stop the fraudster! pennsylvania treasury, industry expert chris doxey and fulcrumway
DESCRIPTION
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and FulcrumWay at Oracle Open World 2014TRANSCRIPT
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
2
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
CON8207: Stop the Fraudster!
Mark Stebelton, CPA, CFE (Oracle) – Director of GRC Product ManagementChris Doxey, CAPP, CCSA, CICA, CPC - Management ConsultantBob Enders (Fulcrum Way) - Senior Client Services DirectorJeffrey Bohr (Pennsylvania Treasury) - Applications Developer Administrator, IT
@OracleAdvCntrlsFollow us on Twitter
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
MANAGE RISK | REDUCE COSTS | IMPROVE CONTROLS
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Strategic Priorities Survey________________
Finance Executives SURVEYED
263
Reaching New Heights: The Dividends of Collaboration between
Finance and Procurement is published by CFO Publishing LLC, May 2012
Survey question: Where does the procurement function need to get stronger?
SUMMARY:________________________________
Better Controls & Efficiencies Needed
#1#2
#3
#4
#5
Audit/Control of Procurement
Risk Analysis
CashFlow
PayableExposure
Compliance
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 6
BOTTOM LINE: Document/Email Approaches Challenge GRC
53%
Spreadsheets, Documents & Email
17%
Solutions Built In-house by IT
24%
Commercial GRC Solution
6%
2+ CommercialGRC Solutions
The lack in modern
technology makes
achieving goals challenging
OCEG SURVEY • 2014 GRC Technology Strategy Survey • www.OCEG.org HOW ORGANIZATIONS APPROACH AND ADAPT THEIR TECHNOLOGY STRATEGY FOR GRC
The impact on FTE’s is particularly significantOne financial services organization stated that 80% of their GRC staff
resources were nothing more than document reconciles for
reporting. […] A mess they are aggressively trying to correct.
of GRC professionals reported that they use Spreadsheets, Emails, Custom reports apps.
70%
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 7
Oracle GRC Product Strategy
PLATFORM
ENTERPRISE
GRC
COMPLETE
One, UnifiedPlatform
The #1 PlatformWith intelligence, advanced
controls
& management capabilities
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Comprehensive Risk & Controls Mgmt.
Detect and Fix Issues
Continuous Improvement and
Monitoring
Assess Risk & Compliance
Close the
LOOP
Identification
Analysis
Evaluate
1. BUSINESS RISKS
Document
Assessments
Reviews
2. CONTROL OBJECTIVES
Author
Execute
Investigate
3. CONTINUOUS MONITORS
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Meeting Mission Critical Goals
1OneUnified Platform
2Big Data Techniques for Advanced Analytics
MASTER DATA
3
Embedded ControlsExtensive API Library
FINISHED
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Enterprise Graph
________________
ALL USERS
____________
ALL SYSTEMS
_________________
ALL TRANSACTIONS
INTUITIVE | FLEXIBLE | COMPLETE
SECURITY
SETUP
MASTERDATA
TRANSACTIONS
_______________________________________
__________________________________
BILLIONS OF NODES & RELATIONSHIPS
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 11
Big Data Analytics
USERS
SYSTEMSTXN
TXN
ROLES
SET UP
ROLES
USERS
SETUP
MASTER DATA
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Standard Controls
User Roles
3-Way Match
Approval Hierarchies
StandardControls
Social Media Policy
E-learningEthics Policy
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Standard + Advanced Controls
Sentiment Analysis
Split Purchase
OrdersHide
Displays of Sensitive
DataDuplicate Payments
Transaction Threshold Amounts
Duplicate Vendors
Fine-grained User Access
ConfigurationSnapshots &
Audit Trial
Transaction Pattern Analysis
Fuzzy Logic, ‘similar values’
User Roles
3-Way Match
Approval Hierarchies
Advanced Controls
StandardControls
Social Media Policy
E-learning Ethics Policy
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Government/Education
Technology/Services
Retail
Energy
Communication Industrial
Logistics
Healthcare Services
Mining/Exploration
Customer By Industry
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Advanced Controls Partner SpecialistsOracle recommends using partners and consultants who are Advanced Controls specialists:
Specialized Partner
Implementation Specialist
Pre-Sales Specialist
Sales Specialist
•Can plan, design, deliver, support successful solutions
•Has all specialists shown below
•Demonstrated track record of success
•Can design detailed solutions
•Passed rigorous Oracle examination
•Can describe introductory solutions
•Completed ten hours of study and self-assessment
•Can identify need for Advanced Controls
•Completed ten hours of study and self-assessment
Oracle Confidential – Internal/Restricted/Highly Restricted 16
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Specialized PartnersIncrease your Return On Investment
• Get more from Advanced ControlsSpecialists address more of your needs with Advanced Controls’ many capabilities
• Increase your organization’s effectiveness Specialists help you embed Advanced Controls in your business processes
• Accelerate your implementationSpecialists guide and support you during planning, implementation and go-live
Oracle Confidential – Internal/Restricted/Highly Restricted 17
Chris Doxey, CAPP, CCSA, CICA, CPCManagement Consultant
Doxey, Inc.
