Accounts Receivables Monitoring Templates

Document Sample
Accounts Receivables Monitoring Templates Powered By Docstoc
					The TRUTH About SOX,
Auditors & Oracle
Applimation is the leading provider of
Application Lifecycle Management solutions
Year 1 = Manual Documentation

• Uncertainty
• Methodology (COSO, COBIT, etc.)
• Lots of manual effort
• What about the projects we pushed-back last
  year?
• We have to do this all over again?
  – Quarterly and annual sign-offs (302, 404)



                           2
Interesting Statistics

• 27 companies with Revenue $75M+ disclosed a
  material weakness in January 2005 (compared
  to 7 in January 2004)


• 70% of the disclosures were related to financial
  systems and procedures




                         3
Year 2 = SOX as a Sustainable Solution

• Automate the Process
• Test and monitor controls
• Infrastructure to support both
  (people / software)
• Adapt to your control methodology
   – Not all controls are the same…




                           4
Sarbanes-Oxley Cycles



                           YEAR 2, 3, 4…
      YEAR 1
                          Monitor Changes
     Document
                           & Test Controls
  Processes, Risks
     & Controls
                         Applimation Integra
                         Continuous Monitoring




                     5
All Controls are Not the Same

• Prevent Controls
   – STOP a transaction or change from occurring

• Detect Controls
   – Alert when a sensitive or material transaction or
     change occurs

• Monitoring Controls
   – Capture information for a subsequent review. This
     level of reporting is very effective in providing
     information for auditors performing quarterly tests of
     controls.




                                  6
Controls – Trouble-areas

• General IT Controls              INTEGRA
   – Access (Security) controls      – Access, Forms
   – Change management controls      – Apps, Codebase


• Application Controls
   – Embedded application controls   – Apps, Transaction
   – Embedded operation controls     – Apps, Transaction




                            7
Tough Questions for Oracle Applications

                        • How do you know key controls
                          are operating effectively
                          throughout year?
                        • Can you report on ALL
                          changes to key controls?
                        • How do you search for
                          segregation of duties or
                          evaluate user access?
                        • How do you know controls are
                          same for each business unit?
                        • How do you document key
                          controls within systems?



                    8
Continuous Monitoring
in Oracle Applications
Applimation Integra
Continuous Monitoring in Oracle Applications


         Applimation Integra
            CONTINUOUS                                   KEY CONTROLS &
            MONITORING       PREVENTION                   TRANSACTIONS




       Integra Transaction                              Transactions




                                Integra Forms
         Integra Access                                   Security
                                                     Oracle Applications
                                                        environment
          Integra Apps                                     Setups

       Integra Codebase                                     Code

                                                          DATABASE

                                                      OPERATING SYSTEM



                                                10
Integra Access
Evaluate User Access &
Search for Segregation of Duties Issues
Integra Access

                                             Evaluate User Access
                                             • Search by User
         User                                • Search by Form/Function

                Responsibility



                                 Menu



                                             Function

Search for
Segregation of Duties                                        Form
• Identify incompatible Functions
 & Forms


                                        12
Segregation of Duties




                    13
Best Practices - (SOD) templates
• Financial Reporting and     • Order to Cash
  Maintenance of Accounting          – Order Entry
  Records                            – Accounts Receivables
   – General Ledger                  – Inventory
   – Cash Management
                              • Human Resource Management and
   – Accounts Receivable        Payroll
   – Accounts Payable
                                     – Human Resource Mgt. System
• Procure to Pay Business            – Payroll
  Process
                              • Application Administration (including
   – Purchasing
                                    security and configuration
   – Accounts Payable
                                    management)
   – Inventory
   – Costing                  • System Administration
                              • Application Object Library (AOL)


                               14
Integra Access – SOD Prevention




            Applimation Integra Access


             A Segregation of Duties has been identified.
             Please see your Applimation Integra administrator
             for more information.
                                                      OK




