SlideShare a Scribd company logo

Cs Comply And Audit V1.6

Download as PPTX, PDF
Slavik Gimelbrand, profile picture
Slavik Gimelbrand

The document provides an agenda and overview for a presentation on access controls and auditing solutions for Oracle E-Business Suite. It discusses business challenges around lack of access controls and auditing in EBS. It then introduces the CaoSys solutions CS*Comply and CS*Audit which provide comprehensive access control and auditing functionality. CS*Comply offers features for segregation of duties, access requests, real-time prevention and monitoring of best practices. CS*Audit allows for fine-grained, rule-driven auditing with pre-defined policies and an easy to use query tool. Both solutions have low implementation costs and provide benefits of reduced risk, time savings and compliance.

1 of 57
Downloaded 18 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
Cs Comply And Audit V1.6
AgendaIntroductionProblem Statement/Business ChallengesIntroducing CS*ComplyFeatures at a glanceEnterprise PacksExamples/ScreenshotsLive DemonstrationKey Benefits/Value PropositionQ&A
Problem Statement/Business ChallengesOracle E-Business Suite is very complexThousands of usersHundreds of responsibilitiesThousands of functionsThousands of menusPotentially millions of access combinationsLack of Access ControlsToo many privileged usersEffective SOD is difficult to achieve and maintain (if not impossible)Multi-faceted...Conflicting function pairsHigh-risk single functions (SQL Forms)Functions exposing sensitive data
Problem Statement/Business ChallengesLook for suite that offers...Handling of both traditional SOD risks as well as sensitive functionsMultiple preventive controlsAbility to use rules in preventive and detective modeThat does not require additional hardware/softwareSimple installation and reduced implementationLook for a company that offers...Risk-based contentOne-stop shop for compliance needsOffers more than just traditional SOD and auditingOffers pre-seeded solutions to real EBS issues
CaoSys Solution SuiteA comprehensive suite of solutions...Improving efficiency with productivity solutionsDelivering assurance through compliance
Introducing
Introducing CS*ComplyCS*Comply is a class leading solution for implementing your user access/SOD controls in Oracle E-Business Suite. CS*Comply helps ensure that the risks associated with inappropriate access are mitigated without delay.
Advantages of CS*ComplyAdvantages over other solutions...Beyond SOD: Comprehensive solution to address all User Access Control risks – SOD, Single Function, Sensitive DataAbility to put individual rules in Preventive mode while leaving others in Detective modeAutomation of other control issues such as password control/monitoringOther best practices such as monitoring of generic users, high risk responsibilities, policy exceptions, high risk single functions, high risk SOD rulesEmbedded into Oracle EBSFast installation and implementationGreatly reduced costs
Advantages of CS*ComplyCS*Comply addresses all issues in the problem statement and more...Powerful and comprehensive SOD solutionProtects conflicts pairsDeals with high risk single functionsGuard forms that expose sensitive dataComprehensive SOD matrix available…More than 600 rules covering well over 45,000 known function based risks in Oracle EBSCost EffectiveLow costReduced implementation/configuration further reducing costsTime effectiveInstallation – Typically less than 1 hourCan be effective from day oneReduced implementation/configuration
At a Glance – Access Controls/SODVery fast Conflict Scanning Engine 100% integrated into Oracle E-Business Suite Multiple Preventive controlsDetective mode controlsAccess Request system Built-in Notification EngineRank based Alert system Violation processing by user, responsibility and ruleComprehensive and easy to use reporting with the Conflict Enquirer Several interactive violation inquiry screens Setup and violation reportsAccessGuard for brute force access control Entity based function grouping
At a Glance – Access Controls/SODMultiple approvers Class driven conflict matrix User/Responsibility/Menu Exception system Handles common false positive…View only menusQuery only functionsBuyer/Shipping FunctionsXML support for export/importing contentUser friendly Simple to installNative look and feel Integrated with CS*Applications Available for 11i and R12 (supports R12’s proxy functionality)
