Background
The Payment Card Industry Data Security Standard (PCI DSS) defines requirements for the storage, processing and transmission of cardholder data. There are twelve rules (coined the "Dirty Dozen" by the industry) that merchants and service providers must comply with in order to do business with the credit card companies associated with the standard. Data auditing helps accomplish the most difficult requirements under the standard. At its heart is the ability to produce a secure and irrefutable audit trail of database activity that reveals violations in security policies and identifies who accessed, altered, deleted or viewed credit card data.