Presentation is loading. Please wait.

Presentation is loading. Please wait.

The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.

Published by Modified over 10 years ago

Similar presentations

Presentation on theme: "The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions."— Presentation transcript:

1 The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions

2 2 Year 1 = Manual Documentation Uncertainty Methodology (COSO, COBIT, etc.) Lots of manual effort What about the projects we pushed-back last year? We have to do this all over again? –Quarterly and annual sign-offs (302, 404)

3 3 Interesting Statistics 27 companies with Revenue $75M+ disclosed a material weakness in January 2005 (compared to 7 in January 2004) 70% of the disclosures were related to financial systems and procedures

4 4 Year 2 = SOX as a Sustainable Solution Automate the Process Test and monitor controls Infrastructure to support both (people / software) Adapt to your control methodology –Not all controls are the same…

5 5 Sarbanes-Oxley Cycles YEAR 1 Document Processes, Risks & Controls YEAR 2, 3, 4… Monitor Changes & Test Controls Applimation Integra Continuous Monitoring

6 6 All Controls are Not the Same Prevent Controls –STOP a transaction or change from occurring Detect Controls –Alert when a sensitive or material transaction or change occurs Monitoring Controls –Capture information for a subsequent review. This level of reporting is very effective in providing information for auditors performing quarterly tests of controls.

7 7 Controls – Trouble-areas General IT Controls –Access (Security) controls –Change management controls Application Controls –Embedded application controls –Embedded operation controls INTEGRA –Access, Forms –Apps, Codebase –Apps, Transaction

8 8 Tough Questions for Oracle Applications How do you know key controls are operating effectively throughout year? Can you report on ALL changes to key controls? How do you search for segregation of duties or evaluate user access? How do you know controls are same for each business unit? How do you document key controls within systems?

9 Continuous Monitoring in Oracle Applications Applimation Integra

10 10 OPERATING SYSTEM DATABASE Oracle Applications environment Code Setups Security Transactions Integra Codebase Integra Apps Integra Access Integra Transaction Continuous Monitoring in Oracle Applications KEY CONTROLS & TRANSACTIONS CONTINUOUS MONITORING Integra Forms PREVENTION Applimation Integra

11 Integra Access Evaluate User Access & Search for Segregation of Duties Issues

12 12 Integra Access Evaluate User Access Search by User Search by Form/Function Search for Segregation of Duties Identify incompatible Functions & Forms Form Function Menu Responsibility User

13 13 Segregation of Duties

14 14 Best Practices - (SOD) templates Financial Reporting and Maintenance of Accounting Records –General Ledger –Cash Management –Accounts Receivable –Accounts Payable Procure to Pay Business Process –Purchasing –Accounts Payable –Inventory –Costing Order to Cash –Order Entry –Accounts Receivables –Inventory Human Resource Management and Payroll –Human Resource Mgt. System –Payroll Application Administration (including security and configuration management) System Administration Application Object Library (AOL)

15 15 Integra Access – SOD Prevention

16 Integra Apps Continuous monitoring within Oracle

17 17 Integra Apps & Codebase Integra Apps Setups Instances Sets of Books Operating Units Versions Monitoring Reporting Alerting Application Setups Automated Documentation Comparisons Change Tracking Migration Integra Codebase Forms Reports Code Environments Oracle Versions Code Versions Monitoring Reporting Alerting Code Promotion

18 18 Examples of Setups Setup Data Application Security Document Approvals Chart of Accounts Profile Options Users Application Setups MRP rules Operational Data Customers Suppliers Employees Buyers Items Chart of Account Values Category Codes

19 19 Example of System Controls 3-way matching of PO, Invoice and Receipt Document spending limits (authorization of PO) Security rules – access to sensitive transactions –Employee salaries –Chart of account values –Financial statement reports (FSGs) –Price lists –Inventory attributes Action for late delivery of goods Inventory stocking rules Rules to create tax on sales orders Depreciation methods

20 20 Best Practices - Audit Trail Templates SOX implications (audit trail) for over 3000 objects. Affects / supports a control – change tracking provides visibility to ensure controls have been operating throughout the entire audit period Financial statement impact – could potentially impact a financial statement Operational impact – changes to business settings could be difficult to identify

21 21 Automated Documentation: Snapshot Point-in-time picture Run on demand or scheduled

22 22 Snapshot Report

23 23 Comparison Report Differences

24 24 Automated Change Tracking Integra Apps - Change Tracking –Who? –What? –When? –Where? Automatically captures a complete historical audit trail. Details of EVERY change.

25 25 What?Who?Where? When? Change Tracking

26 26 On-line Change Tracking

27 27 Tough Questions for Oracle Applications How do you know key controls are operating effectively throughout year? Can you report on ALL changes to key controls? How do you search for segregation of duties or evaluate user access? How do you know controls are same for each business unit? How do you document key controls within systems?

28 28 Over 300 Customers Worldwide

29 29 Integra - Applied Sarbanes-Oxley compliance for Section 404 internal controls report Leading Accounting firms adopt Integra as standard tool for audits of Oracle Version control for 11i upgrade and on-going maintenance

30 30 OPERATING SYSTEM DATABASE Oracle Applications environment Code Setups Security Transactions Integra Codebase Integra Apps Integra Access Integra Transaction Continuous Monitoring in Oracle Applications KEY CONTROLS & TRANSACTIONS CONTINUOUS MONITORING Integra Forms PREVENTION Applimation Integra

31 31 For more information… (212) 500-1200 sales@applimation.com www.applimation.com

32 32 Architecture Applimation Home Snapshots & Comparisons Test 11i Dev 10.7 Prod 1 11.0.3 Prod 2 10.7 APP SERVER USER

33 33 Architecture Integra Apps Applimation Home Test 11i Integra Apps Dev 10.7 Integra Apps Prod 1 11.0.3 Prod 2 10.7 Setup Changes Snapshots & Comparisons

Download ppt "The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions."

Similar presentations

May 2009 Oracle GRC Strategy – Barry Greenhut

May 2009 Oracle GRC Strategy – Barry Greenhut
PeopleSoft FSCM 9.2 Reduce Indirect Spend and Procure to Pay Costs with PeopleSoft FSCM 9.2.

PeopleSoft FSCM 9.2 Reduce Indirect Spend and Procure to Pay Costs with PeopleSoft FSCM 9.2.
Week 1b.

Week 1b.
Implementation of Management Information System (MIS) including Financial Management System (FMS) in ICAR User Acceptance Testing – Financials.

Implementation of Management Information System (MIS) including Financial Management System (FMS) in ICAR User Acceptance Testing – Financials.
Demonstration.  Designed for many kind of business which use accounting procedures.  More suitable for retail sales, whole sales and distribution business.

Demonstration.  Designed for many kind of business which use accounting procedures.  More suitable for retail sales, whole sales and distribution business.
Copyright © 2005 Ubex Corporation Automated Invoice Processing and Enhanced Controls with ERS Pay On Receipt Presented by: NorCal OAUG Uma Mohan March.

Copyright © 2005 Ubex Corporation Automated Invoice Processing and Enhanced Controls with ERS Pay On Receipt Presented by: NorCal OAUG Uma Mohan March.
The most comprehensive Oracle applications & technology content under one roof Procure to Pay Automation Bevan Wright Fusion5 NZ Oracle User Group.

The most comprehensive Oracle applications & technology content under one roof Procure to Pay Automation Bevan Wright Fusion5 NZ Oracle User Group.
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
1 Archive Access Audit Keys to Effective Compliance Lifecycle Management.

1 Archive Access Audit Keys to Effective Compliance Lifecycle Management.
SOX and IT Audit Programs John R. Robles Thursday, May 31, 2007 Tel: 787-647-396.

SOX and IT Audit Programs John R. Robles Thursday, May 31, Tel:
SOX Compliance: A Practical Look at Application Auditor Presented By Sunita Sarathy Product Manager Absolute Technologies, Inc.

SOX Compliance: A Practical Look at Application Auditor Presented By Sunita Sarathy Product Manager Absolute Technologies, Inc.
ProCognis SOX 404 & COSO Implementation Presentation

ProCognis SOX 404 & COSO Implementation Presentation
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Information Systems for Business Operations Chapter 8.

Information Systems for Business Operations Chapter 8.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.

COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
SAP R/3 Materials Management Module

SAP R/3 Materials Management Module
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
9 C H A P T E R Transaction Processing and Enterprise Resource Planning Systems.

9 C H A P T E R Transaction Processing and Enterprise Resource Planning Systems.
SOX Compliance with Application Auditor

SOX Compliance with Application Auditor

Similar presentations

Ads by Google