"Praim Sankar" <pr**************@cogeco.com> wrote in message
news:32**************************@posting.google.c om...
I have exactly the same issue.
Our security person wants an audit on all 'select' on 4 tables
containing sensitive data.
Any idea how we can manage to do this???
One way would be to run a trace, filtered on object name and SELECT. Or
there are commercial products for auditing purposes, such as this one (which
I've never used):
http://www.lumigent.com/products/entegra_sql.html
However, it would be extremely difficult to prevent a determined
administrator from viewing the data - he can disable auditing briefly,
restore a backup to another server without auditing etc. So any technical
solution needs a 'human' part too, ie. good staff, and a clear policy on
data access.
Simon