Thought Leadership, Best Practices
Thought leadership in the Oracle Applications Internal
Controls and Security Space
Welcome to ERP Seminars.  Our leadership in the Oracle Applications community:
  • is responsible for forming and moderating the industry’s only listserver focused on internal controls and
    security issues with over 1200 members
  • hosts the industry’s only repository of best practice content for end users to provide a forum to provide
    analysis and discuss risks (Internal Controls Repository (ICR).  This forum allows us to communicate risks
    and share content with end users without the concern of external auditors having access to the content
  • provides the industry’s only seminar on best practices related to internal controls and security issues
  • is leading the development of public-domain content regarding tables to audit; content available in the ICR
  • is providing valuable feedback to Oracle and the end user community on the internal controls and security
    deficiencies in the eBusiness Suite
  • is providing seeded content in several third party products
  • has written various ground-breaking white papers on internal controls and application security issues
    published in industry periodicals and on various websites and blogs (available at www.oubpb.com)
  • formed and continues to sponsor the Oracle Users Best Practices Board to facilitate peer reviews and
    publishing of various white papers
  • provides peer review support for the OAUG white paper submission process
Internal Controls Repository
End user companies can sign up for the
Internal Controls Repository (ICR) to have
access to industry-leading best practices
without fears of auditors receiving the same
information here.  Here is some guidance
on common issues with signing up for the
ICR.
Industry-leading public listserver on
internal controls and security issues
Exchange ideas with over 1200 other users
on Internal Controls and Security best
practices by signing up for the this industry-
leading listserver here.  
Other links:
CPE
Policies
About Us
Send Page To a Friend
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for our Email List
Internal Controls Surveys:
Surveys on Internal Controls and Security
issues for companies running Oracle
Applications.  Results can be downloaded
here.  Thanks to Fulcrum Information
Technology, Inc and Greenlight
Technologies for sponsoring the surveys.

SQL Forms survey - closed.  Results can
be downloaded here.

Password Decryption survey - brief two
question survey - coming soon
SOD/User Access Controls Services
Leverage our industry leading risk
assessment content and 'conflict' matrix
with the following two new services:

1.  Risk-Based Automated User Access
Controls Analysis.  Download more
information here.

2.  A full SOD / User Access control risk
assessment process is a must for any
companies trying to reduce risk and audit
fees in the areas of user provisioning and
Segregation of Duties.  Most engagements
last one to three weeks.
Upcoming webinars include:
  • July 15: Survey results - done - Slides
  • July 17: Greenlight Technologies - done
    July 31: CaoSys - CS*Comply
  • Aug 5: Risk based assessment of user
    access controls and SOD
  • Aug 13:  SQL forms risks
  • Aug 14: CaoSys - CS*Vision
  • TBD: Password decryption risks
  • TBD: Common change management
    challenges
  • TBD: Introduction to SOD / User Access
    Controls tools
  • TBD: Monitoring privileged users      
Free White Papers to download
We have prepared a primer for internal
auditors related to auditing Oracle
Applications.  It can be downloaded here.

We have published a ground-breaking white
paper "Accessing the Oracle Apps
Database without a Database Login"
originally published in OAUG's Insight
Magazine (Winter 2006 edition).  Download
here.
Search our site