SlideShare a Scribd company logo

Alliance session 4373 risk management from on premise to the cloud – a focus on controls

Smart ERP Solutions, Inc.
Smart ERP Solutions, Inc.

The document discusses risk management strategies for moving from on-premise to cloud environments. It summarizes technologies like a Risk Management Cloud service that can streamline internal control assessments and automate tasks for external certifications. It also discusses on-premise options like a Smart Segregation of Duties tool embedded within PeopleSoft that can perform proactive and detective segregation of duties scanning with interactive reports and dashboards. The presentation aims to help organizations manage controls and risks within their ERP systems more effectively.

Software
1 of 30
Download to read offline
RISK MANAGEMENT FROM ON PREMISE TO THE CLOUD – A FOCUS ON CONTROLS 03/01/2017
PRESENTERS Lewis Hopkins Snr Applications Consultant Smart ERP Solutions Lewis.Hopkins@smarterp.com Security and Risk Management since 2003. Board member – OAUG GRC Customer Group.
AGENDA • About Smart ERP Solutions, Inc. • Review of Risks • Technologies • Q&A
ABOUT SMART ERP SOLUTIONS, INC Innovative solutions and services to automate, streamline and simplify ERP applications. Achieve Best-In-Class Performance Our mission is to provide innovative, configurable, flexible, cost-effective solutions to common business challenges, enabling our clients to save time, increase productivity, minimize costs, and maximize their return on investment. Solutions Business applications that offer organizations an end- to-end solution providing the right design and implementation from start to finish. Services A 24/7 seasoned and experienced staff of experts to help you implement your business solutions efficiently and effectively at a cost- effective rate. Cloud Cloud applications provide solutions built on proven enterprise class architecture that enable high configurability and ease of monitoring.
SMARTERP & ORACLE Embracing Partnerships with Oracle / PeopleSoft and Our Clients
CURRENT RISKS Finance Student Finance HR
US Fraud averages $150,000, 22% exceed $1m The average time to finding Fraudulent activity is 18 months 41% of Fraud committed Internally – KPMG Securing the ERP 2016 See: http://www.fraudweek.com/uploadedFiles/Fraudweek/content/documents/cost-of- complacency.pdf SECURITY AND FRAUD
THE IMPACT OF TIME $75k loss at <7 months $150k at 19 months $965k at 61 months + 0 200000 400000 600000 800000 1000000 1200000 7 19 61 Loss in $ Time: 7 to 61 months Loss over Time
PROACTIVE VS REACTIVE MEASURES “PROACTIVE MEASURES catch fraud sooner and minimize losses. Frauds that are caught by reactive measures last longer and cause more harm.” Surveillance / Monitoring, IT Controls: $59k Tip or Confession: $184k Notification by Law Enforcement: $1.25m
GRAMM-LEACH-BLILEY ACT & THE DEPARTMENT FOR HIGHER EDUCATION GLBA requires institutions to ensure, among other things: • Develop, implement, and maintain a written information security program. • Designate the employee(s) responsible for coordinating the program. • Identify and assess risks to student information. • Design and implement an information safeguards program. • Select appropriate service providers that are capable of maintaining appropriate safeguards. • Periodically evaluate and update the security program. ED plans to incorporate the GLBA security controls into the Annual Audit Guide and will look at GLBA compliance as part of institutions' annual student aid compliance audits.
NIST 800-17, OMB UNIFORM GUIDANCE AND MORE… Designed to build a SOX like framework for non Federal Organizations sharing Federal Data. Controls include: • Access Controls • Security Assessment • Risk Assessment http://www.nacubo.org/Business_and_Policy_Areas/Student_Financial_S ervices/Student_Financial_Services_News/ED_Reminds_Schools_about_Pr otecting_Student_Information.html https://library.educause.edu/~/media/files/library/2016/4/nist800.pd f
MANAGING CONTROLS AND RISKS IN ERP 1 No Segregation of Duties out of the box 2 Difficult to answer who has access to what 3 Reports in ERP technically orientated 4 No way to document Risks and Controls ‘inside ERP’
Today we use spreadsheets, but with spreadsheets….  No workflow  No audit trail  Difficult to create attachments  Purely acts a data store, cannot take actions within spreadsheets  No segregation of duties or data  Too much effort to manage users and get them to carry out their tasks  If someone did something they were not supposed to do, we have to manually track and fix it  Difficult to track progress of actions  Too much effort to provide executive snapshot Financial Controller Vision Corp MANAGING CONTROLS AND RISKS OUTSIDE OF ERP
TECHNOLOGIES Cloud
FINANCIAL RISK CLOUD Risk Management Cloud service that:  Streamlines internal control assessments  Automates labor-intensive tasks required to complete external certifications for SOX/NIST or similar legislation
BENEFITS • Replace Spreadsheets • Does not depend on the ERP Platform, no integration • Detail Risks and their impact • Provide workflow approval for process owners
• Sample Risks: • “Potential fraud may occur in payroll due to inappropriate access and transactions” • “Changes to master data information that is not authorized or incorrectly entered which causes errors to sales, credit, or payment related transactions.”
• Sample Controls: • “Ensure SoD within payroll functions” • “Review changes to master data information, including change owner”
Assessments distribute tasks to process owners along with the Test Plan. Instructions included:
Issues are raised Status of Issue recorded
Risk Reports help identify Controls that have issues or failures to help assess the Organization’s overall Risk Management position.
TECHNOLOGIES On Premises
SMART SEGREGATION OF DUTIES Embedded within PeopleSoft •Detective and Proactive SoD scanning •Interactive Reports and Dashboards •Mitigations/Exceptions •Rules stored in PeopleSoft •Read Only
ABILITIES •Abilities contain the Security required to perform a task or duty
RULES Ability 1 – Create Vendor Component 1 OR Component 2 OR Component 3 OR Component 4 OR Ability 2 – Approve Vendor Component 1 OR Component 2 OR Component 3 OR Component 4 OR AND Rule: Create Vendor & Approve vendor
STRUCTURED REPORTING
STRUCTURED REPORTING Ability 1 – Create Vendor Component 1 OR Component 2 OR Component 3 OR Component 4 OR A: “Should we have 200 Users who can Create a Vendor?” B: “There should only be 5 people who can do this!”
SUMMARY Risk Management Cloud
PRESENTERS Lewis Hopkins Snr Applications Consultant Smart ERP Solutions Lewis.Hopkins@smarterp.com Security and Risk Management since 2003. Board member – OAUG GRC Customer Group
THANK YOU!