At a Glance – Best Practices/CCMDefine password expiration policy globallyRestricted users screen for changing passwords only (optional, no cost)Restricted users screen for creating new users only (optional, no cost)Find users without password expiration policyPassword policy violationsUsers logged in multiple timesUsers linked to multiple employeesGeneric login responsibility assignmentsUsers with high risk responsibilitiesHigh risk responsibility user tracking (Professional Forms & OAF)High Risk Concurrent Program Usage TrackingVarious User/Function/Menu/Responsibility Delegation MonitoringWorklist Access, Vacation Rules
Access Control/SOD Enterprise PacksPre-seeded content (optional)...Covering well over 45,000 known function conflicts/risksTraditional SOD – Conflicting function pairsBeyond SOD – Common and often overlooked conflict pairsSensitive Data – Highly sensitive dataHigh Risk Single FunctionsIncluding all known SQL formsReady to go out of the box
Access Controls/SOD - ExampleThe System Administrator Responsibilities function is a typical function to which access should be restricted, we will now show you a number of screenshots demonstrating how CS*Complyhelps you implement your Access Controls.
Conflict MatrixFor this example, Responsibilities is listed as a high risk single function
Conflict Scanning EngineConflict Scanning Engine (CSE)...Scan system existing conflictsInvoke interactively or concurrentlyVery fastRun by rule, by class, by user and for the whole systemNo baseline/snapshot needed
Conflict EnquirerConflict Enquirer – provides fast and detailed analysis of conflicts...Intra/Inter responsibilityIntra/Inter menuBy ResponsibilityBy UserBy RuleBy MenuBy FunctionCommon False PositivesMenu VisibilitySingle Function/Conflicts Pairs
Conflict Analysis - Conflict Enquirer
Conflict Analysis - Conflict Enquirer
Conflict Inquiry/ReportingConflicts inquiry/reporting...Intra-responsibilityIntra-menuBy RuleBy ResponsibilityBy UserBy FunctionBy Function GroupBy Class…more
Real-Time Prevention & Access RequestsReal-Time Prevention for Professional Forms based screens at the time of access (and OAF pages depending on release)...Before, during and after remediationGo live before, during or after remediation
Real-Time NotificationReal-Time Notification...Sent to authorisersSent to user making request
Access RequestsAccess Requests (for Professional Forms)...Authorise, Deny or RevokeAuthorise on a temporary basis (automatically expires)Notification Group members notified of authorisations
Responsibility Assignment PreventionResponsibility assignments that would result in a conflict are prevented in real-time
AccessGuardAccessGuard...Instant brute force preventionAccess by exception onlyProtects Professional Forms (and OAF Pages depending on release)Included with CS*Comply
Best Practice/CCM ExamplesPassword control/monitoring…Set Password Policy globallyUsers without password policyPassword policy violations
Best Practice/CCM ExamplesUser/Employee monitoring...Users not linked to an employeeEmployees linked to multiple usersUsers logged in more than once…many more
Best Practice/CCM ExamplesLogin/Responsibility monitoring…Users with high risk responsibilitiesGeneric login responsibility assignments…many more
Best Practice/CCM ExamplesConcurrent Program monitoring…High risk concurrent program usage trackingUsers with high risk concurrent program access
Best Practice/CCM ExamplesDelegation monitoring…Worklist accessVacation rules
Demonstration
Key Benefits/Value PropositionCS*Comply brings many benefits...Out of the Box SolutionSubstantial Time SavingsConsiderable Cost SavingsTightly IntegratedReduced Burden on ITUnique functionalityVery easy to useFully embedded into Oracle E-Business SuiteNative look and feel, users feel at homeNo external tools to get to grips withDeveloped (in-part) using our own Extreme RAD tool, CS*Form – easy and very fast to enhance and extendSimple installation (the whole suite installs in less than 1 hour)Rapid implementationRapid return on investment
GRC Webinar Series
Introducing
