A common compliance challenge for most PeopleSoft environments is how to control and secure direct database access by DBAs and developers, especially with regards to highly privileged, generic at the database, application, and operating system layers.  Often, there is little control or active management of generic accounts like SYSADM and ADMINISTRATOR with passwords being loosely controlled and frequently shared.  This paper will describe the risks associated with these accounts and ways to effective manage and control them to meet security and compliance mandates. 

Security Strategy and Standards, Oracle PeopleSoft, Whitepaper