Auditing Oracle's ERP Cloud Application

Overview

This course examines Oracle’s cloud application, its core elements, technical architecture, security model, role design, user configuration, patching, change management, profile options, controls monitoring and reporting, and workflow issues. NOTE: Attendees are encouraged, but not required, to bring a laptop. This course will be a combination of direct teaching and interactive activities to the extent that the attendees have access to their organization’s instance.

 

Learning Options

Below are the available learning options for this course:

Enterprise Solutions

Tailored Experience

Bring this course to your organization at your convenience. ACI Learning can deliver this instructor-led course for your team at a chosen location or virtually. Alternatively, choose the topic(s) you need and ACI will craft a training solution to keep your team future-proof.

Customize Your Training

NASBA Certified CPE

16 Credits

Auditing

Why you should take this course

You should attend because auditors at organizations using Oracle’s ERP Cloud should know how to audit its accounting, financial management, project management and procurement functions.

Who should take this course

Internal Auditors, IT Auditors, Functional and IT teams implementing or supporting Oracle’s ERP Cloud applications

What You'll learn

You will learn about the application’s risks and controls, the core elements of the application, and how to audit the application effectively.

Prerequisites

None

 

1. Architectural Overview:

  • cloud: differences from other applications
  • presentation layer
  • application layer
  • database layer
  • example

2. Common Elements:

  • key flexfields
  • descriptive flexfields
  • value sets / values
  • security rules
  • cross-validation rules
  • profile options / values

3. Organization Structure

 

4. Master Data Overview:

  • bank account
  • supplier
  • customer
  • item
  • employee

5. Building a Proper Audit Trail:

  • why an audit trail
  • types of technologies to build audit trail
  • what to audit

6. Application Security Configurations and Administration:

  • users
  • roles
  • data security
  • flexfield security

7. Application Security Best Practices:

  • RBAC principles
  • role design principles – end users and IT
  • seeded users
  • generic users
  • role assignments
  • impersonizations
  • job scheduling users
  • password controls

8. Workflow Security and Controls:

  • workflow policies
  • approve workflows via email
  • delegate or transfer workflows

9. Risks and Controls Related to Privileged Users:

  • risks
  • ways to monitor privileged users

10. Change Management Best Practices:

  • types of changes
  • impact of IIA GTAG 2
  • best practices
  • common challenges

11. Designing and Auditing Application Controls:

  • application controls types and examples
  • impact of IIA GTAG 8
  • benchmarking
  • best practices
  • common challenges

12. Protecting Sensitive Data in Production and Non-Production:

  • statutory requirements
  • identifying and classifying
  • impact on application security
  • impact on database security
  • impact on change management process

13. Project Risks and Implementation Audits:

  • key project risks
  • internal audit involvement

14. Common Audit Issues

15. Auditor Resources

Learning Options

Below are the available learning options for this course:

Enterprise Solutions

Tailored Experience

Bring this course to your organization at your convenience. ACI Learning can deliver this instructor-led course for your team at a chosen location or virtually. Alternatively, choose the topic(s) you need and ACI will craft a training solution to keep your team future-proof.

Customize Your Training

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.