                                         15
Integra Apps
Continuous monitoring within Oracle
Integra Apps & Codebase

                  Integra Apps         Integra Codebase

  Automated       Setups               Forms
  Documentation                        Reports
                                       Code

  Comparisons     Instances            Environments
                  Sets of Books        Oracle Versions
                  Operating Units      Code Versions
                  Versions

  Change          Monitoring           Monitoring
  Tracking        Reporting            Reporting
                  Alerting             Alerting

  Migration       Application Setups   Code Promotion


                               17
Examples of Setups

Setup Data                    Operational Data
• Application Security        • Customers
• Document Approvals          • Suppliers
• Chart of Accounts           • Employees
• Profile Options             • Buyers
• Users                       • Items
• Application Setups          • Chart of Account Values
• MRP rules                   • Category Codes



                         18
Example of System Controls

• 3-way matching of PO, Invoice and Receipt
• Document spending limits (authorization of PO)
• Security rules – access to sensitive transactions
    – Employee salaries
    – Chart of account values
    – Financial statement reports (FSGs)
    – Price lists
    – Inventory attributes
• Action for late delivery of goods
• Inventory stocking rules
• Rules to create tax on sales orders
• Depreciation methods


                                    19
Best Practices - Audit Trail Templates


  SOX implications (audit trail) for over 3000 objects.
    • Affects / supports a control – change tracking
      provides visibility to ensure controls have been
      operating throughout the entire audit period
    • Financial statement impact – could potentially
      impact a financial statement
    • Operational impact – changes to business settings
      could be difficult to identify




                             20
Automated Documentation: Snapshot


                 •        Point-in-time picture

                 •        Run on demand or
                          scheduled




                     21
Snapshot Report




                  22
Comparison Report




                         Differences




                    23
Automated Change Tracking

• Integra Apps - Change Tracking
  – Who?
  – What?
  – When?           Automatically captures
  – Where?           a complete historical
                     audit trail. Details of
                        EVERY change.



                       24
Change Tracking




 Where?     When?        What?   Who?

                    25
On-line Change Tracking




                   26
Tough Questions for Oracle Applications

                        • How do you know key controls
                          are operating effectively
                          throughout year?
                        • Can you report on ALL
                          changes to key controls?
                        • How do you search for
                          segregation of duties or
                          evaluate user access?
                        • How do you know controls are
                          same for each business unit?
                        • How do you document key
                          controls within systems?



                   27
280+ Applimation Customers Worldwide




                  28
Integra - Applied


               Sarbanes-Oxley compliance for
               Section 404 internal controls report




              Leading Accounting firms adopt Integra
              as standard tool for audits of Oracle


               Version control for 11i upgrade and
               on-going maintenance


                       29
Continuous Monitoring in Oracle Applications


         Applimation Integra
            CONTINUOUS                                   KEY CONTROLS &
            MONITORING       PREVENTION                   TRANSACTIONS




       Integra Transaction                              Transactions




                                Integra Forms
         Integra Access                                   Security
                                                     Oracle Applications
                                                        environment
          Integra Apps                                     Setups

       Integra Codebase                                     Code

                                                          DATABASE

                                                      OPERATING SYSTEM



                                                30
For more information…


                                  www.applimation.com




     (212) 500-1200
     sales@applimation.com




                             31
Architecture



   Test          Dev              Prod 1                Prod 2
    11i          10.7                 11.0.3             10.7




   Snapshots &          Applimation              APP        USER
                          Home                 SERVER
   Comparisons



                             32
Architecture



    Test          Dev                Prod 1         Prod 2
      11i          10.7                  11.0.3        10.7

  Integra Apps   Integra Apps        Integra Apps   Integra Apps




                                                     Setup
                                                    Changes
   Snapshots &             Applimation
   Comparisons               Home




                                33

				
DOCUMENT INFO
Description: Accounts Receivables Monitoring Templates document sample