Compliance Frameworks & the Oracle Database Lifecycle Management Pack
Hi,
In the EM12c documentation there is mention of industry/regulatory compliance frameworks such as PCI, NIST, COBIT and CIS as well as an Oracle Generic Compliance framework. We are trying to find out exactly which standards/rules are included the Oracle Generic Compliance framework, but we don't have access to an EM12c instance right now, so we were wondering if are they listed anywhere?
We are trying to figure out if checks such as the following are included out-of-the-box:
* ensuring that ARCHIVELOG is enabled
* DB_BLOCK_CHECKSUM is set to one of the following values: TRUE, TYPICAL or FULL
* for Data Warehouse(DWH) make sure the DB_FILE_MULTIBLOCK_READ_COUNT initialization parameter is explicitly set to 1MB / blocksize
* Ensures redo log files are multiplexed and members of each group are on separate disks.
* Verify that there are no invalid objects owned by SYS or SYSTEM.
* checks for other DB parameters etc.
Many thanks for your help.
Regards.
Indy