We have fresh content added weekly from the Oracle ERP world. Please subscribe to our newsletter to receive email notifications regarding any interesting articles posted on our blog.
Subscribe to our newsletter
Sarbanes-Oxley and control design best practices require access controls be tested for every in-scope ERP system within an organization’s Risk and Control Matrix (RACM). While this may not be the standard for external auditors, let...
ERP Risk Advisors (www.erpra.net), the leader in risk content in the Oracle applications space, is pleased to announce a partnership with Excelencia Consulting (www.excelenciaconsulting.com) an Oracle Solutions company headquartered in Austin, TX, with offices in...
ERP Risk Advisors, the leader in risk content in the Oracle applications space, is pleased to announce a partnership with Project EIDOS an established UK IT Service Consultancy with a primary focus on providing technical...
ERP Cloud Custom Role Offerings First, ERP Risk Advisors will be formally announcing our fixed price offering of custom roles for ERP Cloud at the Ascend conference in Las Vegas next month. If you are coming...
ERP software provides organizations with tremendous benefits including vast configurable processes and standard reports used for reporting on data. ERP software comes in two flavors: those that organizations need to manage their own infrastructure (on-premise...
I did it! My redemption race is done. I AM A IRONMAN!!! Two years, eight months and 20 days from my heart attack in the Oman 70.3 race, I completed my first full Ironman race...
Despite having been in the Oracle applications space for over 20 years it is still a mystery to me what external auditors do or don’t do in their audit. Recently on vacation I ran into...
UK Police Department using ERP Cloud given “Significant Deficiency” by Grant Thornton partially due to “Segregation of Duties” issues and system accounts. Read full article here From the article (emphasis added): “The commissioner's Audit Advisory Committee report...
ERP / HCM Cloud allows users to delegate their workflow approval authority to others. This can be permanent or on a temporary basis, referred to as Vacation Rules. In this video, we will present the four ways...
In this video we will talk about how to properly security Audit Policy configurations. The ability to maintain Audit Policies can be found in three seeded roles as of patch level 20B. It is critical...
In working with our customers on Oracle ERP Cloud projects we have been working hard to enter Service Requests, get Enhancement Requests, and post ideas in the Ideas Lab. The goal is to identify key...
ERP Cloud allows you to delete a User, even after the account has been used to enter or modify data. In this video, we will explore the impact on the Audit Trail of deleting such...
Password controls 101… when setting up a new user or resetting a password for an existing user, the system does NOT require the User to change their password. This is either a bug or a...
Perhaps the most important control organizations implement is the control related to the review and approval of journal entries. Most organizations using ERP Cloud implement the journal approval workflow to help automate the control. In...
Greeley, Colorado, May 21, 2020 – Today, we are introducing ERP Armor: Reports. The heart of ERP Armor is the identification and management of risk in a customer’s ERP Solution. ERP Armor blends a proven ERP...
For organizations running ERP Cloud, Audit Policies form the foundation of your control. In this video, we will be discussing the bug and two critical enhancements that are needed: https://www.youtube.com/watch?v=kYs2fZLK9Ww We offer an OTBI report to help...
Perhaps the most important control organizations implement is the control related to the review and approval of journal entries. Most organizations using ERP Cloud implement the journal approval workflow to help automate the control. The...
Oracle allows some roles to assigned to a User to be delegated to another user without having to go through the approval process. This would allow an assignment of a role that all organizations would...
One challenge of User Administration is providing a User with the ability to inquire on data in some forms and provide them update abilities in other forms. There are no seeded roles that provide that...
All organizations running ERP Cloud should be concerned about fraud. The Association of Certified Fraud Examiners’ 2018 Report to the Nation identifies that 89% of fraud is misappropriation of assets such as fraudulent disbursements. Check and payment tampering represent 12% of all fraud and...
Greeley, Colorado, April 9, 2020 – The heart of ERP Armor is the identification and management of risk in a customer’s ERP Solution. ERP Armor blends a proven ERP Risk Architecture with ERP Risk Content developed...
Last week I wrote a blog talking about how the System Implementation industry is biased against a “Complete and Secure” implementation. This week I’d like to address another elephant in the room – institutional bias...
Greeley, Colorado, April 2, 2020 – ERP Risk Advisors, a practical thought leader for managing ERP Risk, providing content and consulting services related to compliance, security, risk management, and controls, today introduces ERP ArmorTM as a...
The SI industry is stacked against a ‘complete and secure’ #ERPCloud implementation? SIs don’t win bids by providing a scope that includes controls and role design. Very little, if any, customization of roles is included...
We have recently been sharing our thoughts on LinkedIn on the challenges with Oracle ERP Cloud role design. The majority of implementations go live with purely seeded roles. There is an assumption that seeded roles...
Greeley, Colorado, April 5, 2019 – ERP Risk Advisors, a practical thought leader for managing ERP Risk, providing content and consulting services related to compliance, security, risk management, and controls, today introduces ERP ArmorTM ,...
One of the key controls that organizations often define as part of their ITGCs relates to the identification and monitoring of privileged users. An accurate definition of what is deemed to be a 'privileged user...
The One Function That Could Undermine Your Journal Entry Controls Background: In R12, Oracle dramatically changed their subledger architecture by introducing SLA – Sub-Ledger Accounting Architecture. This change helps to standardize the way accounting is stored...
The One Profile Option That Could Undermine Your Journal Entry Controls Background: Most organizations use ADI (client server version in 11i and prior and web version in R12 and later) to develop and upload Journal Entries (JEs)....
The One Configuration that Could Undermine Your Journal Entry Controls Background: In Oracle there are various seeded (i.e. provided upon installation of the applications) Sources of Journal Entries (JEs). Organizations implementing the application can also define...
Oracle EBS Personal Profile Values Form Time to revisit this topic. This is easy pickins for external auditors to lead to a control deficiency. Take a look back at this topic I posted on last year: https://www.erpra.net/effective-governance-over-profile-option-values-in-oracle-e-business-suite/ This blog...
Two Day Training Class: Auditing Oracle's® Fusion ERP Cloud Application Is your company using Oracle's Fusion / ERP Cloud apps? Consider joining us for upcoming training from an audit perspective. Auditing Oracle's® Fusion ERP Cloud Application -...
ERP Risk Advisors announces new Audit Support as a Service offerings for Oracle's E-Business Suite and ERP Cloud applications ERP Risk Advisors is pleased to announce two new Software as a Service (SaaS) offerings for Oracle's...
Why the PCAOB and External Auditors Should be Concerned about Substantive-Only Audits This article is long overdue, but still one I have been dreading to release. I know the audit firms could come under significant additional...
ERP Cloud: Risk Management Cloud Certifications and Services ERP Risk Advisors is pleased to announce a second of our resources is certified on the Financial Reporting Compliance (FRC) module of the Risk Management Cloud. Donna Curtis...
New Webinar and New LinkedIn Group focusing on GRC issues for Oracle’s ERP Cloud software ERP Risk Advisors is excited to present our ERP Cloud Risk Advisory Series. Join us for our first webinar in this...
ERP Risk Advisors to present at OAUG's Risk Week ERP Risk Advisors founder and CEO, Jeffrey T. Hare, CPA CIA CISA, will be presenting at OAUG's risk week. His presentation is titled "ERP Risk Advisors and...
With a new year brings exciting news at ERP Risk Advisors. Happy New Year! We wish you the best for 2018. First, we are pleased to welcome a new member to our team, Donna Curtis, who...