571-267-9107
Stop the Fraudster! Set the Tone at the Top and Prevent Fraud with Oracle Advanced
Controls
18
Business Processes with Biggest Fraud Challenges
Source: 2014 Aberdeen Survey
Processes with Biggest Challenges – Example: PTP
Source: 2014 Aberdeen Survey
2014 Association of Finance Professionals (AFP) Payments Fraud Survey Highlights
• 60% of organizations were exposed to actual or attempted payments fraud in 2013.
• 27% of financial professionals that experienced payment fraud in 2012 report the number of fraud incidents increased from 2013.
• 16% of financial professionals from organizations that experienced payment fraud report a decrease in fraud incidents in 2013 compared with 2012.
Source: 2014 AFP Payments Fraud Survey
21
2014 Association of Finance Professionals (AFP) Payments Fraud Survey Highlights (Cont.)
• 82% of survey respondents report that checks were the primary target for fraud attacks at their companies.
• 43% of survey respondents from organizations exposed to fraud attacks, report credit/debit cards were targeted.
• The typical financial loss incurred by companies due to payments fraud in 2013 is $23,100.
Source: AFP Payments Fraud Survey 2014
22
Fraud Schemes Reported in the 2014 Association of Certified Fraud Examiners (ACFE) Report to the Nations
Source: 2014 ACFE Report to the Nations
P2P Fraud Case Study 1: Brenda Belton and Washington DC Charter Schools
• Belton, 61, convicted of stealing and illegally steering more than $800,000 in school system money, was begging for mercy in the same courthouse where another corruption case is playing out, involving the alleged theft by two other D.C. government employees of $20 million or more from city tax collections.
• Belton, who was responsible for monitoring 17 charter schools for the D.C. Board of Education from 2003 to 2006, pleaded guilty in August to theft and tax evasion. Prosecutors said she cheated the system throughout her tenure as chief executive of the board's Office of Charter School Oversight.
• Prosecutors said Belton steered about $446,000 in no-bid contracts to friends and a cousin and stole $203,000 by directing school money to a fictitious company. At the same time, she received $180,000 in illegal payments and kickbacks from friends for whom she helped win school business.
Source: http://www.washingtonpost.com/wp-dyn/content/article/2007/06/05/AR2007060500797.html
24
P2P Fraud Case Study 1: Brenda Belton and the Washington, DC Charter Schools (Continued)
• As part of her plea agreement, Belton promised to pay restitution of $384,000, the amount she was accused of pocketing in the scheme.
• Prosecutors say at least seven others participated in the embezzlement, but no charges have been filed against them. Authorities said Belton was the driving force behind the thefts and diversion of contracts.
Source: http://www.washingtonpost.com/wp-dyn/content/article/2007/06/05/AR2007060500797.html
25
P2P Case Study 1: What internal controls were missing?
“Tone at the Top”
Segregation of Duties
A P2P Internal Controls Program
Disbursement Controls
Random Audits
Bank Reconciliations
What else?
26
Fraud Case Study 2: Too Much Systems Access
27
• A large company enlisted a group of finance process subject matter experts to help test the installation of a new enterprise resource planning (ERP) system.
• In order to fully test the integration of transaction processing to the general ledger, the team was given full systems access to all the master files, transactional interfaces, and accounting functionality of the system.
• After the system was implemented, members of the team were sent to other departments as managers or senior financial analysts; however, the system access rights that they were granted for testing purposes was not removed.
Fraud Case Study 2 :Too Much Systems Access (Continued)
28
• One former accounts payable manager found that she still had the system access rights to set up a vendor, pay an invoice, and void the transaction – even though she was in another department.
