Instructor: Deloitte
Date: February 25-26, 2008

The Oracle Applications course is designed to help IT auditors understand the security and controls necessary to audit and review Oracle application security and controls environments

Level: Intermediate (two or more years of audit / security experience)

Prerequisites: The participants should have basic knowledge of application security and controls and business processes.

Program Concentration: This training class aims to provide the user with a high-level understanding of how to audit Oracle applications to support your organization. Additionally, the user will acquire a baseline understanding of Oracle module structures and technical components of Oracle applications. This class will also help to develop a working knowledge of Oracle's Internal Controls Manager (ICM) and other control features and functions of the various Oracle Application modules and database.

- Introduction to Oracle
- Planning for an Oracle Audit
- Oracle Navigation
- Oracle General
  Computer Controls
- Oracle Control
  Parameters
- Oracle Security administration

• User Management
• User Authentication

- Authorization Concepts
- Segregation of Duties
- Audit Oracle Security
- Business Process and Applications Control Introduction
- Process Control

• Controls Documentation
• Automate Manual Control Process
• Automate Controls Testing

- Financial Reporting and Closing
  Considerations and Application Control
- Human Resources Management and Application Control
- Procure to Pay Process and Application Controls
- Order to Cash Process and Application Controls
- Procure to Pay Process and Application Controls
- Oracle Compliance

• GRC (Governance, Risk and Compliance) Platform
• ICM (Internal Control Manager)