Presentation is loading. Please wait.

Presentation is loading. Please wait.

The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.

Similar presentations


Presentation on theme: "The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions."— Presentation transcript:

1 The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions

2 2 Year 1 = Manual Documentation Uncertainty Methodology (COSO, COBIT, etc.) Lots of manual effort What about the projects we pushed-back last year? We have to do this all over again? –Quarterly and annual sign-offs (302, 404)

3 3 Interesting Statistics 27 companies with Revenue $75M+ disclosed a material weakness in January 2005 (compared to 7 in January 2004) 70% of the disclosures were related to financial systems and procedures

4 4 Year 2 = SOX as a Sustainable Solution Automate the Process Test and monitor controls Infrastructure to support both (people / software) Adapt to your control methodology –Not all controls are the same…

5 5 Sarbanes-Oxley Cycles YEAR 1 Document Processes, Risks & Controls YEAR 2, 3, 4… Monitor Changes & Test Controls Applimation Integra Continuous Monitoring

6 6 All Controls are Not the Same Prevent Controls –STOP a transaction or change from occurring Detect Controls –Alert when a sensitive or material transaction or change occurs Monitoring Controls –Capture information for a subsequent review. This level of reporting is very effective in providing information for auditors performing quarterly tests of controls.

7 7 Controls – Trouble-areas General IT Controls –Access (Security) controls –Change management controls Application Controls –Embedded application controls –Embedded operation controls INTEGRA –Access, Forms –Apps, Codebase –Apps, Transaction

8 8 Tough Questions for Oracle Applications How do you know key controls are operating effectively throughout year? Can you report on ALL changes to key controls? How do you search for segregation of duties or evaluate user access? How do you know controls are same for each business unit? How do you document key controls within systems?

9 Continuous Monitoring in Oracle Applications Applimation Integra

10 10 OPERATING SYSTEM DATABASE Oracle Applications environment Code Setups Security Transactions Integra Codebase Integra Apps Integra Access Integra Transaction Continuous Monitoring in Oracle Applications KEY CONTROLS & TRANSACTIONS CONTINUOUS MONITORING Integra Forms PREVENTION Applimation Integra

11 Integra Access Evaluate User Access & Search for Segregation of Duties Issues

12 12 Integra Access Evaluate User Access Search by User Search by Form/Function Search for Segregation of Duties Identify incompatible Functions & Forms Form Function Menu Responsibility User

13 13 Segregation of Duties

14 14 Best Practices - (SOD) templates Financial Reporting and Maintenance of Accounting Records –General Ledger –Cash Management –Accounts Receivable –Accounts Payable Procure to Pay Business Process –Purchasing –Accounts Payable –Inventory –Costing Order to Cash –Order Entry –Accounts Receivables –Inventory Human Resource Management and Payroll –Human Resource Mgt. System –Payroll Application Administration (including security and configuration management) System Administration Application Object Library (AOL)

15 15 Integra Access – SOD Prevention

16 Integra Apps Continuous monitoring within Oracle

17 17 Integra Apps & Codebase Integra Apps Setups Instances Sets of Books Operating Units Versions Monitoring Reporting Alerting Application Setups Automated Documentation Comparisons Change Tracking Migration Integra Codebase Forms Reports Code Environments Oracle Versions Code Versions Monitoring Reporting Alerting Code Promotion

18 18 Examples of Setups Setup Data Application Security Document Approvals Chart of Accounts Profile Options Users Application Setups MRP rules Operational Data Customers Suppliers Employees Buyers Items Chart of Account Values Category Codes

19 19 Example of System Controls 3-way matching of PO, Invoice and Receipt Document spending limits (authorization of PO) Security rules – access to sensitive transactions –Employee salaries –Chart of account values –Financial statement reports (FSGs) –Price lists –Inventory attributes Action for late delivery of goods Inventory stocking rules Rules to create tax on sales orders Depreciation methods

20 20 Best Practices - Audit Trail Templates SOX implications (audit trail) for over 3000 objects. Affects / supports a control – change tracking provides visibility to ensure controls have been operating throughout the entire audit period Financial statement impact – could potentially impact a financial statement Operational impact – changes to business settings could be difficult to identify

21 21 Automated Documentation: Snapshot Point-in-time picture Run on demand or scheduled

22 22 Snapshot Report

23 23 Comparison Report Differences

24 24 Automated Change Tracking Integra Apps - Change Tracking –Who? –What? –When? –Where? Automatically captures a complete historical audit trail. Details of EVERY change.

25 25 What?Who?Where? When? Change Tracking

26 26 On-line Change Tracking

27 27 Tough Questions for Oracle Applications How do you know key controls are operating effectively throughout year? Can you report on ALL changes to key controls? How do you search for segregation of duties or evaluate user access? How do you know controls are same for each business unit? How do you document key controls within systems?

28 28 Over 300 Customers Worldwide

29 29 Integra - Applied Sarbanes-Oxley compliance for Section 404 internal controls report Leading Accounting firms adopt Integra as standard tool for audits of Oracle Version control for 11i upgrade and on-going maintenance

30 30 OPERATING SYSTEM DATABASE Oracle Applications environment Code Setups Security Transactions Integra Codebase Integra Apps Integra Access Integra Transaction Continuous Monitoring in Oracle Applications KEY CONTROLS & TRANSACTIONS CONTINUOUS MONITORING Integra Forms PREVENTION Applimation Integra

31 31 For more information… (212) 500-1200 sales@applimation.com www.applimation.com

32 32 Architecture Applimation Home Snapshots & Comparisons Test 11i Dev 10.7 Prod 1 11.0.3 Prod 2 10.7 APP SERVER USER

33 33 Architecture Integra Apps Applimation Home Test 11i Integra Apps Dev 10.7 Integra Apps Prod 1 11.0.3 Prod 2 10.7 Setup Changes Snapshots & Comparisons


Download ppt "The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions."

Similar presentations


Ads by Google