• An internal audit found this significant issue and determined that the individual had embezzled nearly $300,000.00 in company funds.
• The employee was terminated and paid back the funds.
• The review of system access rights was immediately added to all audit and internal control programs.
What internal controls were missing?
• Systems Access Controls
• Systems Access Review
• Timely Bank Account Reconciliations
• Journal Entry Controls
• General Ledger Reconciliations
• What Else?
29
Leverage Technology:Move Your Business Forward™
Risk and Compliance Financial Reporting Internal Audit Controls Catalog Application Security Advanced
Analytics
A Leader in Risk Based Enterprise Controls Management Solutions
Copyright ©. Fulcrum Information Technology, Inc.Give me a lever long enough and a fulcrum on which to place it, and I shall move the world - Archimedes
Stop the Fraudster! Set the Tone at the Top and Prevent Fraud with Oracle Advanced Controls
Oracle Advanced Controls for
the Procure to Payment Process
www.fulcrumway.comPage 31Copyright © FulcrumWay
Introduction
Robert Enders
Client Services Director
FulcrumWay Technologies
708-903-7971
Stop the Fraudster! Set the Tone at the Top and Prevent Fraud with Oracle Advanced Controls
www.fulcrumway.comPage 32Copyright © FulcrumWay
A Leader in Risk Based Controls Management™
FulcrumWay: is the #1 End-to-End Provider of Risk Based Enterprise Controls Management
Solutions for Oracle EBS, PeopleSoft and JDE customers with over 200 Fortune-500 to Middle
Market clients. Since 2003, we have successfully assisted companies across all major industry
segments.
Expertise: Risk Advisory Services. Advanced Controls Design for Enterprise Applications. Best
Practices for Risk Mitigation and Internal Controls Automation. Audit, Compliance, Financial,
Enterprise and Operational Risk Assessments. Risk Remediation Services.
Packaged Solutions: FulcrumWay is the #1 choice of Oracle customers for Oracle GRC Advanced
Controls, GRC Manager, and GRC Intelligence/OBIEE software implementation. Oracle has
certified us as the only partner with Accelerators for Oracle GRC. We also provide Managed
Services
Software Services: Risk Assessment for ERP systems, Control Design and Management Tools,
Controls Catalog, Enterprise Risk Manager, Financial Reporting Manager, Audit Manager
USA Presence: Privately held Delaware Corporation with US offices in New York City, Dallas and
San Francisco
International Presence: in Auckland, Chennai, Johannesburg, London, Mexico City
FulcrumWay
www.fulcrumway.comPage 33Copyright © FulcrumWay
Continuous Controls & Risk Monitoring
Enterprise Risk & Controls Foundation
Setups Master Data Transactions Audit Tests
Risk, Controls & Compliance Management
Reviews Assessments RemediationSurveysDocumentation
Dashboards, Reports & Alerts
NotificationsWorklists Email PerspectivesSearch
Access
Custom or Legacy Applications
Complete Advanced Controls Solution
Report
Manage
Enforce
Complements core ERP to enhance business efficiency
Advanced Controls
www.fulcrumway.comPage 34Copyright © FulcrumWay
Business Process Models Service Oriented Architecture
Corporate Performance Management Collaboration
Strategic Sourcing & Contract Mgmt
Supplier Collaboration
Spend Categories
Indirect & MRO
Direct
Materials
Services
SWIFTNet
Settlement
Payment
Processors
Requisition
Purchase
Goods /
Services
Receive
Goods /
Services
InvoiceIssue
Payments
Banks
Example - Oracle Procure-to-Pay Procure-to Pay Controls are Required
Control Points
Advanced Controls
www.fulcrumway.comPage 35Copyright © FulcrumWay
Business Process Models Service Oriented Architecture
Corporate Performance Management Collaboration
Supplier Collaboration
Spend Categories
Indirect & MRO
Direct
Materials
Services
SWIFTNet
Settlement
Payment
Processors
Requisi-
tion
Purchase
Goods /
Services
Receive
Goods /
ServicesInvoice
Issue
Payments
Banks
Example - Oracle Procure-to-Pay
Are your vendors compliant with trade regulations? Are the vendors
blacklisted?
Do you have duplicate suppliers?
Are there inappropriate associations between a
vendor and an employee?
Are there frequent changes to Supplier
information?
Are you missing critical supplier information?
Is the information valid?
