Chapter 4:

Security Part II:

Auditing Database
Systems
Auditing, Hall, 4e

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Learning Objectives

o Understand the operational problems inherent in the flat-file

approach to data management that gave rise to the database
approach.
o Understand the relationships among the fundamental
component's of the database concept.
o Recognize the defining characteristics of three database
models: hierarchical, network, and relational.
o Understand the operational features and associated risks of
deploying centralized, partitioned, and replicated database
models in the DDP environment.
o Be familiar with the audit objectives and procedures used to test
data management controls.
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Flat-File
Approach
o Associated with large, older legacy systems still in use today.
o Promotes a single-user view approach where end users own
rather than share data files.
o Separate data sets for each user leads to data redundancy
which causes problems with:
o Data storage: Commonly used data duplicated multiple times within
the organization.
o Data updating: Changes must be made separately for each user. If
updating fails problem of currency of information with users having
outdated information.
o Task-data dependency: Users cannot obtain additional information
as needs change.
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Flat-File Model

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Database
Approach
o Access to the data resource is controlled by a
database management system (DBMS).
o Centralizes organization’s data into a common database shared
by the user community.
o All users have access to data they need which may overcome
flat-file problems.
o Elimination of data storage problem: No data redundancy.
o Elimination of data updating problem: Single update procedure
eliminates currency of information problem.
o Elimination of task-data dependency problem: Users only
constrained by legitimacy of access needs.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Database Model

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Elements of the Database Concept

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 DBMS Features and Data Definition
Language

o Program Development – Applications may be created

by programmers and end users.
o Backup and Recovery - Copies made during
processing.
o Database Usage Reporting - Captures statistics on
database usage (who, when, etc.).
o Database Access - Authorizes access to sections of the
database.
o Data definition language used to define the database to the
DBMS on three levels (views).

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Database Views

o Internal view/ Physical view: Physical arrangement of records

in the database.
o Describes structures of data records, linkage between files and
physical arrangement and sequence of records in a file. Only
one internal view.
o Conceptual view/ Logical view (schema): Describes the entire
database logically and abstractly rather than physically. Only
one conceptual view.
o External view/ User view (subschema): Portion of
database each user views. May be many distinct users.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Data Manipulation
Language (DML)
o DML is the proprietary programming language that a
particular DBMS uses to retrieve, process, and store data to
/ from the database.
o Entire user programs may be written in the DML, or selected
DML commands can be inserted into universal programs,
such as COBOL and FORTRAN.
o Can be used to ‘patch’ third party applications to the DBMS

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Overview of DBMS Operation

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Informal Access: Query
Language

o Query is an ad hoc access methodology for

extracting information from a database.
o Users can access data via direct query which requires
no formal
application programs.
o IBM’s Structured Query Language (SQL) has emerged as the
standard query language.
o Query feature enhances ability to deal with problems that pop-
up
but poses an important control issue.
o Must ensure it is not used for unauthorized database access.
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Functions of the Database
Administrator (DBA)

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
Organizational Interaction of the
DBA

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 The Physical Database

o Lowest level and only one in physical form.

o Magnetic sports on metallic coated disks that create a
logical collection of files and records.
o Data structures are bricks and mortar of database.
o Allows records to be located, stored, and retrieved.
o Two components: organization and access methods.
o The organization of a file refers to way records are physically
arranged on the storage device - either sequential or random.
o Access methods are programs used to locate records and
to navigate through the database.
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Database Terminology

o Entity: Anything organization wants to capture data about.

o Record Type: Physical database representation of an entity.
o Occurrence: Related to the number of records of
represented by a particular record type.
o Attributes: Defines entities with values that vary (i.e. each
employee has a different name).
o Database: Set of record types that an organization needs
to support its business processes.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Associations

o Record types that constitute a database exist in relation to other

record types. Three basic record association:
o One-to-one: For every occurrence of Record Type X there is one (or
zero) of Record Type Y.
o One-to-many: For every occurrence of Record Type X, there are
zero,
one or many occurrences of Record Type Y.
o Many-to-many: For every occurrence of Record Types X and Y, there
are zero, one or many occurrences of Record Types Y and X,
respectively.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Record
Associations

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 The Hierarchical Model

o Basis of earliest DBAs and still in use today.

o Sets that describe relationship between two linked files.
o Each set contains a parent and a child.
o Files at the same level with the same parent are siblings.
o Tree structure with the highest level in the tree being the root segment
and the lowest file in a branch the leaf.
o Also called a navigational database.
o Usefulness of model is limited because no child record can have
more than one parent which leads to data redundancy.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Hierarchical Data Model

