Risk Revolution Blog

Application Access Controls form the foundation of your control environment in your ERP system.  However, these new SaaS systems have become quite complex, and organizations tend not to have a program to develop and manage these controls. This is why more and more organizations are partnering with outside advisory firms to help. So, what are […]

The lack of maturity of external auditing procedures is finally attracting more of the attention it deserves. The US’s Public Company Accounting Oversight Board (PCAOB) and the UK’s Financial Reporting Council (FRC) are publicly challenging external auditors to improve their processes. Two Causes for Concern Emerge in One Month In October 2023, two articles emerged […]

In part 1 of this article series, I postulated that there is a systemic issue related to management override of controls. More concerning than the existence of this issue is the reality that it isn’t being addressed by management or the audit community.  This issue is systemic—so let’s discuss what changes we would need to see in […]

ERP Risk Advisors is thrilled to announce the addition of TWO new Oracle-specialized courses [1] to our ERP Armor: Learning library. We are now offering new, unparalleled training in Oracle Transaction Business Intelligence (OTBI) administration and Oracle ERP / HCM Cloud security administration. Oracle ERP/HCM Cloud OTBI Administration This course is designed to show the […]

Birmingham City Council are once again in the news, and given the severity of the financial situation, it will once again highlight the significant overspend for the failed ERP Cloud implementation. This news is hard to see since ERP implementations typically do not end with massive cost overruns and are not necessarily considered a “failure”. We […]

Our CEO, Jeff Hare, CPA CIA CISA comments on the MGM cyberattack: Sadly, we see another significant, and successful cyberattack with MGM Resorts being the latest victim.  What we understand from the information available, is the breach could have a material impact on the company’s financial results. This is the first major corporate breach since […]

The latest U.S. Securities and Exchange Commission (SEC) guidance on Cyber Security risks have “Cyber” firms buzzing.  Those that thought this would be the equivalent of Sarbanes Oxley must have been seriously disappointed.  There was no mandatory audit of Cyber risk included. The guidance requires companies “to disclose material cybersecurity incidents they experience and to disclose on […]

ERP Risk Advisors and HALEY Consulting and Advisory Services Forge Strategic Partnership to Optimize Oracle ERP Risk Management and SOX Compliance…

SafePaaS the leading policy-based access governance platform, announced its partnership with ERP Risk Advisors…