Strategic Sourcing & Contract Mgmt
CONTROLS
Automated Controls for Strategic Sourcing & Contract Mgmt
Advanced Controls
www.fulcrumway.comPage 36Copyright © FulcrumWay
Business Process Models Service Oriented Architecture
Corporate Performance Management Collaboration
Strategic Sourcing & Contract Mgmt
Supplier Collaboration
Spend Categories
Indirect & MRO
Direct
Materials
Services
SWIFTNet
Settlement
Payment
Processors
Receive
Goods /
ServicesInvoice
Issue
Payments
Banks
Example - Oracle Procure-to-Pay
Do you have duplicate Purchase Orders?
Are there purchases with non-preferred vendors?
Are there split POs?
Are POs created on the same day as goods
arrive?
Requisition
Purchase
Goods /
Services
CONTROLS
Automated Controls for Requisitions and Purchases
Advanced Controls
www.fulcrumway.comPage 37Copyright © FulcrumWay
Business Process Models Service Oriented Architecture
Corporate Performance Management Collaboration
Strategic Sourcing & Contract Mgmt
Supplier Collaboration
Spend Categories
Indirect & MRO
Direct
Materials
Services
SWIFTNet
Settlement
Payment
Processors
Requisi-
tion
Purchase
Goods /
Services
Banks
Example - Oracle Procure-to-Pay
Are you making accurate and timely payments?
Did the person making the payment create or
modify the vendor?
Are there discrepancies in freight charges?
Receive
Goods /
ServicesInvoice
Issue
Payments
CONTROLS
Are payment term changes reviewed before payment?
Are there duplicate invoice amounts being
processed?
Automated Controls for Receiving, Invoices, and Payments
Advanced
Controls
www.fulcrumway.comPage 38Copyright © FulcrumWay
• Duplicate Payments
• Invoice Sequence Anomalies – alpha
character check
• Invoice Sequence Anomalies - sequential
numbers
• Split Payments
• Payment to Prohibited Vendors - OFAC
• Payment to Prohibited Vendors - Missing
Taxpayer Identification Number (TIN)
• Invoice Amount Exceeding Limit
• Duplicate Vendors
• Not in Accordance with Policies and
Procedures – One time vendors
• Payee Incorrect - multiple vendor numbers for
payment
• Potential Fraud - Same bank account
• Overall Reasonableness of Payment – travel
expenses
• Potential Fraud – PO Box
• Overall Reasonableness of Payment – High
Risk Vendors
• Overall Reasonableness of Payment -
advanced accounts
• Duplicate Payments
• Potential Fraud – Vendor vs. Employee
• Overall Reasonableness of Payment – gifts
• Overall Reasonableness of Payment – new
vendors
• Missing Support
• Address Incorrect – Missing Address
• Pending Priority
• Resubmitted Payments
Client case Control Requirements
www.fulcrumway.comPage 39Copyright © FulcrumWay
Fiscal watchdog ensures tens of billions of dollars in
payments are lawful and correct
Our Client
A state government agency responsible for safeguarding financial assets – more than $120 billion of public funds.
Helps local governments and nonprofits invest their money with flexibility, security, and confidence.
ChallengesReplace fragmented legacy system for recovery audit department with a single incident management systemReplace manual control checklists with a audit analytics system to identify suspicious vouchers submitted for payments by 28+ agencies across the state. Assign suspension transaction to auditors for final review and approval using a pattern matching system
Solutions
Oracle GRC Advanced Controls
Results: Reduce erroneous payment processing by 5% on millions of payments processed each day by consolidating all vouchers across 28 agencies into a single data hub. Improve incident investigation process by establishing business rules to assign incidents based upon risk level, investigation type, priority that match the auditor skills and job roleProvide management visibility and independent oversight to monitor approved and rejected paymentsEliminate inconsistent and contradictory actions by auditors by providing a structured investigation process based on approved investigation checklists based on type of the suspicious transaction. Optimize recover audit business process with integration to the ERP system for vendor management and payment processing
Client case
www.fulcrumway.comPage 40Copyright © FulcrumWay
Establish and Improve Controls
Monitoring and Framework
Our Client Major energy producer recognized for
innovation, flexibility, exploration proficiency
and our technical capabilities in developing
hydrocarbon resources, with an impressive
record of success in various regions of the
world.
