1 / 20

Configuration GRC & Oracle Configuration Controls Governor

Configuration GRC & Oracle Configuration Controls Governor. May 2009 Oracle GRC Strategy – Barry Greenhut. Application GRC tells you…. Who’s using our apps? ACCESS CONTROLS What can they do? CONFIGURATION CONTROLS What have they done? TRANSACTION CONTROLS. Application GRC controls reduce….

yaakov
Download Presentation

Configuration GRC & Oracle Configuration Controls Governor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Configuration GRC & Oracle Configuration Controls Governor May 2009Oracle GRC Strategy – Barry Greenhut

  2. Application GRC tells you… Who’s using our apps?ACCESS CONTROLS What can they do?CONFIGURATION CONTROLS What have they done?TRANSACTION CONTROLS

  3. Application GRC controls reduce… Financial Loss Compliance Cost Audit Effort !

  4. Configuration examples • Financial Loss • Tax mis-configuration causes under-collection of taxes, goes undetected for months. Consequences: Pay taxes on behalf of customers, plus penalties. • Clerk changes bank account info without cross-check, millions transferred before fraud discovered. Consequences: Money lost, or frozen pending litigation; public confidence shaken due to notoriety. • Sales reps raise customers’ credit limits so they can buy more. Consequences: Customers default on payments, receivables aging forces write-downs.

  5. Configuration examples ! • Compliance Cost • Ledger Set mis-configuration allocates revenues amongst divisions incorrectly. Consequences: Restate and refile quarterly results; public confidence shaken due to notoriety. • Audit Effort • Production patch resets vendor tolerances, goes unnoticed for months. Consequences: Internal audit team spends months proving there were no abuses; external auditors perform substantial transaction examination.

  6. How do I control costs/risks? • Control setup changes that can have significant financial or regulatory impact • Identify setup changes that violate financial or regulatory policy • Accelerate documentation and analysis of setup values

  7. Use CCG to control costs/risks

  8. CCG has delivered GRC savings since 1998 • No substantial competitors • Just the configuration GRC you absolutely need: • Full audit trails and alerts (Change Tracking) • Comprehensive record keeping (Snapshots) • Find discrepancies (Snapshot Comparisons)

  9. CCG has delivered GRC savings since 1998 • Quick to implement – can be done in one day, thanks to shrink-wrap support for: • EBS R12 – 12 modules, 550+ setupsEBS 11i – 66 modules, 3,000+ setups • PSFT HCM 8.8/8.3 – 9 modules, 400+ setups • Protects data from prying eyes – you control all access • Centralizes all controls and data in a single source of truth

  10. CCG Features • Change Tracking • Alert users whenever changes occur • Dashboard summarizes changes in all environments • Drill down to see details of all changes • Export change details to CSV (Excel) and PDF

  11. Page/Form Change Tracking captures every change made to designated setups Configuration Governor - Change Tracker Insert Update Delete Audit Trail Automatically alerts designated parties when changes occur Generates authoritative audit trail reports (Who, What, When, How)

  12. CCG Features • Snapshots & Comparisons • Document all setup values seen in the original applications • Compare two environments’ values (e.g., Production vs. a best-practice baseline), or snapshots from two points in time • Export all details to CSV (Excel) and PDF

  13. Snapshots record setup values to identify deviations from policy, and for compliance documentation Page/Form Snapshot

  14. Values found in child pages/forms are captured too Child Page/Form Snapshot

  15. Compare setup values from different: Environments • Dates • SOBs/Ledgers •Operating Units • Application Releases Snapshot 1 Snapshot 2

  16. CCG Features • Comprehensive Data Security • Control the business data seen by each CCG user • Control the actions each CCG user can take • Install CCG in firewalled tier • Flexible • Reconfigure Change Tracking on demand • Schedule Snapshot schedules, and take Snapshots on demand • Generate Comparisons on demand • Add new business environments on demand

  17. CCG Features • Mature Product • Introduced in 1998 • Over 300 EBS customers • Over 60,000 developer-hours invested in creating metadata for EBS and PeopleSoft • Metadata = Ready to Use • Shrink-wrap support for 12 R12 modules (550+ setups) and 66 EBS 11i modules (3,000+ setups) • Shrink-wrap support for 9 PeopleSoft HCM 8.8/8.3 modules (400+ setups) • Add support for additional setups with MetaBuilder, a developer’s tool included in CCG

  18. Shrink-Wrap Support

  19. Use MetaBuilder to Create More Metadata

  20. Summary • Configuration Controls Governor offers GRC value: • Reduce Financial Loss and Risk • Reduce Regulatory Compliance Cost and Risk • Reduce Audit Effort • CCG is a mature product that provides a single place to manage all application configuration GRC • CCG comes ready-to-use, with support for: • EBS R12 (12 modules, 550+ setups)EBS 11i (66 modules, 3,000+ setups) • PSFT HCM 8.8/8.3 (9 modules, 400+ setups) • Add more support using MetaBuilder

More Related