Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product.

Published byLaurel Summers Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product."— Presentation transcript:

1

2 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2

3 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Controlling for Multiple ERP Systems with Oracle Advanced Controls CON8154 Eugene Hugh - InterContinental Exchange Dane Roberts – Oracle GRC Strategy Stephen D’Arcy - PWC October 2, 2014 Presented with @OracleAdvCntrls Oracle GRC Advanced Controls

4 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Agenda What are Oracle GRC Advanced Controls? Case Study: Background ICE Requirements Challenges Solutions Project Summary What’s Next?

5 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |5 Reality: Document/Email Approaches Challenge GRC OCEG SURVEY 2014 GRC Technology Strategy Survey www.OCEG.org HOW ORGANIZATIONS APPROACH AND ADAPT THEIR TECHNOLOGY STRATEGY FOR GRCwww.OCEG.org 70% SPREADSHEETS, DOCUMENTS, EMAIL & IN-HOUSE SOLUTIONS 30% 1 OR MORE COMMERCIAL GRC SOLUTIONS The lack in modern technology makes achieving goals challenging The impact on FTE’s is particularly significant One financial services organization stated that 80% of their GRC staff resources were nothing more than document reconciles for reporting. […] A mess they are aggressively trying to correct. of GRC professionals reported that they use Spreadsheets, Emails, Custom Reports Apps. 70 %

6 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |6 When looking for new GRC technology, organizations indicate that the primary goals they aim to achieve are: Drivers: for Adopting New GRC Technology OCEG SURVEY 2014 GRC Technology Strategy Survey www.OCEG.org HOW ORGANIZATIONS APPROACH AND ADAPT THEIR TECHNOLOGY STRATEGY FOR GRCwww.OCEG.org INCREASE ANALYTICS & RAPID VISIBILITY OF RISK Complex risk and regulatory environments demand advanced capabilities of risk data integration and analytics to provide full situational awareness of risk” #1#1 IMPROVE CONSISTENCY OF INFORMATION Organizations are realizing that good GRC requires good information, there is increasing focus on the integrity and consistency of GRC information” #2#2 MEET NEW REGULATORY REQUIREMENTS Regulatory change has more than doubled in several industries over the past five years (e.g., banking, insurance, healthcare) and drives the organization to GRC technologies that enable regulatory intelligence and agility” #3#3 REDUCE COSTS & IMPROVE PERFORMANCE When deploying new GRC technologies the organization is driven to reduce costs while increasing the performance of business operations” #4#4

7 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Comprehensive Risk & Controls Management Close the LOOP Identification Analysis Evaluate 1. BUSINESS RISKS Document Assessments Reviews 2. CONTROL OBJECTIVES Author Execute Investigate 3. CONTINUOUS MONITORS

8 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Custom or Legacy Applications Enterprise Risk and Controls Foundation One Unified Platform Flexible Graphical Authoring Detect and Prevent Access, Transactions, Setups Data Driven 100% of Transactions Manage by Exception Pattern Analysis Comprehensive Multiple GRC Projects From Documentation to Test Closed Loop Approach

9 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Intercontinental Exchange ChallengeChallengeSolutionSolutionResultResult Architects of the world's markets. ICE’s diverse markets span futures and options on interest rates, commodities, indexes and FX, as well as equities and equity options - providing end-to-end risk management solutions to our customers around the world. GRC Advanced Controls: Application Access Controls Governor Transaction Control Governor Configurations Controls Governor Sustainable, scalable solution for segregation of duties, ERP configurations and transaction monitoring Automated, periodic monitoring of higher risk transactions Significantly improved the efficiency of internal and external audits Combination of ICE & NYSE and managing controls for multiple ERPs: PSFT hosted off-site EBS on-premise in NYC Disparate processes and controls across entities Manual & ad-hoc tools to manage operational and compliance requirements

10 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Specialized Partners Increase your Return On Investment Get more from Advanced Controls Specialists address more of your needs with Advanced Controls’ many capabilities Increase your organization’s effectiveness Specialists help you embed Advanced Controls in your business processes Accelerate your implementation Specialists guide and support you during planning, implementation and go-live Oracle Confidential – Internal/Restricted/Highly Restricted10

11 Intercontinental Exchange, Inc. (ICE) Oracle Advanced Controls Implementation “One AC instance connected to two different ERP’s” www.pwc.com “Any trademarks included are trademarks of their respective owners and are not affiliated with, nor endorsed by, PricewaterhouseCoopers LLP.”

