In IT, we have a few very solid and universal principles that no one ever argues with. The first of these is Cover Your Ass (CYA). CYA is so universal and popular because things go wrong, blame gets thrown, and DBAs find themselves under a metaphorical bus. Nobody likes the underside of that bus. It’s far better to proactively protect yourself.
In among my CYA toolbox are such handy items as:
- Jobs and tables for monitoring and logging
- Code reviews (mine and others’)
- Regular security audits
- A log of issues and actions taken in production
Keeping this kind of log is slightly more work than not keeping this kind of log. But it has become a regular habit, and it pays for itself time and time again.
For true CYA effectiveness, you really have to record exactly what you did in the production log…it’s not enough to write “updated table1 data as requested”. Oh no no, when something breaks and they say “what did you do to the database??”, you’ll be most comfortable (and have the greatest right to smugness, if that’s your thing) if you show them THE EXACT update statement you ran.
I’m very strict about this. I just had a request to change a user’s login. That’s a simple, harmless little thing to just pop out in the GUI, but it’s just as easy to write and save ALTER LOGIN [mydomain\Bill.Whit] WITH NAME = [mydomain\Bill.White];
CYA: Just another great reason to eschew the GUI.