Problem StatementInadequate auditing in standard audit trailLack of fine grained auditing resulting in audit overkill Querying audit data is arduousData growth / management issuesAudit trail not understandable due to lack of metadata from other tables Same issue with log based solutions who can't grab data from other tables when writing the audit recordsA proper audit trail is critical for reliance on application controls under Auditing Standard 5Certain forms without a proper audit trail leaves you exposed to fraudTracking of activity in SQL forms is an essential IT General Control
Problem StatementGRC/auditing solutions are typically expensiveAchieving compliance (SOX, PCI...etc) can be a time consuming and very costly taskMany solutions are difficult to use out of the boxLengthy implementation/configuration
An Alternate SolutionCS*Audit addresses all issues in the problem statement...Fine-grained and rule driven audit solutionHierarchical, fine grained and rule driven audit policesComprehensive audit details capturedEasy to use query toolOver 100 audit policies defined out of the boxCost EffectiveLow costReduced implementation/configuration further reducing costsTime effectiveInstallation – 1 hourEffective from day oneReduced implementation/configuration
At a Glance – AuditingTransactional data auditingDatabase wide auditingStructured, rule driven auditingFine grained auditingDetailed and extensible audit trailUser friendly auditingOn-screen/off-screen audit enquirySecurity consciousTransportable audit solutions (via XML)Pre-seeded audit solutionsOver 100 audit solution already defined
Audit Enterprise PacksPre-seeded content...Including more than 100 tables to auditCovering over 2,000 data pointsCommon data translations includedReady to go out of the box
How CaoSys solutions address your audit requirements
Auditing - ExampleThe Users table within the Oracle Business Suite is a typical table that you should audit; here we have a number of screenshots demonstrating the auditing capabilities of CS*Audit.
Auditing - HierarchicalAudit policies are hierarchicalClasses and Sets of audit entities for easy management
Auditing – Full ControlChoose what to audit...InsertsDeletes Updates
Auditing – Fine Grained & Rule DrivenAudit policies are fine grained and rule driven...Check criteria before auditing (i.e. invoice greater than $1000)Additional context used to determine audit (i.e. Only audit within a specific responsibility)Helps prevent audit-overkillSelf managing audit data (auto-purge)
Auditing – Hierarchical RulesAudit rules can be applied at multiple levels... Set levelClass level
Auditing – Security ConsciousControl who can view audit data from within the CS*Audit EnquirerClone setup to all Entities in same Set or Class
Auditing – TransportableAudit policies are easily transportable...Import and export using standard XML
Auditing – Lookups/TranslationsPerform lookups/translations at the time of auditBring in additional data to make audit data more meaningful
Auditing – Detailed and ExtensibleHighly detailed and extensible audit trail...More than just the who and the whenInclude any number of lookup values during the audit transaction (i.e. grab vendor name as well as vendor ID)Includes a number of predefined attributes such as hostname, DB domain...etcClone setup to all Entities in same Set or Class
Auditing – Version ControlledAudit Policies are automatically version controlled...All previous versions of audit policy retainedAll previously audited data is retained even if policy definition is changed
Auditing – Database WideAuditing is not limited to Oracle E-Business data, you can audit any data that is accessible from within the database. Audit data from within any module of the Oracle E-Business Suite, for example you may want to audit the AOL or the data within Payables or Purchasing.Audit custom data for any table within the Oracle database.
Auditing – Powerful Query ToolCS*Audit reporting...Answer questions like “who changed the Users table last in the last 12 hours from within a the System Administrator responsibility”Very easy to use
Auditing – Powerful Query ToolCS*Audit reporting...Drill down by Year, Month, Day and Time
Auditing – Powerful Query ToolCS*Audit reporting...Drill down by Class, Set, Entity hierarchy
Auditing – ReportCS*Audit reporting...Print audit data...
Key BenefitsCS*Audit brings many benefits...Out of the Box SolutionSubstantial Time SavingsConsiderable Cost SavingsEmbedded with Oracle E-Business SuiteIntegrated with CS*ApplicationsReduced Burden on ITInstalled and auditing within a couple of hours
Q&AQ&A

