- OracleApps Epicenter - http://www.oracleappshub.com -
Secuity : Oracle Internal Controls Manager
Posted By Sanjit Anand On August 13, 2011 @ 5:34 pm In Oracle Application | No Comments
Do you know , Oracle Internal Controls Manager (OICM) is a comprehensive tool for executives, controllers, internal audit departments, and public accounting firms to document and test internal controls and monitor ongoing compliance. This tool is based on COSO (Committee of Sponsoring Organizations) standards.
It tool provides users with an easy-to-use workbench from which you can organize, execute and manage the audit work including the following activities
As you know Segregation of Duties (SoD) control addresses the specific risk that a user may have access to a certain combination of tasks that provide the opportunity for misconduct.For example, if a user can set up a supplier in an accounts payable system and also authorize an invoice for payment, a risk exists that they can pay themselves with company funds.
Once the SoD violations are identified, auditors can send correction requests to divide the tasks among different users to reduce the scope for error and fraud.
If you donot have this, alternative option is to get The Application Access Controls Governor of Configuration Controls Governor (CCG) of GRC Controls Suite can detect SoD violations
The Application Controls Monitoring (ACM) enables companies to effectively and efficiently manage their IT environment by monitoring IT controls within the Oracle EBS.If you have GRC products , then rhe Configuration Controls Governor (CCG) of GRC Controls Suite can track more extensive application setup changes than ACM. The CCG runs outside of Oracle EBS server
ACM can capture information like who changed, when it was changed and the current and prior value of the setup data.
Recommended values can be setup for profile options and compared with actual settings.
The Application Controls Management feature enables IT managers and auditors to track changes to Setup Parameters in several modules within the Oracle E-Business Suite.The following is a partial list of application setups as below:
FINANCIALS_SYSTEM_PARAMS_ALL , AP_SYSTEM_PARAMETERS_ALL, AR-SYSTEM_PARAMETERS_ALL , FA_SYSTEM_CONTROLS , CE_SYSTEM_PARAMETERS_ALL for Cash Parameters ,MTL_PARAMETERS for Inventory Parameters, GL_SETS_OF_BOOKS and other setup tables can be audited by OICM.
Navigation: IT Auditor ( R) -> Application Controls -> Reporting Group.
Those who is still using EBS , OICM in E-Business Suite R12.0 or R12.1 will move from Premier Support to Extended Support in January 2012.
Article printed from OracleApps Epicenter: http://www.oracleappshub.com
URL to article: http://www.oracleappshub.com/oracle-application/secuity-oracle-internal-controls-manager/
Disclaimer The opinions expressed here represent solely my own represent personal conjecture based upon experience, practice and observation and does not represent the thoughts, intentions, plans or strategies of my current & previous employers and their clients. Copyright © 2007-2010 OracleApps Epicenter. All rights reserved.