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 The Network Model

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 The Relational Model

o Difference between this and navigational models is the way data

associations are represented to the user.
o Relational model portrays data in two-dimensional tables with
attributes
across the top forming columns.
o Intersecting columns to form rows are tuples which are normalized
arrays of data similar to records in a flat-file system.
o Relations are formed by an attribute common to both tables in the
relation.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Data Integration in the
Relational Model

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Centralized Databases in a
Distributed Environment

o Data retained in a central location.

o Remote IT units send requests to central site which
processes requests and transmits data back to the
requesting IT units.
o Actual processing of performed at remote IT unit.
o Objective of database approach it to maintain data currency
with can be challenging.
o During processing, account balances pass through a state of
temporary inconsistency where values are incorrect.
o Database lockout procedures prevent multiple simultaneous
access to data preventing potential corruption.
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license
distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom use.
 Distributed Databases:
Partitioned Databases
o Splits central database into segments distributed to their primary
users.
o Advantages:
o Users’ control increased by having data stored at local sites.
o Improved transaction processing response time.
o Volume of transmitted data between IT units is reduced.
o Reduces potential data loss from a disaster.
o Works best for organizations that require minimal data sharing
among units.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license
distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom use.
 The Deadlock Phenomenon

o Occurs when multiple sites lock each other out of the database,
preventing each from processing its transactions.
o Transactions in a “wait” state until locks removed.
o Can result in transactions being incompletely processed and
database being corrupted.
o Deadlock is a permanent condition that must be resolved with
special software that analyzes and resolve conflicts.
o Usually involves terminating one or more transactions to complete
processing of the other in deadlock.
o Preempted transactions must be reinitiated.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 The Deadlock Condition

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Distributed Databases:
Replicated
o
Databases
Effective for situations with a high degree of data sharing, but no
primary user.
o Common data replicated at each site, reducing data traffic
between sites.
o Primary justification to support read-only queries.
o Problem is maintaining current versions of database at each
site.
o Since each IT unit processes its own transactions, common data
replicated at each site affected by different transactions and reflect
different values.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Concurrency Control

o Database concurrency is the presence of complete and

accurate data at all user sites.
o Designers need to employ methods to ensure transactions
processed at each site are accurately reflected in the databases
of all the other sites.
o Commonly used method is to serialize transactions which
involves labeling each transaction by two criteria:
o Special software groups transactions into classes to identify potential
conflicts.
o Second part of control is to time-stamp each transaction.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Database Distribution Methods
and the Accountant
o Many issues and trade-offs in distributing databases.
o Basic questions to be addressed:
o Centralized or distributed data?
o If distributed, replicated or partitioned?
o If replicated, total or partial replication?
o If partitioned, what is the allocation of the data segments among the
sites?
o Choices impact organization’s ability to maintain database
integrity, preserve audit trails, and have accurate records.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a license
distributed
with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom use.
 Controlling and Auditing Data
Management Systems

o Controls over data management systems fall into two categories.

o Access controls are designed to prevent unauthorized
individuals from viewing, retrieving, corrupting or destroying data.
o Backup controls ensure tat the organization can recover
its database in the event of data loss.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Access Controls

o User views (subschema) is a subset of the database that

defines user’s data domain and access.
o Database authorization table contains rules that limit user
actions.
o User-defined procedures allow users to create a personal
security
program or routine .
o Data encryption procedures protect sensitive data.
o Biometric devices such as fingerprints or retina prints control
access to the database.
o Inference controls should prevent users from inferring, through
query options, specific data values they are unauthorized to
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom

access.
use.
 Subschema Restricting
Access

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Audit Procedures for Testing
Database Access Controls

o Verify DBA personnel retain responsibility for authority tables and

designing user views.
o Select a sample of users and verify access privileges
are consistent with job description.
o Evaluate cost and benefits of biometric controls.
o Verify database query controls to prevent unauthorized
access
via inference.
o Verify sensitive data are properly encrypted.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Backup Controls in the
Database Environment
o Since data sharing is a fundamental objective of the database
approach, environment is vulnerable to damage from individual
users.
o Four needed backup and recovery features:
o Backup feature makes a periodic backup of entire database which is
stored in a secure, remote location.
o Transaction log provides an audit trail of all processed transactions.
o Checkpoint facility suspends all processing while system reconciles
transaction log and database change log against the database.
o Recovery module uses logs and backup files to restart the system
after a failure.
© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Backup of Direct Access
Files

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.
 Audit Procedures for Testing
Database Access Controls

o Verify backups are performed routinely and frequently.

o Backup policy should balance inconvenience of frequent activity
against
business disruption caused by system failure.
o Verify that automatic backup procedures are in place and
functioning and that copies of the database are stored off-site.

© 2016 Cengage Learning®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password-protected website or school-approved learning management system for classroom
use.