Could you share how you established processes that are facilitating the usage of Oracle Audit Vault?
After we have a monitoring tool in place with all audit policies, alerts defined, how do we use the information that we get to satisfy control requirements?
I am wondering how to design a process that will ensure that all alerts that are generated are followed up and have valid justification for the actions that triggered them (considering the alerts are triggered by critical actions).
I am in the role of auditor and I recieve (especially during maintenance) hundreds of alerts, even though they are optimized to a good extend. THis obviously makes it pointless to go and close the alsers (set different status) and even add comments in them, to demonstrate that alerts are addressed and followed up.
I appreciate your help!