Global Operations in over 20 different locations
Oracle E-Business Suite
ChallengesComply with IT Governance Policies
Improvement to overall Controls Framework
Replace manual task for Segregation of Duties
management with over 25,000 functions,
providing greater integration with the ERP
Provide greater controls over ERP technical
components and order to reduce overall
organization risks
Establish more effective preventative and
monitoring controls
SuccessesDeployed SOD monitoring tool that improved
overall operational and management
efficiencies
Established control framework improving
preventative and monitoring controls
Increased visibility into actual operations in
the controls environment
Reduced risk of SOX issues and fraud
opportunities
SolutionsOracle GRC Controls Suite
Client case
www.fulcrumway.comPage 41Copyright © FulcrumWay
Mitigates risks and unlock new opportunities with
Advanced Control Analytics
Our Client Designs, develops, markets, and distributes
footwear for men, women, and children, as well
as performance footwear for men and women
Operates globally through four segments:
Domestic Wholesale Sales, International
Wholesale Sales, Retail Sales, and E-commerce
Sales
PeopleSoft Financials
ChallengesComply with IT Governance Policies
Improve overall Controls
Replace manual task for Segregation of Duties
management to provide greater integration with
the ERP
Establish more effective monitoring of global
transactions through advanced controls
SuccessesDeployed SOD and transaction monitoring
tools improving operational and management
efficiencies
Increased visibility into procure to pay, and
financial operations in the controls
environment
Reduced risk of SOX issues and fraud
opportunities
Client case
SolutionOracle Application Access Controls and
Transaction Controls Governors
www.fulcrumway.comPage 42Copyright © FulcrumWay
Industry Opportunities Next, What is Possible with TCG?
www.fulcrumway.comPage 43Copyright © FulcrumWay
AP AuditFulcrumWay Retail Industry
Claims Trend
www.fulcrumway.comPage 44Copyright © FulcrumWay
MerchandiseFulcrumWay Retail Industry
Merchandise Losses
Net Price
www.fulcrumway.comPage 45Copyright © FulcrumWay
Vendor RiskFulcrumWay Retail Industry
www.fulcrumway.comPage 46Copyright © FulcrumWay
FreightFulcrumWay Retail Industry
www.fulcrumway.comPage 47Copyright © FulcrumWay
MediaFulcrumWay Retail Industry
www.patreasury.gov
Advanced Controls
Jeff BohrInformation Technology Manager
Rob McCord, State Treasurer |www.patreasury.gov
Organization Overview
Rob McCordState Treasurer
• Processed about 30 million payments worth nearly $75 billion last fiscal year.
• IT systems manage about $15 billion in State assets.• Unclaimed Property program collected $265 million
and returned over $116 million, generating nearly $148 million for the General Fund in FY 13-14.
• PA 529 College Savings Program is setting new records: more than $3 billion in assets, serving 186,000 accounts as of June 30, 2014.
• Prevents tens of millions of dollars in erroneous payments annually through pre-transactional audits ($58 million in FY 12-13).
Rob McCord, State Treasurer |www.patreasury.gov
Pre-Audit Goal
• Treasury is responsible to perform pre-payment audits
• Goal: 0% fraud and errors
• Goal: 100% pre-audit coverage
• Saw Oracle GRC as a pre-payment auditing tool not just a
post-payment audit tool
Rob McCord, State Treasurer |www.patreasury.gov
Why – Business Challenges
• Standards-based solution to provide 100% pre-audit support.
• Compliance with Pennsylvania management directives and laws.
• Desire to put control logic into the hands of users.
• Ability to analyze vouchers from multiple sources.
Rob McCord, State Treasurer |www.patreasury.gov
Why – Technical Challenges
• Project to replace Mainframe system with PeopleSoft ERP Financials system.
• Requirements– Able to analyze data in SQL Server– Able to analyze custom data structures and PeopleSoft delivered
data structures.– Able to scale to very large datasets
Our solution analyzes potentially 100,000’s of new vouchers per day that are compared against a set of 3 years of historical vouchers which numbers up to approximately 20 million vouchers.
Rob McCord, State Treasurer |www.patreasury.gov
How we Integrated
• Setup GRC/TCG as a pilot project against legacy system.
• Integrate GRC implementation into the PeopleSoft ERP project.
