User Assessment Reports

A User Assessment job generates a report that helps you identify users that pose a risk to your target database. The report includes four charts and a table.

This article has the following topics:


The following charts are displayed at the top of a User Assessment report:
  • User Risk: Shows the number of users who are Critical Risk, High Risk, Medium Risk, and Low Risk.
    User Risk chart
  • User Roles: Compares the number of users with the DBA, DV Admin, and Audit Admin roles.
    User Roles chart
  • Last Password Change: Shows the number of users who have changed their passwords in the last 30 days, the last 30-90 days, and 90 days ago or more.
    Last Password Change chart
  • Last Login: Shows the percentage of users that signed in to the database within the last 24 hours, within the last week, within the current month, within the current year, and a year ago or more.
    Last Login chart


The table is displayed below the charts and contains the following information about each user in a target database:

  • User account name
  • Target database name
  • User type: Admin, Application, Privileged, Schema, or Non-privileged. A user with one or more of the following administrative privileges is classified as an Admin user: SYSDBA, SYSOPER, SYSASM, SYSBACKUP, SYSDG, or SYSKM. A privileged user is a user who is granted system and object privileges that classify the user as High or Very High risk.
  • A check mark if the user has the DBA, DV Admin, or Audit Admin role
  • Risk level: Low, Medium, High, and Critical
  • Date/time when the user last logged into the target database
  • Time duration since the user was created, for example, four months ago
  • Authentication method used by the user, for example, PASSWORD or NONE
  • Password profile used by the user, for example, DEFAULT
  • Date/time when the user's password was last changed
  • Link to the user's audit records

The following is an example table in a User Assessment report.

Table in a User Assessment report