There are times when an organization needs to capture audit information when a user views certain information. Examples of these scenarios include:
A user is under investigation or disciplinary action, and supervisors need to find out what information the user has been looking at.
Although VIP accounts may be protected from users by account security, supervisors and fraud investigators may still want to know who has been trying to look for forms or other records with a given criteria.
Sometimes information about a taxpayer is leaked to the newspaper. For example "Town Councilman Smith didn't pay his taxes on time for the last n years". Supervisors want to know who has recently viewed Councilman Smith's tax returns.
The audit information captured includes:
What - the specific record that was viewed.
Who - the user viewing the record.
Where the user performed the inquiry - which portal, zone or page was used.
How - which search criteria the user entered for a specific query.
For more on the information provided for the audited records, see Inquiry Audit Query.
As part of implementing inquiry audit, you will need to decide which portals, zones and pages require inquiry audit. The following section describes how to configure inquiry audit based on how the page or portal is implemented.
Contents
Copyright © 2011, Oracle and/or its affiliates. All rights reserved.