Skip Header
U.S. flag

An official website of the United States government

Regulations and Examinations

Continuing IT Training Program - Securing and Auditing Database Servers

Last Updated: January 29, 2024

Program Overview

Using two of the most commonly encountered database server products, Oracle Database and SQL Server, this course will explore the security and controls of database servers used in financial institutions, including banking applications and data.  As an advanced course, the content is technical in nature, and the course is not meant to provide 'how to' guidance for conducting an IT bank examination.

Key Objectives

Upon completion of this course, participants will be able to:

  • Define database capabilities and terminology including activities needed to provide security and control over the software;
  • Discuss associated risks, exposures, database approach to client/server and web processing environments; and,
  • Recognize the impact on enterprise organizations, security profiles, and information technology standards to assess bank’s risk profile and report to bank management.

Instructional Format

Facilitated classroom discussion and lectures


Four and one-half days



Target Audience

Examiners or ITEAs who will lead or participate on level B and A examinations.

This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.


Participants should have completed all of the basic-level and, at least most of, the intermediate-level IT courses.  In addition, we recommend (not required) Mainframe Security for Examiners and Incident Response.

Pre-Course Assignment


Special Requirements


Post Course Feedback



This course may provide CPE/CEU credits; however, any credits offered will be handled by the vendor.

More Information

For more information concerning course content and administration, please e-mail