Oracle delivers many Roles that help get your implementation off the ground quickly, predefined access that allows your Users to start accessing and completing configurations and transactions.
From an Audit, Compliance perspective though, these Roles contain many issues that conflict with Segregation of Duty rules and Sensitive Access Risks. In this session we discuss some of these processes that the delivered Roles can do, that should be better secured in a Production Environment, such as loading Data and managing other configurations.
We are finding that many Organizations are going live with the delivered Roles and finding that they need to redo or at least re-implement some parts of the Security model.
If you would like to master the Security and Controls in Oracle Cloud Applications, you can find out more information on training here
Seecuring has partnered with ERP Risk Advisors for a series of short videos on key Segregation of Duty and Sensitive Access Risks. In this second episode we focus on Purchasing, covering Suppliers as part of the process. Along with our CEO we have Jeff Hare speaking.
His extensive background includes public accounting (including Big 4 experience), industry, and Oracle Applications consulting experience.
Jeff has been working in the Oracle Applications space since 1998 with implementation, upgrade, and support experience. Jeffrey is a Certified Public Accountant (CPA), a Certified Information Systems Auditor (CISA), and a Certified Internal Auditor (CIA).
In this series we aim to cover some of the key 'Rules' and Controls that Organizations should be reviewing as part of their ongoing Audit and Compliance initiatives.
If you are struggling to implement a program for effective Controls in your Oracle (and more) Applications, Seecuring provides a subscription based service that provides:
Segregation of Duties
User Access Reviews
Patch Impact Analysis & Configuration Changes
We have been working with ERP/HCM Applications since the early 2000's, and work with leading CPA's, Audit staff and Application specialists to deliver a complete solution.
Before you invest in expensive Software, why not look at GRC as a Service? Faster delivery, lower cost, and more than just reports on your issues - we help Organizations achieve their goals for Internal Controls.