Recommended

3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
Smart ERP Solutions, Inc.
 
AMB120: How Mature Are You? ITAM Attainment Model
AMB120: How Mature Are You? ITAM Attainment ModelAMB120: How Mature Are You? ITAM Attainment Model
AMB120: How Mature Are You? ITAM Attainment Model
Ivanti
 
AMB300: Lessons Learned from ITAM Customers
AMB300: Lessons Learned from ITAM CustomersAMB300: Lessons Learned from ITAM Customers
AMB300: Lessons Learned from ITAM Customers
Ivanti
 
Building a Project Management Information System for the State of Hawai'i
Building a Project Management Information System for the State of Hawai'iBuilding a Project Management Information System for the State of Hawai'i
Building a Project Management Information System for the State of Hawai'i
Innovative-e
 
Pure Safety Services Overview
Pure Safety Services OverviewPure Safety Services Overview
Pure Safety Services Overview
JessicaPenix
 
CML Group GRCaaS Dashboard
CML Group GRCaaS Dashboard CML Group GRCaaS Dashboard
CML Group GRCaaS Dashboard Jim Robins
 
ClockworkISMS
ClockworkISMSClockworkISMS
ClockworkISMS
Delaney
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)Cyril Soeri
 

Recommended

3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
Smart ERP Solutions, Inc.
 
AMB120: How Mature Are You? ITAM Attainment Model
AMB120: How Mature Are You? ITAM Attainment ModelAMB120: How Mature Are You? ITAM Attainment Model
AMB120: How Mature Are You? ITAM Attainment Model
Ivanti
 
AMB300: Lessons Learned from ITAM Customers
AMB300: Lessons Learned from ITAM CustomersAMB300: Lessons Learned from ITAM Customers
AMB300: Lessons Learned from ITAM Customers
Ivanti
 
Building a Project Management Information System for the State of Hawai'i
Building a Project Management Information System for the State of Hawai'iBuilding a Project Management Information System for the State of Hawai'i
Building a Project Management Information System for the State of Hawai'i
Innovative-e
 
Pure Safety Services Overview
Pure Safety Services OverviewPure Safety Services Overview
Pure Safety Services Overview
JessicaPenix
 
CML Group GRCaaS Dashboard
CML Group GRCaaS Dashboard CML Group GRCaaS Dashboard
CML Group GRCaaS Dashboard Jim Robins
 
ClockworkISMS
ClockworkISMSClockworkISMS
ClockworkISMS
Delaney
 
CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)CISA Domain 1 - IS Auditing (day 1)
CISA Domain 1 - IS Auditing (day 1)Cyril Soeri
 
Shruti ppt
Shruti pptShruti ppt
Shruti ppt
SHRUTI SAGAR
 
AMB400: How to Build a Successful IT Asset Management Program
AMB400: How to Build a Successful IT Asset Management ProgramAMB400: How to Build a Successful IT Asset Management Program
AMB400: How to Build a Successful IT Asset Management Program
Ivanti
 
Vidya dharan presentation
Vidya dharan presentationVidya dharan presentation
Vidya dharan presentation
smartcraze
 
Compliance Management Software | Corporate Compliance
Compliance Management Software | Corporate ComplianceCompliance Management Software | Corporate Compliance
Compliance Management Software | Corporate Compliance
Corporater
 
Software Success Ladder
Software Success LadderSoftware Success Ladder
Software Success Ladder
Seerene
 
FundFlow V3.6 Overview (Printable) 08-18-03
FundFlow V3.6 Overview (Printable) 08-18-03FundFlow V3.6 Overview (Printable) 08-18-03
FundFlow V3.6 Overview (Printable) 08-18-03Mark S. Mahre
 
L Holution Srochure Bperation Oerf Penter V1
L Holution Srochure Bperation Oerf Penter V1L Holution Srochure Bperation Oerf Penter V1
L Holution Srochure Bperation Oerf Penter V1James McDermott
 
Safety Book
Safety BookSafety Book
Safety BookSupriyo Sarkar
 
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and ImplementationCISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
InfosecTrain
 
Ryan_Langille
Ryan_LangilleRyan_Langille
Ryan_LangilleRyan Langille
 
Aca Accelerate Reducing Software Costs By Up to $500/Desktop
Aca Accelerate Reducing Software Costs By Up to $500/DesktopAca Accelerate Reducing Software Costs By Up to $500/Desktop
Aca Accelerate Reducing Software Costs By Up to $500/Desktop
Chris Hamilton
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
kevin_donovan
 
Modelling Security Architecture
Modelling Security ArchitectureModelling Security Architecture
Modelling Security Architecture
narenvivek
 
ERP Unit iii
ERP Unit iii ERP Unit iii
ERP Unit iii
Arasuraja Ganesan
 
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
browzcompliance
 
ClearCost Introduction 2015
ClearCost Introduction 2015ClearCost Introduction 2015
ClearCost Introduction 2015
Mark S. Mahre
 
ICAB - ITK Chapter 3 class 6-7 - Management of IT
ICAB - ITK Chapter 3 class 6-7 - Management of ITICAB - ITK Chapter 3 class 6-7 - Management of IT
ICAB - ITK Chapter 3 class 6-7 - Management of IT
Mohammad Abdul Matin Emon
 
4-SYTE Asset Management Overview
4-SYTE Asset Management Overview4-SYTE Asset Management Overview
4-SYTE Asset Management Overview
Pamela Hamblin
 
RBI Embedded within Maximo
RBI Embedded within MaximoRBI Embedded within Maximo
RBI Embedded within Maximo
Lloyd's Register Energy
 
Una llamada al amor tony de mello
Una llamada al amor tony de melloUna llamada al amor tony de mello
Una llamada al amor tony de mello
Jesus Hernando Baena A
 
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrowAlliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Smart ERP Solutions, Inc.
 
Presentación de la Oportunidad 2017
Presentación de la Oportunidad 2017Presentación de la Oportunidad 2017
Presentación de la Oportunidad 2017
Rogelio Rodriguez
 

More Related Content

What's hot

Shruti ppt
Shruti pptShruti ppt
Shruti ppt
SHRUTI SAGAR
 
AMB400: How to Build a Successful IT Asset Management Program
AMB400: How to Build a Successful IT Asset Management ProgramAMB400: How to Build a Successful IT Asset Management Program
AMB400: How to Build a Successful IT Asset Management Program
Ivanti
 
Vidya dharan presentation
Vidya dharan presentationVidya dharan presentation
Vidya dharan presentation
smartcraze
 
Compliance Management Software | Corporate Compliance
Compliance Management Software | Corporate ComplianceCompliance Management Software | Corporate Compliance
Compliance Management Software | Corporate Compliance
Corporater
 
Software Success Ladder
Software Success LadderSoftware Success Ladder
Software Success Ladder
Seerene
 
FundFlow V3.6 Overview (Printable) 08-18-03
FundFlow V3.6 Overview (Printable) 08-18-03FundFlow V3.6 Overview (Printable) 08-18-03
FundFlow V3.6 Overview (Printable) 08-18-03Mark S. Mahre
 
L Holution Srochure Bperation Oerf Penter V1
L Holution Srochure Bperation Oerf Penter V1L Holution Srochure Bperation Oerf Penter V1
L Holution Srochure Bperation Oerf Penter V1James McDermott
 
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and ImplementationCISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
InfosecTrain
 
Aca Accelerate Reducing Software Costs By Up to $500/Desktop
Aca Accelerate Reducing Software Costs By Up to $500/DesktopAca Accelerate Reducing Software Costs By Up to $500/Desktop
Aca Accelerate Reducing Software Costs By Up to $500/Desktop
Chris Hamilton
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
kevin_donovan
 
Modelling Security Architecture
Modelling Security ArchitectureModelling Security Architecture
Modelling Security Architecture
narenvivek
 
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
browzcompliance
 
ClearCost Introduction 2015
ClearCost Introduction 2015ClearCost Introduction 2015
ClearCost Introduction 2015
Mark S. Mahre
 
ICAB - ITK Chapter 3 class 6-7 - Management of IT
ICAB - ITK Chapter 3 class 6-7 - Management of ITICAB - ITK Chapter 3 class 6-7 - Management of IT
ICAB - ITK Chapter 3 class 6-7 - Management of IT
Mohammad Abdul Matin Emon
 
4-SYTE Asset Management Overview
4-SYTE Asset Management Overview4-SYTE Asset Management Overview
4-SYTE Asset Management Overview
Pamela Hamblin
 
RBI Embedded within Maximo
RBI Embedded within MaximoRBI Embedded within Maximo
RBI Embedded within Maximo
Lloyd's Register Energy
 