More Related Content

PDF
Automatic Performance Modelling from Application Performance Management (APM)...
Paul Brebner
 
PPT
Aligning Business Models And Technology Architectures Ore Dev Conferenc...
Enthiosys Inc
 
PPTX
Software Test Automation
Valentin Ganchev
 
PPT
LR_Test_Automation
Vikash Suthar
 
PPT
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
CA CISA Jayjit Biswas
 
PPTX
Microsoft - Human-Operated Ransomware Mitigation Project Plan #nice #template...
powerofgametest
 
PPT
Phase Two: What’s Next for Life Sciences and Enterprise Content Management
Scott Abel
 
PPT
ServiceDesk Plus Product Overview
ServiceDesk Plus
 
Automatic Performance Modelling from Application Performance Management (APM)...
Paul Brebner
 
Aligning Business Models And Technology Architectures Ore Dev Conferenc...
Enthiosys Inc
 
Software Test Automation
Valentin Ganchev
 
LR_Test_Automation
Vikash Suthar
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
CA CISA Jayjit Biswas
 
Microsoft - Human-Operated Ransomware Mitigation Project Plan #nice #template...
powerofgametest
 
Phase Two: What’s Next for Life Sciences and Enterprise Content Management
Scott Abel
 
ServiceDesk Plus Product Overview
ServiceDesk Plus
 

Similar to Cs Comply And Audit V1.6 (20)

PDF
Lublin Startup Festival - Mobile Architecture Design Patterns
Karol Szmaj
 
PPTX
Sda 3
AmberMughal5
 
PPTX
Implementing security and controls in people soft best practices - may 2017
Smart ERP Solutions, Inc.
 
PPT
e-DMZ Products Overview
Dell
 
PPT
Review se
Mustafa Atilla
 
PPT
Application Performance Monitoring
Olivier Gérardin
 
PDF
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...
CHOOSE
 
PPT
Sap security – thinking with a hacker’s hat
n|u - The Open Security Community
 
PPTX
Automation testing
Tomy Rhymond
 
PPTX
Introduction to the Microsoft Azure Cloud.pptx
EverestMedinilla2
 
PPTX
Integrated Architecture Value - Customer Presentation.PPTX
RajendraChougale2
 
PPT
Null Meet Ppt
Abhed Moralwar
 
PPT
15 si(systems analysis and design )
Nurdin Al-Azies
 
PPTX
Fastman Bulk Data Manager (Business View)
Fastman
 
PPTX
CSC AWS re:Invent Enterprise DevOps session
Tom Laszewski
 
ODP
Year 12 D Course Material
michael.p.mckenzie
 
PPTX
Patch Management Best Practices
Ivanti
 
PDF
Consoxle ™
sandesh mundra
 
PPTX
Framework For Automation Testing Practice Sharing
KMS Technology
 
PPT
How much does it cost to be Secure?
mbmobile
 
Lublin Startup Festival - Mobile Architecture Design Patterns
Karol Szmaj
 
Sda 3
AmberMughal5
 
Implementing security and controls in people soft best practices - may 2017
Smart ERP Solutions, Inc.
 
