The story is a bit different in a non-production environment. Depending on your organization change control policies, developers might have Data Mover Access in non-production. In this case, we might want to prevent the OPRID from exploiting Data Mover Access to perform undesired DDL on the database.
From the category archives:
Continuing from my previous post – “Perils of DataMover Access – Part 2a“
Let’slook at a scenario where the security was modified to enable Data Mover Access.
The above results show that oprid NPAI ‘Added’ the security to enable DATA MOVER Access.
It is possible that the OPRID’s who by-passed controls to modify Data Mover Access are smart [...]
In response to Charles’ comments (shown below), I thought it will be nice to respond with a post which provides detailed instruction.
In your example for PSAUTHITEM, does the trigger gets stored as part of the tools? In other words, if I run security export from this instance to another one, will the trigger get migrated [...]
Perils of DataMover Access– Part 2a
PeopleSoft provides trigger-based auditing functionality as an alternative to the record-based auditing that PeopleSoft Application Designer provides. Perform the following steps to setup trigger based auditing for PSAUTHITEM.