Auditing Oracle's® E-Business Suite
Auditing Oracle's® E-Business Suite
This course covers application risks and controls for the most commonly implemented Oracle E-Business Suite applications. It includes application security, IT general controls, and dozens of SQL queries often used in assessments.
Upcoming start dates
Suitability - Who should attend?
Internal auditors, IT auditors, business and data analysts, compliance and IT professionals whose role requires using or overseeing Oracle applications.
Prerequisites:
Auditing Business Application Systems (ITG103) or equivalent experience
Outcome / Qualification etc.
NASBA Certified CPE: 16 Credits Auditing
IT Audit Certificate, Information Security Certificate
What You'll learn
You will learn about the application's risks and controls, the core elements of the application, and how to audit the application effectively.
Training Course Content
Oracle Overview:
- technical architecture overview
- presentation layer
- application layer
- database layer
- impact on change control
Common Elements and Modules:
- key flexfields
- descriptive flexfields
- value sets
- security rules
- cross-validation rules
- system profile options
- user profile options
Organization Structure:
- business groups
- ledgers/sets of books
- legal entities
- operating units
- inventory organizations
Master Data Overview:
- item master
- customer master
- supplier master
- bank master
Building a Proper Audit Trail:
- audit trail deficiencies
- why an audit trail?
- audit trail technologies
- building a proper audit trail
- what to audit
Oracle Security Basics:
- users
- roles and responsibilities
- menus
- request groups
- security profiles, global security profiles
- organization access
- role-based security
Application Security Best Practices:
- sensitive data
- privileged users
- SQL forms risks and controls
Change Management Best Practices for Oracle E-business Suite:
- object-oriented development change management
- security change management
- patch change management
- configuration change management
Designing and Auditing Application Controls:
- types of application controls
- IIA guidance
- overriding application controls
- benchmarking
Best Practices for Protecting Sensitive Data:
- statutory requirements
- typical sensitive data
- identifying and classifying sensitive data
- impact on application security
- impact on database security
- ways to secure data
- application and database technologies
- impact on change management process and SDLC
Foundation/core Applications: Risks and Controls:
- lookback procedures
- IT users
General Ledger: Risks and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Assets: Risks and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Cash Management: Risks and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Procure to Pay: Risks and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Order to Cash: Risks and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Inventory: Risks and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Hire to Termination: Risk and Controls:
- key configurations
- key transactions
- key risks
- key controls
- key segregation of duties
Customer Outreach Award
We believe that it should be easy for you to find and compare training courses.
Our Customer Outreach Award is presented to trusted providers who are excellent at responding to enquiries, making your search quicker, more efficient and easier, too.