What's hot (19)

Shruti ppt
Shruti pptShruti ppt
Shruti ppt
 
AMB400: How to Build a Successful IT Asset Management Program
AMB400: How to Build a Successful IT Asset Management ProgramAMB400: How to Build a Successful IT Asset Management Program
AMB400: How to Build a Successful IT Asset Management Program
 
Vidya dharan presentation
Vidya dharan presentationVidya dharan presentation
Vidya dharan presentation
 
Compliance Management Software | Corporate Compliance
Compliance Management Software | Corporate ComplianceCompliance Management Software | Corporate Compliance
Compliance Management Software | Corporate Compliance
 
Software Success Ladder
Software Success LadderSoftware Success Ladder
Software Success Ladder
 
FundFlow V3.6 Overview (Printable) 08-18-03
FundFlow V3.6 Overview (Printable) 08-18-03FundFlow V3.6 Overview (Printable) 08-18-03
FundFlow V3.6 Overview (Printable) 08-18-03
 
L Holution Srochure Bperation Oerf Penter V1
L Holution Srochure Bperation Oerf Penter V1L Holution Srochure Bperation Oerf Penter V1
L Holution Srochure Bperation Oerf Penter V1
 
Safety Book
Safety BookSafety Book
Safety Book
 
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and ImplementationCISA Domain 3 - Information Systems Acquisition, Development and Implementation
CISA Domain 3 - Information Systems Acquisition, Development and Implementation
 
Ryan_Langille
Ryan_LangilleRyan_Langille
Ryan_Langille
 
Aca Accelerate Reducing Software Costs By Up to $500/Desktop
Aca Accelerate Reducing Software Costs By Up to $500/DesktopAca Accelerate Reducing Software Costs By Up to $500/Desktop
Aca Accelerate Reducing Software Costs By Up to $500/Desktop
 
Noc and soc deck
Noc and soc deckNoc and soc deck
Noc and soc deck
 
Modelling Security Architecture
Modelling Security ArchitectureModelling Security Architecture
Modelling Security Architecture
 
ERP Unit iii
ERP Unit iii ERP Unit iii
ERP Unit iii
 
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
Pay Now or Pay Later: The Case for Investing in Contractor Qualification & Ma...
 
ClearCost Introduction 2015
ClearCost Introduction 2015ClearCost Introduction 2015
ClearCost Introduction 2015
 
ICAB - ITK Chapter 3 class 6-7 - Management of IT
ICAB - ITK Chapter 3 class 6-7 - Management of ITICAB - ITK Chapter 3 class 6-7 - Management of IT
ICAB - ITK Chapter 3 class 6-7 - Management of IT
 
4-SYTE Asset Management Overview
4-SYTE Asset Management Overview4-SYTE Asset Management Overview
4-SYTE Asset Management Overview
 
RBI Embedded within Maximo
RBI Embedded within MaximoRBI Embedded within Maximo
RBI Embedded within Maximo
 

Viewers also liked

Una llamada al amor tony de mello
Una llamada al amor tony de melloUna llamada al amor tony de mello
Una llamada al amor tony de mello
Jesus Hernando Baena A
 
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrowAlliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Smart ERP Solutions, Inc.
 
Presentación de la Oportunidad 2017
Presentación de la Oportunidad 2017Presentación de la Oportunidad 2017
Presentación de la Oportunidad 2017
Rogelio Rodriguez
 
Freddie krueger
Freddie kruegerFreddie krueger
Freddie krueger
Chouse411
 
Cut AWS Costs: Using Spot Instances for More Than Batch
Cut AWS Costs: Using Spot Instances for More Than BatchCut AWS Costs: Using Spot Instances for More Than Batch
Cut AWS Costs: Using Spot Instances for More Than Batch
RightScale
 
Alliance 2017 3891-University of California | Office of The President People...
Alliance 2017 3891-University of California | Office of The President People...Alliance 2017 3891-University of California | Office of The President People...
Alliance 2017 3891-University of California | Office of The President People...
Smart ERP Solutions, Inc.
 
Alliance 2017 session 4427 employment eligibility verification trends new for...
Alliance 2017 session 4427 employment eligibility verification trends new for...Alliance 2017 session 4427 employment eligibility verification trends new for...
Alliance 2017 session 4427 employment eligibility verification trends new for...
Smart ERP Solutions, Inc.
 
Ppsp icassp17v10
Ppsp icassp17v10Ppsp icassp17v10
Ppsp icassp17v10
Gérard Chollet
 
Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...
Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...
Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...
francoarpa
 
4 Swoon-Worthy Romances From Classic Dan Schneider Shows
4 Swoon-Worthy Romances From Classic Dan Schneider Shows4 Swoon-Worthy Romances From Classic Dan Schneider Shows
4 Swoon-Worthy Romances From Classic Dan Schneider Shows
Dan Schneider
 
Deber 4b
Deber 4bDeber 4b
Deber 4b
Alberto Pazmiño
 
Otto marzo
Otto marzoOtto marzo
Otto marzo
angela iaia
 
GMCR Gets Greener with Paperless PeopleSoft Employee Onboarding
GMCR Gets Greener with Paperless PeopleSoft Employee OnboardingGMCR Gets Greener with Paperless PeopleSoft Employee Onboarding
GMCR Gets Greener with Paperless PeopleSoft Employee Onboarding
Smart ERP Solutions, Inc.
 