e-DMZ Products Overview
Dell
 
Review se
Mustafa Atilla
 
Application Performance Monitoring
Olivier Gérardin
 
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...
CHOOSE
 
Sap security – thinking with a hacker’s hat
n|u - The Open Security Community
 
Automation testing
Tomy Rhymond
 
Introduction to the Microsoft Azure Cloud.pptx
EverestMedinilla2
 
Integrated Architecture Value - Customer Presentation.PPTX
RajendraChougale2
 
Null Meet Ppt
Abhed Moralwar
 
15 si(systems analysis and design )
Nurdin Al-Azies
 
Fastman Bulk Data Manager (Business View)
Fastman
 
CSC AWS re:Invent Enterprise DevOps session
Tom Laszewski
 
Year 12 D Course Material
michael.p.mckenzie
 
Patch Management Best Practices
Ivanti
 
Consoxle ™
sandesh mundra
 
Framework For Automation Testing Practice Sharing
KMS Technology
 
How much does it cost to be Secure?
mbmobile
 
Ad

Cs Comply And Audit V1.6

  • 2. AgendaIntroductionProblem Statement/Business ChallengesIntroducing CS*ComplyFeatures at a glanceEnterprise PacksExamples/ScreenshotsLive DemonstrationKey Benefits/Value PropositionQ&A
  • 3. Problem Statement/Business ChallengesOracle E-Business Suite is very complexThousands of usersHundreds of responsibilitiesThousands of functionsThousands of menusPotentially millions of access combinationsLack of Access ControlsToo many privileged usersEffective SOD is difficult to achieve and maintain (if not impossible)Multi-faceted...Conflicting function pairsHigh-risk single functions (SQL Forms)Functions exposing sensitive data
  • 4. Problem Statement/Business ChallengesLook for suite that offers...Handling of both traditional SOD risks as well as sensitive functionsMultiple preventive controlsAbility to use rules in preventive and detective modeThat does not require additional hardware/softwareSimple installation and reduced implementationLook for a company that offers...Risk-based contentOne-stop shop for compliance needsOffers more than just traditional SOD and auditingOffers pre-seeded solutions to real EBS issues
  • 5. CaoSys Solution SuiteA comprehensive suite of solutions...Improving efficiency with productivity solutionsDelivering assurance through compliance
  • 7. Introducing CS*ComplyCS*Comply is a class leading solution for implementing your user access/SOD controls in Oracle E-Business Suite. CS*Comply helps ensure that the risks associated with inappropriate access are mitigated without delay.
  • 8. Advantages of CS*ComplyAdvantages over other solutions...Beyond SOD: Comprehensive solution to address all User Access Control risks – SOD, Single Function, Sensitive DataAbility to put individual rules in Preventive mode while leaving others in Detective modeAutomation of other control issues such as password control/monitoringOther best practices such as monitoring of generic users, high risk responsibilities, policy exceptions, high risk single functions, high risk SOD rulesEmbedded into Oracle EBSFast installation and implementationGreatly reduced costs
  • 9. Advantages of CS*ComplyCS*Comply addresses all issues in the problem statement and more...Powerful and comprehensive SOD solutionProtects conflicts pairsDeals with high risk single functionsGuard forms that expose sensitive dataComprehensive SOD matrix available…More than 600 rules covering well over 45,000 known function based risks in Oracle EBSCost EffectiveLow costReduced implementation/configuration further reducing costsTime effectiveInstallation – Typically less than 1 hourCan be effective from day oneReduced implementation/configuration
  • 10. At a Glance – Access Controls/SODVery fast Conflict Scanning Engine 100% integrated into Oracle E-Business Suite Multiple Preventive controlsDetective mode controlsAccess Request system Built-in Notification EngineRank based Alert system Violation processing by user, responsibility and ruleComprehensive and easy to use reporting with the Conflict Enquirer Several interactive violation inquiry screens Setup and violation reportsAccessGuard for brute force access control Entity based function grouping
  • 11. At a Glance – Access Controls/SODMultiple approvers Class driven conflict matrix User/Responsibility/Menu Exception system Handles common false positive…View only menusQuery only functionsBuyer/Shipping FunctionsXML support for export/importing contentUser friendly Simple to installNative look and feel Integrated with CS*Applications Available for 11i and R12 (supports R12’s proxy functionality)
