Security, Audit and Control Features Oracle E-Business Suite, 3rd Edition - Softcover

Deloitte Touche Tohmatsu Research Team And Isaca

 
9781604201062: Security, Audit and Control Features Oracle E-Business Suite, 3rd Edition
Softcover
ISBN 10: 1604201061 ISBN 13: 9781604201062
Publisher: Isaca, 2010

Synopsis

This updated edition of one of ISACA's most popular guides reflects the many changes that the business environment and Oracle ERP application have undergone since the second edition was published. In response to customer needs and an increased market awareness of governance, risk and compliance (GRC), Oracle Corporation has continued to boost its GRC offerings and released the updated and improved Oracle E-Business Suite (EBS) R12.1 in 2009. Security, Audit and Control Features Oracle® E-Business Suite, 3rd Edition reflects these new developments to provide a current view regarding:

  • How business processes impact ERP implementation and operation
  • Application functionality
  • Strategic business risk
  • Technical system architecture
  • Security and control criteria/drivers for key functional areas, including
    • Financial account
    • Expenditures
    • Web-enabled security
  • IT resource requirements
  • IT management requirements
  • Professional services and support
  • IT integration with other enterprise systems
  • Organizational and audit department challenges with Oracle E-Business Suite
  • Oracle E-Business audit programs
  • Using Oracle to assist with the regulatory requirements of financial reporting and other compliance issues
  • How Oracle's GRC offering integrates with Oracle E-Business Suite

This in-demand guide also provides an update on current industry standards and identifies future trends in Oracle EBS risk and control. It enables audit, assurance, risk and security professionals (IT and non-IT) to evaluate risks and controls in existing ERP implementations, and facilitate the design and implementation of better practice controls into system upgrades and enhancements. This book also aims to assist system architects, business analysts and business process owners who are implementing Oracle EBS, as well as people responsible for managing it in live production to maintain the appropriate level of control and security according to business needs and industry standards.

"synopsis" may belong to another edition of this title.

Review

Oracle's enterprise resource planning (ERP) software is among the biggest business packages ever released. Designed to automate multiple enterprise and corporate operations and processes, Oracle E-Business Suite (EBS) is a very large system of more than 130 integrated business applications and IT infrastructure modules. Many organizations looking for robust and integrated solutions adopt this suite. Security, Audit and Control Features Oracle E-Business Suite, 3rd Edition, as well as its previous editions, is the major published reference covering the security, audit and control points of view and requirements. Business regulatory compliance and the complexity of EBS technology make this publication a practical tool and source of reference for many audiences, including business executives and managers, IT auditors, and security officers. This publication is also a unique reference that covers specific Oracle EBS Release (R) 12 auditing aspects with a formal methodology, an IT audit framework and a risk-control approach.

Two aspects of the book are of particular note. First, there is a balance between techniques and technology on one side and audit framework and methodology on the other. Second, the "popularization" of ERP auditing concepts with a risk-based audit framework is discussed and working tools and adapted templates are provided. These are based on best practices and models (including Committee of Sponsoring Organizations of the Treadway Commission [COSO], COBIT and the Information Technology Assurance Framework [ITAF]) and are provided to assist in conducting practical audit and assurance activities on EBS built-in processes.

The publication aims to adapt existing auditing techniques into an Oracle EBS context to facilitate the audit "contextualization" with an audit framework and practical information on risks, key controls, testing procedures, etc.

The book is a practical introduction to the management of ERP-based operations and risks within Oracle EBS R 12, financial accounting and expenditure business cycles.

The publication discusses newer topics than the second edition. It includes about 150 pages of audit work templates as part of an audit/assurance program. useful templates are provided for EBS business processes including:

  • Audit plans for:
    • The Financial Accounting Business Cycle
    • The Expenditure Business Cycle
    • Oracle Security Administration
  • A maturity assessment template to help maturity management of related COBIT control practices
  • Internal control questionnaire (ICQ) to build on Oracle EBS processes with references to COBIT practices
These appendices extend the practical aspect and usability of this publication.

Security, Audit and Control Features Oracle E-Business Suite, 3rd Edition, provides a very good audit framework, templates, known risks and common key controls for each EBS process (financial scope). In specific operational circumstances and contexts, there may be additional risks not included in this book and others may not apply. Adaptation to specific situations is the auditor's challenge and still requires appropriate judgment.

--Mustapha Benmahbous, Ph.D., CISA, CISM - ISACA Journal, Volume 6, 2010

"About this title" may belong to another edition of this title.

Publisher
Isaca
Publication date
2010
Language
English
ISBN 10 
1604201061
ISBN 13 
9781604201062
Binding
Paperback
Number of pages
407

Other Popular Editions of the Same Title

9781604201970: Security, Audit and Control Features Oracle PeopleSoft, 3rd Edition

Featured Edition

ISBN 10:  1604201975 ISBN 13:  9781604201970
Publisher: Isaca, 2012
Softcover