Tom Canavan Joomla Security and Disaster Recovery
Tom Canavan Joomla Security and Disaster RecoveryTom Canavan Joomla Security and Disaster Recovery
Tom Canavan Joomla Security and Disaster Recovery
John Coonen
 
Security&amp;disaster plan
Security&amp;disaster planSecurity&amp;disaster plan
Security&amp;disaster plan
sabaArshed
 
#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session
Dane Roberts
 
EMR Implementation Considerations Slides
EMR Implementation Considerations SlidesEMR Implementation Considerations Slides
EMR Implementation Considerations Slides
Saide OER Africa
 
PM Humor - At Some Point You’re Going To Have To Break Down ...
PM Humor - At Some Point You’re Going To Have To Break Down ...PM Humor - At Some Point You’re Going To Have To Break Down ...
PM Humor - At Some Point You’re Going To Have To Break Down ...
OSP International LLC
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)
Brian K. Dickard
 
Patterns For Effective Use Cases
Patterns For Effective Use CasesPatterns For Effective Use Cases
Patterns For Effective Use Cases
Mayflower GmbH
 

Viewers also liked (20)

Una llamada al amor tony de mello
Una llamada al amor tony de melloUna llamada al amor tony de mello
Una llamada al amor tony de mello
 
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrowAlliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
Alliance 2017 session 4405 PeopleSoft forecast cloudy skies today and tomorrow
 
Presentación de la Oportunidad 2017
Presentación de la Oportunidad 2017Presentación de la Oportunidad 2017
Presentación de la Oportunidad 2017
 
Freddie krueger
Freddie kruegerFreddie krueger
Freddie krueger
 
Cut AWS Costs: Using Spot Instances for More Than Batch
Cut AWS Costs: Using Spot Instances for More Than BatchCut AWS Costs: Using Spot Instances for More Than Batch
Cut AWS Costs: Using Spot Instances for More Than Batch
 
Alliance 2017 3891-University of California | Office of The President People...
Alliance 2017 3891-University of California | Office of The President People...Alliance 2017 3891-University of California | Office of The President People...
Alliance 2017 3891-University of California | Office of The President People...
 
Alliance 2017 session 4427 employment eligibility verification trends new for...
Alliance 2017 session 4427 employment eligibility verification trends new for...Alliance 2017 session 4427 employment eligibility verification trends new for...
Alliance 2017 session 4427 employment eligibility verification trends new for...
 
Ppsp icassp17v10
Ppsp icassp17v10Ppsp icassp17v10
Ppsp icassp17v10
 
Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...
Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...
Tesi laurea di Vincenza Sternativo [amministrazione e potere locale ad Oria (...
 
4 Swoon-Worthy Romances From Classic Dan Schneider Shows
4 Swoon-Worthy Romances From Classic Dan Schneider Shows4 Swoon-Worthy Romances From Classic Dan Schneider Shows
4 Swoon-Worthy Romances From Classic Dan Schneider Shows
 
Deber 4b
Deber 4bDeber 4b
Deber 4b
 
Otto marzo
Otto marzoOtto marzo
Otto marzo
 
GMCR Gets Greener with Paperless PeopleSoft Employee Onboarding
GMCR Gets Greener with Paperless PeopleSoft Employee OnboardingGMCR Gets Greener with Paperless PeopleSoft Employee Onboarding
GMCR Gets Greener with Paperless PeopleSoft Employee Onboarding
 
Tom Canavan Joomla Security and Disaster Recovery
Tom Canavan Joomla Security and Disaster RecoveryTom Canavan Joomla Security and Disaster Recovery
Tom Canavan Joomla Security and Disaster Recovery
 
Security&amp;disaster plan
Security&amp;disaster planSecurity&amp;disaster plan
Security&amp;disaster plan
 
#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session
 
EMR Implementation Considerations Slides
EMR Implementation Considerations SlidesEMR Implementation Considerations Slides
EMR Implementation Considerations Slides
 
PM Humor - At Some Point You’re Going To Have To Break Down ...
PM Humor - At Some Point You’re Going To Have To Break Down ...PM Humor - At Some Point You’re Going To Have To Break Down ...
PM Humor - At Some Point You’re Going To Have To Break Down ...
 
Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)Cloud Computing Risk Management (IIA Webinar)
Cloud Computing Risk Management (IIA Webinar)
 
Patterns For Effective Use Cases
Patterns For Effective Use CasesPatterns For Effective Use Cases
Patterns For Effective Use Cases
 

Similar to Alliance session 4373 risk management from on premise to the cloud – a focus on controls

ISV Net iq
ISV Net iqISV Net iq
ISV Net iq
Atlas Systems
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls Monitoring
Emma Kelly
 
Welingkar First Year Project- ProjectWeLike
Welingkar First Year Project- ProjectWeLikeWelingkar First Year Project- ProjectWeLike
Welingkar First Year Project- ProjectWeLike
PrinceTrivedi4
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsOracle
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
Oracle
 
Enterprise Risk Management Solutions
Enterprise Risk Management SolutionsEnterprise Risk Management Solutions
Enterprise Risk Management Solutions
LexComply
 
VLS_Capability_Presentation
VLS_Capability_PresentationVLS_Capability_Presentation
VLS_Capability_PresentationBill Nelson
 
Foursite brochure
Foursite brochureFoursite brochure
Foursite brochure
Matt Cayton
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
OnePlan Solutions
 
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus SolutionsAutomating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Smart ERP Solutions, Inc.
 
Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2
Smart ERP Solutions, Inc.
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
FixNix Inc.,
 
Oracle Instantis: EnterpriseTrack
Oracle Instantis: EnterpriseTrackOracle Instantis: EnterpriseTrack
Oracle Instantis: EnterpriseTrack
Cisco
 
Srinivas pendam resume-nyc
Srinivas pendam resume-nycSrinivas pendam resume-nyc
Srinivas pendam resume-nycspendam
 
Moving Up the PVC Maturity Curve in Industrial Manufacturing
Moving Up the PVC Maturity Curve in Industrial ManufacturingMoving Up the PVC Maturity Curve in Industrial Manufacturing
Moving Up the PVC Maturity Curve in Industrial ManufacturingZero Wait-State
 
Cloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloud
Cloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloudCloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloud
Cloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloud
Poornima N
 

Similar to Alliance session 4373 risk management from on premise to the cloud – a focus on controls (20)

ISV Net iq
ISV Net iqISV Net iq
ISV Net iq
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls Monitoring
 
Saurabh Chawla
Saurabh ChawlaSaurabh Chawla
Saurabh Chawla
 
Welingkar First Year Project- ProjectWeLike
Welingkar First Year Project- ProjectWeLikeWelingkar First Year Project- ProjectWeLike
Welingkar First Year Project- ProjectWeLike
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
 
Enterprise Risk Management Solutions
Enterprise Risk Management SolutionsEnterprise Risk Management Solutions
Enterprise Risk Management Solutions
 
VLS_Capability_Presentation
VLS_Capability_PresentationVLS_Capability_Presentation
VLS_Capability_Presentation
 
Foursite brochure
Foursite brochureFoursite brochure
Foursite brochure
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus SolutionsAutomating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
 
Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
 
Goutam_Resume
Goutam_ResumeGoutam_Resume
Goutam_Resume
 
Oracle Instantis: EnterpriseTrack
Oracle Instantis: EnterpriseTrackOracle Instantis: EnterpriseTrack
Oracle Instantis: EnterpriseTrack
 
Resume
Resume Resume
Resume
 
Srinivas pendam resume-nyc
Srinivas pendam resume-nycSrinivas pendam resume-nyc
Srinivas pendam resume-nyc
 
Anita_Resume_2014_09
Anita_Resume_2014_09Anita_Resume_2014_09
Anita_Resume_2014_09
 
Moving Up the PVC Maturity Curve in Industrial Manufacturing
Moving Up the PVC Maturity Curve in Industrial ManufacturingMoving Up the PVC Maturity Curve in Industrial Manufacturing
Moving Up the PVC Maturity Curve in Industrial Manufacturing
 
Cloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloud
Cloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloudCloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloud
Cloudbyz PPM - Integrated Enterprise PPM, ALM and APM on force.com cloud
 

More from Smart ERP Solutions, Inc.

Transforming Financial Insights with Oracle EPM
Transforming Financial Insights with Oracle EPMTransforming Financial Insights with Oracle EPM
Transforming Financial Insights with Oracle EPM
Smart ERP Solutions, Inc.
 
Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation
Smart ERP Solutions, Inc.
 
SmartERP PeopleSoft Security
SmartERP PeopleSoft Security SmartERP PeopleSoft Security
SmartERP PeopleSoft Security
Smart ERP Solutions, Inc.
 
SmartERP Oracle Capabilities 2023.pptx
SmartERP Oracle Capabilities 2023.pptxSmartERP Oracle Capabilities 2023.pptx
SmartERP Oracle Capabilities 2023.pptx
Smart ERP Solutions, Inc.
 
Best Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle ApplicationsBest Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle Applications
Smart ERP Solutions, Inc.
 
Manufactures whats keeping you up
Manufactures whats keeping you upManufactures whats keeping you up
Manufactures whats keeping you up
Smart ERP Solutions, Inc.
 
The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)
Smart ERP Solutions, Inc.
 
Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart erp solutions oracle cloud services overview - 2021 - 2022Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart ERP Solutions, Inc.
 
PeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
PeopleSoft Webinar - Configure vs. Customize Page and Field ConfiguratorPeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
PeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
Smart ERP Solutions, Inc.
 
Alert framework2021
Alert framework2021Alert framework2021
Alert framework2021
Smart ERP Solutions, Inc.
 
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHSNo One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
Smart ERP Solutions, Inc.
 
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
Smart ERP Solutions, Inc.
 
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Smart ERP Solutions, Inc.
 
