We provide data for internal and external auditors to help audit Oracle’s E-Business and ERP Cloud applications
- Test access controls and role design by evaluating sensitive access risks and segregation of duties conflicts
- Evaluate control design
Oracle E-Business Suite GRC Health Check
This Level I Assessment covers a broad array of best practices noted in the book Oracle E-Business Suite Controls: Foundational Principles written by Jeffrey T. Hare, CPA CISA CIA.
Oracle ERP Cloud GRC Health Check
This Level 1 Assessment covers a broad array of best practices.
GRC Software Acquisition and Implementation Services for Oracle E-Business Suite, ERP Cloud, and PeopleSoft
Risk Management Cloud for ERP Cloud
Including Financial Reporting Compliance (FRC), Advanced Access Controls (AAC), and Advanced Financial Controls (AFC) – strategic partnership for Oracle’s ERP Cloud software
CaoSys for E-Business Suite
CS*Comply, CS*Audit, CS*Provisum (AAP), CS*Provisum (PAR), CS*License, CS*Lookback, CS*Rapid, CS*Impact – strategic partnership for Oracle’s E-Business Suite software
Application Security and Role Design Services for:
- Oracle E-Business Suite
- ERP Cloud
- PeopleSoft
Implementation security
Application security and role design as part of implementation
Upgrade security
Application security and role design as part of upgrade
We are ERP Risk Advisors, a leader in the Oracle Applications community
Hosts the industry’s only internal controls repository of best practice content and to provide a forum users analyze and discuss risks (end user organizations only)
Hosts the LinkedIn groups Oracle GRC , Oracle ERP Auditors , Oracle ERP Cloud GRC and Oracle GRC Software
Presents industry-leading books, articles, and white papers on internal controls and security best practices
Provides the industry’s only training on best practices related to internal controls and security issues
Implements and provides seeded content in leading GRC software
Vice President, IT Compliance & Controller – Technology Manufacturer
ERP Risk Advisors are experts in the Oracle ERP platform and possess a complete understanding of the audit requirements in today’s environment. Their proficiency in the areas of SOD, PAR, and Audit enables very efficient and effective implementations.
Sheila Dziura CISM, CISA
Jeff is well versed in the Oracle environment and the risk arena. We worked with Jeff on an implementation audit management tool for continuous monitoring. He has exceptional organizational skills and follows through. In addition, he provides great on going support and guidance.
Krutika Desai
Jeff is well versed in the Oracle environment and the risk arena. We worked with Jeff on an implementation of CAOSYS tools for SOD conflicts as well as auditing. He is very knowledgeable in what auditors will be looking for, what are the critical areas to audit and Segregation of Duty rules to apply.. In addition, he provides great on going support and guidance and is always available for advice and support.
Madhur Guliani
I worked with Jeff while implementing a solution (Caosys) for financial applications governance at Harbor Freight Tools. Jeff demonstrated thorough understanding of not only the business processes, but also of the functionality of Caosys and Oracle Applications and how it applied to HFT's needs. He advised and worked well with the implementation team to implement the solution successfully, on time and within budget.
VP Internal Audit
Once we heard about that product and were able to see its functionality, implementation of CaoSys as our GRC compliance software was a no brainer. The risks (i.e., reputation, compliance, lack of reliance by your external auditor, etc.) and costs associated with a material weakness over general IT controls (i.e., cost of capital, expanded testing required by your external audit firm and internal costs to perform the control documentation without the use of a tool) made the internal discussion to procure CaoSys seamless. After evaluating CaoSys against other available tools, there was no comparison when looking at the functionality, capabilities (SOX compliance and operational) and ease of use."
Explore more of our seminars on YouTube