To grant audit-related privileges, you identify the user ID, select an audit privilege for the user, and add any optional comments. You also determine whether that user can grant privileges to other users. Any user with audit administrator privileges can grant all four privileges (including audit administrator) to other users.

Note that for all privileges except audit administrator, the Can Grant Permissions for option is, by default, not selected. The exception to this is when a user is being granted audit administrator privileges; an audit administrator automatically receives the right to grant the audit administrator privilege, or any of the other privileges, to other users. For this reason, the Can Grant Permissions for option is disabled when a user is being granted audit administrator permissions.

Remember that once the security administrator grants audit administrator privileges to a user, the security administrator no longer has audit administrator privileges. The exception to this is when there is only one audit administrator, in which case the security administrator can revoke that users audit administrator privileges (in the case of an emergency). This allows the security administrator access to the audit data if a situation arises in which the sole audit administrator is unexpectedly unavailable; without this provision, no one would be able to access the audit data.

Although the security administrator can revoke the users audit administrator privileges, the security administrator cannot revoke any of that users other permissions.