12 About ICE

13 Background 13 Client Background ICE (runs PeopleSoft) located in Atlanta PeopleSoft is hosted off-premise by a Hosting Provider ICE recently acquired NYSE, (run Oracle EBS) EBS is hosted on premise in New York Oracle Advanced Controls Needed a solution to address operational and compliance needs Goal to implement by summer 2014 Needed a partner to navigate their complex IT environment and implement a right-sized, sustainable, scalable solution Decided to implement an on premise Advanced Controls Environment

14 Requirements 14 EBS Visibility Having recently acquired NYSE, ICE wanted to gain visibility into the risks, controls and transactions within their EBS environment. PeopleSoft Visibility Access, configurations and transactions were difficult to manage with standard PeopleSoft functionality alone. Operational Efficiency The business needed to analyze certain risky transactions on a periodic basis, and was stuck with ad- hoc queries written by IT and manual investigation in the ERP systems. Controls Automation ICE was looking to drive automated control over access and configurations to improve the efficiency of their internal and external audits. Scalability Given the extent of integration and expansion that is and will be going on at ICE over the next several years, the solution had to be scalable to accommodate future change. Audit Support Build a sustainable automated solution that could evaluate security, segregation of duties, automated controls and transactional activity to support Internal and External Audits.

15 Solutions 15 The right Collaboration PwC worked with ICE to help create a tailored, right-sized solution to their operational and compliance needs. Business, internal audit, and IT stakeholder involvement was a key success factor from requirements gathering through implementation. Transactions Led by the business, the stakeholders identified 22 ways they could use TCG to improve exception-based transaction reporting. This was narrowed down to 18 key requirements for Phase I across 5 business and IT processes. Security & Segregation of Duties The stakeholders identified 98 ways they could use AACG to address existing operational and compliance concerns. This was narrowed down to 61 key requirements for Phase I across 8 business and IT processes. Configuration Mgmt. In a discussion driven by IT, the stakeholders identified 141 opportunities for continuous configuration monitoring using CCG. This was narrowed down to 130 key requirements for Phase I across 7 business and IT processes.

16 Systems Diagram AACG & TCG CCG

17 Project Scope/Summary/Benefits 17 Delivered Scope Approximately 90-120 Security and SOD controls in AACG Approximately 90-120 Configuration Change Trackers in CCG Approximately 15-25 Transaction Analytic controls in TCG PCG considered for NYSE but not included Timeline Phase I: February – August 2014 Initial go-live for NYSE AACG and CCG given audit requirements (June 2014) Final go-live for NYSE TCG and ICE AACG, CCG and TCG (Aug 2014) ICE business process control owners for key processes ICE and NYSE system administrators ICE internal audit team Increased automation in the quarterly access review process Increased visibility into risks in the EBS and PeopleSoft environments Resulting changes made to improve security, configurations & processes. Automation of various audit activities Stakeholder Groups Benefits

18 Advanced Controls Examples GL Entries not posted at month end AR Entries without GL entries Duplicate Employees Duplicate Invoice Payments Refunds over specific threshold Unusual Journals – Debit Rev, Credit Expenses Inactive users Business Solutions beyond Compliance and Internal Audit

19 Advanced Controls Examples (cont’d) Custom Content/Objects for PeopleSoft Change trackers to monitor changes to automated controls Impact assessment during patch application Ability to compare setup changes during integration of NYSE (EBS) on to ICE PeopleSoft environment

20 Main Project Challenges 20 Stakeholder Availability 01 Stakeholder Availability 02 Standardizing processes during acquisition 03 Educating Stakeholders 04 Technology Delays

21 What’s Next? 21 Controls Operation RMB Integration EBS Migration Future Expansion Business process control owners have already began operating their monthly and quarterly access and transaction controls, and system administrators are continuing to investigate configuration changes as they occur. PwC is implementing Oracle Revenue Management and billing as ICE’s optimized billing solution, and will build custom connectors to allow RMB to interface with billing rules that will be implemented into Advanced Controls. In 2015, ICE will begin to migrate NYSE from EBS into ICE’s PeopleSoft environment. This will require consideration of the impact to Advanced Controls and may require changes to existing rules. As ICE becomes more comfortable with Advanced Controls capabilities and their existing solution, there will be opportunities to expand their use of the applications and increase the value they derive from it.

