Oracle Audit : Direct Access
I would like to ask this question concerning auditing changes on Oracle Database and specially sensitive data. I have seen in SAP Notes that direct access to Oracle Database is not recommended or let's say illegal by SAP. But, the question for me is :
1/ Is it technically possible? Is it possible to connect to the DB using a third client like sqldeveloper?
2/ If it's the case, is it (I insist) technically possible to alter data even with administrator users?
3/ Are changes auditable and how to check this?
We are running a SAP ECC 6.0 EHP5 on Oracle 11G.