because frequently the organization is already using
CAATs software. Furthermore, the approach allows external
consultants and geographically dispersed companies to
request that queries be run by the local DBA without the
need to compromise the administrator password. The DBA
of the audited entity can also review the SQL being run
over the database to ensure that it will have no effect on the
production environment.