In this series with Jeff Hare from ERP Risk Advisors, we cover key Risks and Controls around the Purchasing process. Regardless of what Applications you run your Financial processes through this video is for you.
We cover areas such as why a User should not be able to create a Purchase Order vs Define Procurement Approval Routing Rules, Create a Supplier vs Create Purchase Orders. and more
Most Business Applications are delivered with a pre-defined set of Roles and Responsibilities, these prove to be an effective way of implementing the Application quickly, without a long Security design process. The problem is that in almost all cases these delivered configurations have Separation of Duty and Sensitive Access Risks built into them that need to be in scope for IT General and Application Controls.
Many of these configurations also have both transactional access and configuration access within them, having Users configure a transaction and then perform those transactions is a major Risk.
You can watch the video below, if you want help managing your Risks and Controls for your Applications you can reach us below.
If you are struggling to implement a program for effective Controls in your Oracle (and more) Applications, Seecuring provides a subscription based service that provides:
Segregation of Duties
User Access Reviews
Patch Impact Analysis & Configuration Changes
We have been working with ERP/HCM Applications since the early 2000's, and work with leading CPA's, Audit staff and Application specialists to deliver a complete solution.
Before you invest in expensive Software, why not look at GRC as a Service? Faster delivery, lower cost, and more than just reports on your issues - we help Organizations achieve their goals for Internal Controls.