  • 12. At a Glance – Best Practices/CCMDefine password expiration policy globallyRestricted users screen for changing passwords only (optional, no cost)Restricted users screen for creating new users only (optional, no cost)Find users without password expiration policyPassword policy violationsUsers logged in multiple timesUsers linked to multiple employeesGeneric login responsibility assignmentsUsers with high risk responsibilitiesHigh risk responsibility user tracking (Professional Forms & OAF)High Risk Concurrent Program Usage TrackingVarious User/Function/Menu/Responsibility Delegation MonitoringWorklist Access, Vacation Rules
  • 13. Access Control/SOD Enterprise PacksPre-seeded content (optional)...Covering well over 45,000 known function conflicts/risksTraditional SOD – Conflicting function pairsBeyond SOD – Common and often overlooked conflict pairsSensitive Data – Highly sensitive dataHigh Risk Single FunctionsIncluding all known SQL formsReady to go out of the box
  • 14. Access Controls/SOD - ExampleThe System Administrator Responsibilities function is a typical function to which access should be restricted, we will now show you a number of screenshots demonstrating how CS*Complyhelps you implement your Access Controls.
  • 15. Conflict MatrixFor this example, Responsibilities is listed as a high risk single function
  • 16. Conflict Scanning EngineConflict Scanning Engine (CSE)...Scan system existing conflictsInvoke interactively or concurrentlyVery fastRun by rule, by class, by user and for the whole systemNo baseline/snapshot needed
  • 17. Conflict EnquirerConflict Enquirer – provides fast and detailed analysis of conflicts...Intra/Inter responsibilityIntra/Inter menuBy ResponsibilityBy UserBy RuleBy MenuBy FunctionCommon False PositivesMenu VisibilitySingle Function/Conflicts Pairs
  • 18. Conflict Analysis - Conflict Enquirer
  • 19. Conflict Analysis - Conflict Enquirer
  • 20. Conflict Inquiry/ReportingConflicts inquiry/reporting...Intra-responsibilityIntra-menuBy RuleBy ResponsibilityBy UserBy FunctionBy Function GroupBy Class…more
  • 21. Real-Time Prevention & Access RequestsReal-Time Prevention for Professional Forms based screens at the time of access (and OAF pages depending on release)...Before, during and after remediationGo live before, during or after remediation
  • 22. Real-Time NotificationReal-Time Notification...Sent to authorisersSent to user making request
  • 23. Access RequestsAccess Requests (for Professional Forms)...Authorise, Deny or RevokeAuthorise on a temporary basis (automatically expires)Notification Group members notified of authorisations
  • 24. Responsibility Assignment PreventionResponsibility assignments that would result in a conflict are prevented in real-time
  • 25. AccessGuardAccessGuard...Instant brute force preventionAccess by exception onlyProtects Professional Forms (and OAF Pages depending on release)Included with CS*Comply
  • 26. Best Practice/CCM ExamplesPassword control/monitoring…Set Password Policy globallyUsers without password policyPassword policy violations
  • 27. Best Practice/CCM ExamplesUser/Employee monitoring...Users not linked to an employeeEmployees linked to multiple usersUsers logged in more than once…many more
  • 28. Best Practice/CCM ExamplesLogin/Responsibility monitoring…Users with high risk responsibilitiesGeneric login responsibility assignments…many more
  • 29. Best Practice/CCM ExamplesConcurrent Program monitoring…High risk concurrent program usage trackingUsers with high risk concurrent program access
  • 30. Best Practice/CCM ExamplesDelegation monitoring…Worklist accessVacation rules
  • 32. Key Benefits/Value PropositionCS*Comply brings many benefits...Out of the Box SolutionSubstantial Time SavingsConsiderable Cost SavingsTightly IntegratedReduced Burden on ITUnique functionalityVery easy to useFully embedded into Oracle E-Business SuiteNative look and feel, users feel at homeNo external tools to get to grips withDeveloped (in-part) using our own Extreme RAD tool, CS*Form – easy and very fast to enhance and extendSimple installation (the whole suite installs in less than 1 hour)Rapid implementationRapid return on investment
  • 35. Problem StatementInadequate auditing in standard audit trailLack of fine grained auditing resulting in audit overkill Querying audit data is arduousData growth / management issuesAudit trail not understandable due to lack of metadata from other tables Same issue with log based solutions who can't grab data from other tables when writing the audit recordsA proper audit trail is critical for reliance on application controls under Auditing Standard 5Certain forms without a proper audit trail leaves you exposed to fraudTracking of activity in SQL forms is an essential IT General Control
