So a few years back there was this whole big issue with public companies not reporting the financials accurately. I am sure many of us remember this. There were a number of companies involved and well the end result was that these companies made it look like they were doing better then what they were. When the truth came to light the stock plummeted, and a lot of people who were invested ended up losing a lot of money, in some cases life savings.
Because of this a new Act was passed, more or less (and I am not a lawyer) this Act makes the CEO and the CFO of public companies responsible personally if there is an issue with the books not being done right. The boards of these companies started to hire firms to come in and do audits on everything that touched the revenue stream. The called it the Sarbanes Oxley Act or (SOX). And the CEO’s and CFO’s take a good look at this.
This is where this gets very fuzzy, I have been at some places where anything can touch the revenue stream. I have been at a company where only select applications touched the revenue stream. Yet they tested the security at the building.
More to the point though, SOX has been a big unknown cloud. I have been through 3 or 4 SOX audits and every one was different. I have even been to places where they have pre-audit companies come in to help with the Audit and they ask completely different questions.
Where I am going with this? Well the new Audit Features inside SQL Server 2008 are going to allow you to automate most everything that I have been asked about before. Questions like; when did all the accounts last have a password change. Or they can validate that the database has good backups or even when the last restore was done. This new Audit feature will even log when it has been changed.
The point that I am trying to make here is not only is Microsoft trying to make our lives easier by helping use with new features like compression or policy management, but they are also looking at what the industry needs at the time. We are being asked to provide audit info and SQL Server 2008 will help DBA’s like me get there.