A day in the life of an Oracle Applications Consultant

Oracle Applications Auditing and Security Best Practices

This post points you to a site that has some really good presentations and white papers related to auditing and securing Oracle E-Business Suite and provides some related links.

Having been an Auditor/Accountant in a former life, I always try to make certain that when implementing an ERP system I take into account security issues and also ensure that the system can be audited by both internal and external parties. Oracle has many built in auditing and security features, but in my experience, people do not make appropriate use of them because they are not aware they exist or they do not have the time or budget to implement them. Personally, I believe awareness of the capabilities of Oracle E-Business Suite is the starting point towards ensuring system security and auditability. Hence, it’s always nice to come across some information which can give you new ideas as to what approach you should take when implementing such a system.

A really good site that I have come across which has some superb white papers and related information on Oracle Applications auditing and security is Integrigy. According to their site: -

Integrigy Corporation is a leader in application security for large enterprise, mission critical applications. Our application vulnerability assessment tool, AppSentry, assists companies in securing their largest and most important applications. Integrigy Consulting offers security assessment services for leading ERP and CRM applications.

Key Oracle Applications papers and presentations on auditing and security that you can download are as follows: -

The resources section of the site is also quite good since it not only includes white papers but also security alerts, advisories and notes, analysis and tools and scripts . There is also a quarterly newsletter published which keeps you up to date with Security Issues around Oracle Applications.

Other Resources

  • Best Practices for Securing Oracle E-Business Suite – Metalink Note ID 189367.1
  • Best Practices For Securing Oracle E-Business Suite 11i For Internet Access – Metalink Note ID 229335.1
  • 11i: A Guide to Understanding and Implementing SSL for Oracle Applications – Metalink Note ID 123718.1
  • Oracle Applications 11i System Administrator’s Guide
  • Oracle Security Alerts
Posted by Richard Byrom on 09/10 at 12:28 AM
  1. I’m looking for information on how to Audit payables or the GL modules in Oracle 11i. The Integrigy pdf does help, but from a different perspective. Please help!

    Posted by .(JavaScript must be enabled to view this email address)  on  10/12  at  10:52 PM
  2. What type of audit are you hoping to perform?

    Posted by Richard Byrom  on  10/14  at  04:53 PM
  3. I have to create a complete work program for our corporate IT audit. I’m looking for previous documentation to help me out. Test procedures, control objectives for GL, Payables etc.

    Posted by .(JavaScript must be enabled to view this email address)  on  11/02  at  03:47 AM

Add Comment Information Here

Please note that comments will only be accepted from valid members of this site who provide feedback that is beneficial to readers of the blog. ALL comments (even those from members) will be subject to moderation.


Notify me of follow-up comments?

Submit the word you see below: