A User Assessment job generates a report that helps you to identify users that pose a risk to your target database.
The User Assessment report includes the following information about each user in a target database:
- User account name
- Target database name
- User type: Admin, Application, Privileged, Schema, or Non-Privileged. A user with one or more of the following administrative privileges is classified as an Admin user:
SYSKM. A privileged user is a user who is granted system and object privileges that classify the user as High or Very High risk.
- Whether a user has the DBA, DV Admin, or Audit Admin role
- Risk level: Low, Medium, High, and Very High
- Status: OPEN, LOCKED, or EXPIRED & LOCKED
- Date/time when the user last logged into the target database
- Time duration since the user was created, for example, four months ago
- Authentication method used by the user, for example, PASSWORD or NONE
- Password profile used by the user, for example, DEFAULT
- Date/time when the user's password was last changed
- Link to the user's audit records