Auditor

Internal Auditors are trained to understand the financial aspects and the end user functionally of an ERP solution. However, most Internal Auditors have not been trained in the security features of an ERP system. This one hour auditing primer...

Guarding against fraud within the Oracle E-Business Suite requires multiple actions on several fronts – within the ERP applications, written policies and procedures, and IT security. Setting up roles and responsibilities to ensure segregation of...

ERP Risk Advisors is kicking off a new educational webinar series titled "In-Source Your IT Audit". Please join us for the first webinar in this series titled "How to Audit the Top 10 Oracle E-Business Suite Security Risks". The presentation is...

A quick reference guide for securing the Oracle Database.  The guide includes information on (1) standard Oracle Database accounts and default passwords, (2) password controls and profile settings, (3) Critical Patch Updates (CPUs) and Patch...

All Oracle E-Business Suite implementations that "store, process, or transmit cardholder data" must comply with Payment Card Industry (PCI) Data Security Standard 3.0 regardless of size or transaction volume. The PCI Data Security Standard (DSS) 3.0...

A quick reference guide for securing the Oracle E-Business Suite (EBS).  The guide includes information on (1) default EBS application users, (2) database accounts, (3) EBS password change utilities (FNDCPASS, AFPASSWD), (4) security related...

Sarbanes-Oxley’s section 404 requires a company’s key systems be audited. However, many companies have 'unauditable' systems and don’t even know it. This paper explores methods by which companies can create an auditable system by implementing...

Most Oracle E-Business Suite implementations do not fully take advantage of the auditing and logging features. These features are sophisticated and are able to satisfy most organization’s compliance and security requirements. This guide presents...