Db2 audit policies
An audit policy is a set of criteria that determines the categories to be audited. It helps you configure and control the audit requirements of your security policies and to monitor data access by applications and individual users (authorization IDs or roles), including administrative authorities.
You can create an audit policy by inserting a row in the SYSIBM.SYSAUDITPOLICIES table.
Authorization for Db2 audit policies
The SECADM, ACCESSCTRL, DATAACCESS, system DBADM, SQLADM, SYSCRTL, and SYSADM authorities all have the implicit SELECT privilege on the SYSIBM.SYSAUDITPOLICIES table.
SECADM authority also has implicit INSERT, UPDATE, and DELETE privileges on the SYSIBM.SYSAUDITPOLICIES table. Explicit SECADM authority is always required regardless of the SEPARATE_SECURITY subsystem parameter value.
If a view is created on the SYSIBM.SYSAUDITPOLICIES table, the DATAACCESS authority can perform INSERT, UPDATE, and DELETE on the view to indirectly INSERT, UPDATE, and DELETE on the SYSIBM.SYSAUDITPOLICIES table.
If you have the required privileges to issue the START TRACE, STOP TRACE, and DISPLAY TRACE commands, you can activate, deactivate, and display an audit policy by issuing those commands with the AUDTPLCY option. The SECADM authority has the implicit privileges to issue the START TRACE, STOP TRACE, and DISPLAY TRACE commands.