Governance, Risk, and Compliance Handbook for Oracle Applications
Nigel King, Adil Khan
- Governance: In depth coverage of corporate, IT, and security Governance, which includes important topics such as strategy development and communication, strategic reporting and control, and more
- Risk Management: Creating a risk management program, performing risk assessment and control verification, and more
- Compliance Management: Cross-industry, cross-regional laws and regulations, industry-specific laws and regulations, region-specific laws and regulations
- To maximize real world learning, the book is built around a fictional company establishing its governance processes
- Written by industry experts with more than 30 years combined experience
It seems that every year since the Enron collapse there has been a fresh debacle that refuses to lower the spotlight from corporate Governance, Risk, and Compliance management.
Before Sarbanes Oxely forced company managers to become risk conscious, if you asked a chief executive whether he thought he had adequate internal controls, the most likely answer would have been "What is an internal control?"
The book is divided into three major sections:
- Governance – where we discuss the strategic management of the enterprise, setting plans for managers, making disclosures to investors, and ensuring that the board knows that the enterprise is meeting its goals and staying within its policies.
- Risk Management – where we discuss audit disciplines. This is where we work out what can go wrong, document what we have to do to prevent it from going wrong and check that what we think prevents it going wrong - actually works! We move through the various sub-disciplines within the audit profession and show what tools are best suited from within the Oracle family to assist.
- Compliance Management – where we map the tools and facilities that we have discovered in the first two sections to frameworks and legislations. We give this from an industry and geography agnostic viewpoint, and then drill into some specific industries and countries.
What you will learn from this book
- Master Oracle's Balanced Scorecard that helps management govern the enterprise through the development and communication of strategy for the enterprise
- Trace execution of the strategy that was laid out in the balanced scorecard through Oracle Business Intelligence
- Express security priorities and objectives in the form of a balanced scorecard and ensure that the objectives are in line with the corporate strategy
- Perform risk assessment and control verification
- Capture whistleblower complaints by setting up a guest account in iSupport
- Develop and maintain control documentation that will be effective in the verification of controls included in the audit plan
- