Segregation of Duties and Sensitive Access Review - Part 2: Purchasing

In this series with Jeff Hare from ERP Risk Advisors, we cover key Risks and Controls around the Purchasing process. Regardless of what Applications you run your Financial processes through this video is for you.

We cover areas such as why a User should not be able to create a Purchase Order vs Define Procurement Approval Routing Rules, Create a Supplier vs Create Purchase Orders. and more

Most Business Applications are delivered with a pre-defined set of Roles and Responsibilities, these prove to be an effective way of implementing the Application quickly, without a long Security design process. The problem is that in almost all cases these delivered configurations have Separation of Duty and Sensitive Access Risks built into them that need to be in scope for IT General and Application Controls.

Many of these configurations also have both transactional access and configuration access within them, having Users configure a transaction and then perform those transactions is a major Risk.

You can watch the video below, if you want help managing your Risks and Controls for your Applications you can reach us below.



Effective Controls

If you are struggling to implement a program for effective Controls in your Oracle (and more) Applications, Seecuring provides a subscription based service that provides:

We have been working with ERP/HCM Applications since the early 2000's, and work with leading CPA's, Audit staff and Application specialists to deliver a complete solution.

Before you invest in expensive Software, why not look at GRC as a Service? Faster delivery, lower cost, and more than just reports on your issues - we help Organizations achieve their goals for Internal Controls.


Previous Episodes:

Payables

General Ledger

Resources

Understanding Role Delegations in Oracle ERP/HCM Cloud

Continue Reading...

Fraud and Data Loss - one and the same?

Securing the Financial Close