– Pre-audit staff designed controls
– Technical staff built custom GRC business objects
– Development built interface from GRC to PeopleSoft
• GRC solution went live at the same time as PeopleSoft Financials (7/1/2014)
Rob McCord, State Treasurer |www.patreasury.gov
Pilot Project Architecture
Legacy
Rob McCord, State Treasurer |www.patreasury.gov
Our Current Architecture
Rob McCord, State Treasurer |www.patreasury.gov
How we Integrated with PeopleSoft• Vouchers are staged in PeopleSoft
• All staged vouchers are analyzed by GRC – Vouchers with incidents moved to a custom
Audit Workbench Application for further review
– Vouchers without incidents are moved forward for further processing.
• Phased approach, new controls will be moved to production
Rob McCord, State Treasurer |www.patreasury.gov
Integration Example
Rob McCord, State Treasurer |www.patreasury.gov
Examples of Controls
• First payment for a new purchase order or contract
• Duplicate vouchers
• Resubmitted payments
• Incorrect address
• Invoice with similar sequence
Rob McCord, State Treasurer |www.patreasury.gov
What worked well and what didn’t• What works well
– Providing 100% audit coverage– Improving pre-audit consistency– Scaling to large volumes of data– Users taking control of logic
• Users can quickly design a new control as they identify new audit conditions.
– Integrating into Treasury workflow• Easily integrated into PeopleSoft Accounts Payables processing
– Ease of Technical Operations• Single server solution operates the GRC software and Oracle Database
• What didn’t– Random Sampling
Rob McCord, State Treasurer |www.patreasury.gov
Future Expansion Plans
• Expand to more controls
• Build analytics out of GRC results
• Help agencies to identify problems
• Refine controls to meet change
• Move beyond TCG to ACG and CCG
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle GRC – Enterprise Risk and Controls Foundation
A Unified Platform
Enterprise Risk & Controls Foundation
Dashboards, Reports and AlertsNotificationsWorklists Email PerspectivesSearch
Risk, Controls & Compliance ManagementReviewsDocumentation Assessments RemediationSurveys
Continuous Controls & Risk MonitoringSetupsAccess Master Data Audit TestsTransactions
User Authored ControlsData Connectors Fraud & Error PatternsRo
le B
ase
d A
cce
ss S
ecu
rity
We
b S
erv
ice
s &
AP
Is Flexible
• Graphical Authoring• Detect and Prevent• Access, Transactions, Setups
Data Driven
• 100% of Transactions• Manage by Exception• Pattern Analysis
Comprehensive
• Multiple GRC Projects• From Documentation to Test• Closed Loop Approach
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Roadmap: Investment Areas
Enterprise Risk & Controls Foundation
Dashboards, Reports and AlertsNotificationsWorklists Email PerspectivesSearch
Risk, Controls & Compliance ManagementReviewsDocumentation Assessments RemediationSurveys
Continuous Controls & Risk MonitoringSetupsAccess Master Data Audit TestsTransactions
User Authored ControlsData Connectors Fraud & Error PatternsRo
le B
ase
d A
cce
ss S
ecu
rity
We
b S
erv
ice
s &
AP
Is
Pre-Built Controls
Pre-Built Business Objects
Investment Areas
Pre-Built Integrations
Platform Features
Extensibility
Questions?
63
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle GRC Advanced Controls - Sessions Left Today
IDWestin
3rd & MarketSpeakers
Do You Really Know What Your Users Can Do—or Maybe Have Done?
8200
Wed, 2:45Franciscan I
text text text
64
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle GRC Advanced Controls - Sessions Tomorrow
IDWestin
3rd & MarketSpeakers
Achieve a Quicker and Compliant Financial Close with Oracle Governance, Risk, Compliance
8208
Thu, 10:15Olympic
text text text
Controlling for Multiple ERP Systems with Oracle Advanced Controls
8154
Thu, 12:45Olympic
text text
How Your Vendor Master File is Critical to Governance, Risk Management and Compliance
8213
Thu, 2:45Olympic
----
65
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle GRC Advanced Controls - MTE and Demo Grounds
IDDay, TimeLocation
Host
Meet the Governance, Risk, and Compliance Experts
MTE848
7
Wed, 5:00Westin at 3rd & Market St
Metropolitan III
Demo Station: Oracle Fusion Governance, Risk, and Compliance Advanced Controls
4250
Mon 9:45 – 6:00Tue 9:45 – 6:00Wed 9:30 – 3:45
Moscone West Station WCL-003
66
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
DEMOgrounds: Moscone West Station ID WCL-003
67
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
@OracleAdvCntrls
Oracle GRC Advanced Controls
Join Our Linkedin Group
Follow us on Twitter
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 69