Configure Versus Customize: Using PeopleSoft Page and Field Configurator
Configure Versus Customize: Using PeopleSoft Page and Field ConfiguratorConfigure Versus Customize: Using PeopleSoft Page and Field Configurator
Configure Versus Customize: Using PeopleSoft Page and Field Configurator
Smart ERP Solutions, Inc.
 
Managed Services - Small, Medium, or Large - what's the best fit for your org...
Managed Services - Small, Medium, or Large - what's the best fit for your org...Managed Services - Small, Medium, or Large - what's the best fit for your org...
Managed Services - Small, Medium, or Large - what's the best fit for your org...
Smart ERP Solutions, Inc.
 
Convert manual paper-based business processes into automated paperless
Convert manual paper-based business processes into automated paperlessConvert manual paper-based business processes into automated paperless
Convert manual paper-based business processes into automated paperless
Smart ERP Solutions, Inc.
 
Alert Framework - Alert your organization to errors, changes, and stalled tra...
Alert Framework - Alert your organization to errors, changes, and stalled tra...Alert Framework - Alert your organization to errors, changes, and stalled tra...
Alert Framework - Alert your organization to errors, changes, and stalled tra...
Smart ERP Solutions, Inc.
 
The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021
Smart ERP Solutions, Inc.
 
Segregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinarSegregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinar
Smart ERP Solutions, Inc.
 
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Smart ERP Solutions, Inc.
 

More from Smart ERP Solutions, Inc. (20)

Transforming Financial Insights with Oracle EPM
Transforming Financial Insights with Oracle EPMTransforming Financial Insights with Oracle EPM
Transforming Financial Insights with Oracle EPM
 
Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation
 
SmartERP PeopleSoft Security
SmartERP PeopleSoft Security SmartERP PeopleSoft Security
SmartERP PeopleSoft Security
 
SmartERP Oracle Capabilities 2023.pptx
SmartERP Oracle Capabilities 2023.pptxSmartERP Oracle Capabilities 2023.pptx
SmartERP Oracle Capabilities 2023.pptx
 
Best Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle ApplicationsBest Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle Applications
 
Manufactures whats keeping you up
Manufactures whats keeping you upManufactures whats keeping you up
Manufactures whats keeping you up
 
The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)
 
Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart erp solutions oracle cloud services overview - 2021 - 2022Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart erp solutions oracle cloud services overview - 2021 - 2022
 
PeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
PeopleSoft Webinar - Configure vs. Customize Page and Field ConfiguratorPeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
PeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
 
Alert framework2021
Alert framework2021Alert framework2021
Alert framework2021
 
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHSNo One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
 
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
 
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
 
Configure Versus Customize: Using PeopleSoft Page and Field Configurator
Configure Versus Customize: Using PeopleSoft Page and Field ConfiguratorConfigure Versus Customize: Using PeopleSoft Page and Field Configurator
Configure Versus Customize: Using PeopleSoft Page and Field Configurator
 
Managed Services - Small, Medium, or Large - what's the best fit for your org...
Managed Services - Small, Medium, or Large - what's the best fit for your org...Managed Services - Small, Medium, or Large - what's the best fit for your org...
Managed Services - Small, Medium, or Large - what's the best fit for your org...
 
Convert manual paper-based business processes into automated paperless
Convert manual paper-based business processes into automated paperlessConvert manual paper-based business processes into automated paperless
Convert manual paper-based business processes into automated paperless
 
Alert Framework - Alert your organization to errors, changes, and stalled tra...
Alert Framework - Alert your organization to errors, changes, and stalled tra...Alert Framework - Alert your organization to errors, changes, and stalled tra...
Alert Framework - Alert your organization to errors, changes, and stalled tra...
 
The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021
 
Segregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinarSegregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinar
 
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
 

Recently uploaded

A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
Globus
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Advanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should KnowAdvanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should Know
Peter Caitens
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
informapgpstrackings
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
vrstrong314
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Globus
 
Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
KrzysztofKkol1
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
Ortus Solutions, Corp
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Shahin Sheidaei
 

Recently uploaded (20)

A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Advanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should KnowAdvanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should Know
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...
 
Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
 

Alliance session 4373 risk management from on premise to the cloud – a focus on controls

