Last week, I had a series of conversations with an internal auditor (at my work). I was asked a seemingly simple question. Is it possible to find out “when (date and time) was a database role granted to a given user”? At the time of the department’s audit, we had not leveraged DB2’s audit feature yet. However, I am now equipped to answer such questions in future. In this blog post, I show how DB2’s audit facility (db2audit) could be leveraged to answer this question. Treat this as a proof of concept using a simple example.