My friend said, to trace data “misuse” from operational database is hard if there unable the auditing. So, I want to know if the the auditing is already enable, there are still other problems? Because I quite new in DB auditing.
You will get some idea about auditing and then you can get back to your friend and ask more about what he wants as there may be issues even if the auditing is enabled.