Technology Conference Listing
Featured: Women in STEM Conference and Award, San Francisco, Sept 10-12, 2017
Featured: PrecisionAg Vision Conference, Phoenix, Oct 10-12, 2017
Featured: SPTechCon, SharePoint Technology Conference, Washington, DC, Nov 12-15, 2017
San Francisco Professional Events List
Auditing Oracle's E-Business Suite - ASE355
Date
Link to Website
Organizer
Venue
Location
"Excellent course that provides the attendees with a solid understanding of Oracle EBS control risks and audit approaches to address these risks."
- Associate Director, PCAOB
Oracle’s E-Business Suite offers a wide variety of applications which require specific audit programs. Auditors and those implementing and supporting Oracle’s E-Business Suite need actionable information about the associated risks and controls.
This foundational three-day course will take you from a basic understanding to an intermediate understanding of application risks and controls for the most commonly implemented applications along with the elements common to all implementations. We will delve deeply into application security and other IT general controls and provide you with a several SQL queries frequently used in assessments.
Prerequisites: Auditing Business Application Systems (ITG103) or equivalent experience
Advanced Preparation: None
Learning Level: Intermediate
Field: Auditing
Delivery Method: Group-Live
Who Should Attend
Internal and External Auditors, Audit Managers and those implementing & supporting Oracle's E-Business Suite
Agenda
What You Will Learn
1. Oracle Overview
• technical architecture overview
• presentation layer
• application layer
• database layer
• impact on change control
2. Common Elements and Modules
• key flexfields
• descriptive flexfields
• values sets
• security rules
• cross-validation rules
• system profile options
• user profile options
3. Organization Structure
• business groups
• ledgers/sets of books
• legal entities
• operating units
• inventory organizations
4. Master Data Overview
• item master
• customer master
• supplier master
• bank master
5. Building a Proper Audit Trail
• audit trail deficiencies
• why an audit trail?
• audit trail technologies
• building a proper audit trail
• what to audit?
6. Oracle Security Basics
• users
• roles and responsibilities
• menus
• request groups
• security profiles, global security profiles
• organization access
• role-based security
7. Application Security Best Practices
• sensitive data
• privileged users
• SQL forms risks and controls
8. Change Management Best Practices for Oracle E-Business Suite
• object-oriented development change management
• security change management
• patch change management
• configuration change management
9. Designing and Auditing Application Controls
• types of application controls
• IIA guidance
• overriding application controls
• benchmarking
10. Best Practices for Protecting Sensitive Data
• statutory requirements
• typical sensitive data
• identifying and classifying sensitive data
• impact on application security
• impact on database security
• ways to secure data• application and database technologies
• impact on change management process and SDLC
11. General Ledger: Risks and Controls
• key configurations
• key transactions
• key risks
• key controls
• key segregation of duties
12. Assets: Risks and Controls
• key configurations
• key transactions
• key risks
• key controls
• key segregation of duties
13. Cash Management: Risks and Controls
• key configurations
• key transactions
• key risks
• key controls
• key segregation of duties
14. Procure to Pay: Risks and Controls
• key configurations
• key transactions
• key risks
• key controls
• key segregation of duties
15. Order to Cash: Risks and Controls
• key configurations
• key transactions
• key risks
• key controls
• key segregation of duties
16. Inventory: Risks and Controls
• key configurations
• key transactions
• key risks
• key controls
• key segregation of duties