  • 1. RISK MANAGEMENT FROM ON PREMISE TO THE CLOUD – A FOCUS ON CONTROLS 03/01/2017
  • 2. PRESENTERS Lewis Hopkins Snr Applications Consultant Smart ERP Solutions Lewis.Hopkins@smarterp.com Security and Risk Management since 2003. Board member – OAUG GRC Customer Group.
  • 3. AGENDA • About Smart ERP Solutions, Inc. • Review of Risks • Technologies • Q&A
  • 4. ABOUT SMART ERP SOLUTIONS, INC Innovative solutions and services to automate, streamline and simplify ERP applications. Achieve Best-In-Class Performance Our mission is to provide innovative, configurable, flexible, cost-effective solutions to common business challenges, enabling our clients to save time, increase productivity, minimize costs, and maximize their return on investment. Solutions Business applications that offer organizations an end- to-end solution providing the right design and implementation from start to finish. Services A 24/7 seasoned and experienced staff of experts to help you implement your business solutions efficiently and effectively at a cost- effective rate. Cloud Cloud applications provide solutions built on proven enterprise class architecture that enable high configurability and ease of monitoring.
  • 5. SMARTERP & ORACLE Embracing Partnerships with Oracle / PeopleSoft and Our Clients
  • 7. US Fraud averages $150,000, 22% exceed $1m The average time to finding Fraudulent activity is 18 months 41% of Fraud committed Internally – KPMG Securing the ERP 2016 See: http://www.fraudweek.com/uploadedFiles/Fraudweek/content/documents/cost-of- complacency.pdf SECURITY AND FRAUD
  • 8. THE IMPACT OF TIME $75k loss at <7 months $150k at 19 months $965k at 61 months + 0 200000 400000 600000 800000 1000000 1200000 7 19 61 Loss in $ Time: 7 to 61 months Loss over Time
  • 9. PROACTIVE VS REACTIVE MEASURES “PROACTIVE MEASURES catch fraud sooner and minimize losses. Frauds that are caught by reactive measures last longer and cause more harm.” Surveillance / Monitoring, IT Controls: $59k Tip or Confession: $184k Notification by Law Enforcement: $1.25m
  • 10. GRAMM-LEACH-BLILEY ACT & THE DEPARTMENT FOR HIGHER EDUCATION GLBA requires institutions to ensure, among other things: • Develop, implement, and maintain a written information security program. • Designate the employee(s) responsible for coordinating the program. • Identify and assess risks to student information. • Design and implement an information safeguards program. • Select appropriate service providers that are capable of maintaining appropriate safeguards. • Periodically evaluate and update the security program. ED plans to incorporate the GLBA security controls into the Annual Audit Guide and will look at GLBA compliance as part of institutions' annual student aid compliance audits.
  • 11. NIST 800-17, OMB UNIFORM GUIDANCE AND MORE… Designed to build a SOX like framework for non Federal Organizations sharing Federal Data. Controls include: • Access Controls • Security Assessment • Risk Assessment http://www.nacubo.org/Business_and_Policy_Areas/Student_Financial_S ervices/Student_Financial_Services_News/ED_Reminds_Schools_about_Pr otecting_Student_Information.html https://library.educause.edu/~/media/files/library/2016/4/nist800.pd f
  • 12. MANAGING CONTROLS AND RISKS IN ERP 1 No Segregation of Duties out of the box 2 Difficult to answer who has access to what 3 Reports in ERP technically orientated 4 No way to document Risks and Controls ‘inside ERP’
  • 13. Today we use spreadsheets, but with spreadsheets….  No workflow  No audit trail  Difficult to create attachments  Purely acts a data store, cannot take actions within spreadsheets  No segregation of duties or data  Too much effort to manage users and get them to carry out their tasks  If someone did something they were not supposed to do, we have to manually track and fix it  Difficult to track progress of actions  Too much effort to provide executive snapshot Financial Controller Vision Corp MANAGING CONTROLS AND RISKS OUTSIDE OF ERP
  • 15. FINANCIAL RISK CLOUD Risk Management Cloud service that:  Streamlines internal control assessments  Automates labor-intensive tasks required to complete external certifications for SOX/NIST or similar legislation
  • 16. BENEFITS • Replace Spreadsheets • Does not depend on the ERP Platform, no integration • Detail Risks and their impact • Provide workflow approval for process owners
  • 17. • Sample Risks: • “Potential fraud may occur in payroll due to inappropriate access and transactions” • “Changes to master data information that is not authorized or incorrectly entered which causes errors to sales, credit, or payment related transactions.”
  • 18. • Sample Controls: • “Ensure SoD within payroll functions” • “Review changes to master data information, including change owner”
  • 19. Assessments distribute tasks to process owners along with the Test Plan. Instructions included:
  • 20. Issues are raised Status of Issue recorded
  • 21. Risk Reports help identify Controls that have issues or failures to help assess the Organization’s overall Risk Management position.
  • 23. SMART SEGREGATION OF DUTIES Embedded within PeopleSoft •Detective and Proactive SoD scanning •Interactive Reports and Dashboards •Mitigations/Exceptions •Rules stored in PeopleSoft •Read Only
  • 24. ABILITIES •Abilities contain the Security required to perform a task or duty
  • 25. RULES Ability 1 – Create Vendor Component 1 OR Component 2 OR Component 3 OR Component 4 OR Ability 2 – Approve Vendor Component 1 OR Component 2 OR Component 3 OR Component 4 OR AND Rule: Create Vendor & Approve vendor
  • 27. STRUCTURED REPORTING Ability 1 – Create Vendor Component 1 OR Component 2 OR Component 3 OR Component 4 OR A: “Should we have 200 Users who can Create a Vendor?” B: “There should only be 5 people who can do this!”
  • 29. PRESENTERS Lewis Hopkins Snr Applications Consultant Smart ERP Solutions Lewis.Hopkins@smarterp.com Security and Risk Management since 2003. Board member – OAUG GRC Customer Group