  • 36. Problem StatementGRC/auditing solutions are typically expensiveAchieving compliance (SOX, PCI...etc) can be a time consuming and very costly taskMany solutions are difficult to use out of the boxLengthy implementation/configuration
  • 37. An Alternate SolutionCS*Audit addresses all issues in the problem statement...Fine-grained and rule driven audit solutionHierarchical, fine grained and rule driven audit policesComprehensive audit details capturedEasy to use query toolOver 100 audit policies defined out of the boxCost EffectiveLow costReduced implementation/configuration further reducing costsTime effectiveInstallation – 1 hourEffective from day oneReduced implementation/configuration
  • 38. At a Glance – AuditingTransactional data auditingDatabase wide auditingStructured, rule driven auditingFine grained auditingDetailed and extensible audit trailUser friendly auditingOn-screen/off-screen audit enquirySecurity consciousTransportable audit solutions (via XML)Pre-seeded audit solutionsOver 100 audit solution already defined
  • 39. Audit Enterprise PacksPre-seeded content...Including more than 100 tables to auditCovering over 2,000 data pointsCommon data translations includedReady to go out of the box
  • 40. How CaoSys solutions address your audit requirements
  • 41. Auditing - ExampleThe Users table within the Oracle Business Suite is a typical table that you should audit; here we have a number of screenshots demonstrating the auditing capabilities of CS*Audit.
  • 42. Auditing - HierarchicalAudit policies are hierarchicalClasses and Sets of audit entities for easy management
  • 43. Auditing – Full ControlChoose what to audit...InsertsDeletes Updates
  • 44. Auditing – Fine Grained & Rule DrivenAudit policies are fine grained and rule driven...Check criteria before auditing (i.e. invoice greater than $1000)Additional context used to determine audit (i.e. Only audit within a specific responsibility)Helps prevent audit-overkillSelf managing audit data (auto-purge)
  • 45. Auditing – Hierarchical RulesAudit rules can be applied at multiple levels... Set levelClass level
  • 46. Auditing – Security ConsciousControl who can view audit data from within the CS*Audit EnquirerClone setup to all Entities in same Set or Class
  • 47. Auditing – TransportableAudit policies are easily transportable...Import and export using standard XML
  • 48. Auditing – Lookups/TranslationsPerform lookups/translations at the time of auditBring in additional data to make audit data more meaningful
  • 49. Auditing – Detailed and ExtensibleHighly detailed and extensible audit trail...More than just the who and the whenInclude any number of lookup values during the audit transaction (i.e. grab vendor name as well as vendor ID)Includes a number of predefined attributes such as hostname, DB domain...etcClone setup to all Entities in same Set or Class
  • 50. Auditing – Version ControlledAudit Policies are automatically version controlled...All previous versions of audit policy retainedAll previously audited data is retained even if policy definition is changed
  • 51. Auditing – Database WideAuditing is not limited to Oracle E-Business data, you can audit any data that is accessible from within the database. Audit data from within any module of the Oracle E-Business Suite, for example you may want to audit the AOL or the data within Payables or Purchasing.Audit custom data for any table within the Oracle database.
  • 52. Auditing – Powerful Query ToolCS*Audit reporting...Answer questions like “who changed the Users table last in the last 12 hours from within a the System Administrator responsibility”Very easy to use
  • 53. Auditing – Powerful Query ToolCS*Audit reporting...Drill down by Year, Month, Day and Time
  • 54. Auditing – Powerful Query ToolCS*Audit reporting...Drill down by Class, Set, Entity hierarchy
  • 55. Auditing – ReportCS*Audit reporting...Print audit data...
  • 56. Key BenefitsCS*Audit brings many benefits...Out of the Box SolutionSubstantial Time SavingsConsiderable Cost SavingsEmbedded with Oracle E-Business SuiteIntegrated with CS*ApplicationsReduced Burden on ITInstalled and auditing within a couple of hours