22 Questions? Copyright: © 2014 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved. Definition: PwC refers to the US member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.www.pwc.com/structure for further details.

23 Contact Information: Stephen D'Arcy - Director (PwC) stephen.j.darcy@us.pwc.com Ph: 856.577.0022 stephen.j.darcy@us.pwc.com Copyright: © 2014 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved. Definition: PwC refers to the US member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.www.pwc.com/structure for further details.

24 Follow Us & join the conversation. Oracle GRC Advanced Controls Group @OracleAdvCntrls

25 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |25

26 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 26

27

Download ppt "Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product."

Similar presentations

Similar presentations

State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.

State of Indiana Business One Stop (BOS) Program Roadmap Updated June 6, 2013 RFI ATTACHMENT D.
Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.

Virtualization of Fixed Network Functions on the Oracle Fabric Krishna Srinivasan Director, Product Management Oracle Networking Savi Venkatachalapathy.
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
High Tech Executive Discussion New Industry Solutions to Shape Your Future Rosh Dawes, Equinix Joseph Ahn: Principal Consultant, Samsung SDS Jaechul Lee:

High Tech Executive Discussion New Industry Solutions to Shape Your Future Rosh Dawes, Equinix Joseph Ahn: Principal Consultant, Samsung SDS Jaechul Lee:
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Oracle Cloud Marketplace Neelesh Gurnani Director, Product Development Arif Khan Director, Product Management September 29, 2014 Copyright © 2014, Oracle.

Oracle Cloud Marketplace Neelesh Gurnani Director, Product Development Arif Khan Director, Product Management September 29, 2014 Copyright © 2014, Oracle.
Agile insurance carrier - What the carrier has to look like? Glenn Lottering Senior Director, EMEA Insurance Product Strategy and Sales Consulting.

Agile insurance carrier - What the carrier has to look like? Glenn Lottering Senior Director, EMEA Insurance Product Strategy and Sales Consulting.
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.

This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Are you prepared to deal with significant tax gains on low and no basis property in 2012 and beyond? Get in front of the tax gains and improve cash flow.

Are you prepared to deal with significant tax gains on low and no basis property in 2012 and beyond? Get in front of the tax gains and improve cash flow.
One Firm. One Team. Countless Opportunities. Baruch College Come out to network and learn more about a career with KPMG that is far beyond coding !

One Firm. One Team. Countless Opportunities. Baruch College Come out to network and learn more about a career with KPMG that is far beyond coding !
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Advanced Metadata Modeling Modeling for the Oracle Business Intelligence Cloud.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Advanced Metadata Modeling Modeling for the Oracle Business Intelligence Cloud.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Introduction and Update: Oracle Hyperion Financial Close Management CON8536 Richard.

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Introduction and Update: Oracle Hyperion Financial Close Management CON8536 Richard.
Journey into Successful SaaS Implementations

Journey into Successful SaaS Implementations
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Policy Automation with Oracle Service Cloud Overview and Roadmap CON8909 Davin Fifield,

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Policy Automation with Oracle Service Cloud Overview and Roadmap CON8909 Davin Fifield,
Oracle Fusion Pioneering the Consumerization of the Enterprise

Oracle Fusion Pioneering the Consumerization of the Enterprise
The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated.

The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated.
Best Practices for Supporting Oracle Hyperion EPM and Business Intelligence Solutions Mitra Veluri Senior Principal Technical Support Engineer David Valociek.

Best Practices for Supporting Oracle Hyperion EPM and Business Intelligence Solutions Mitra Veluri Senior Principal Technical Support Engineer David Valociek.
Best Practices for Upgrading Oracle PeopleSoft Environments

Best Practices for Upgrading Oracle PeopleSoft Environments
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Amit Jha Project Leader, Product Management Oracle EBS Procurement & Contracts.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Amit Jha Project Leader, Product Management Oracle EBS Procurement & Contracts.
Ads by Google