynamic & static)
  - Captures the host variable values
  - Shares collector/overhead with DB2 Query Monitor

Program Number:
DB2 Audit Management Expert for z/OS (5655-I16)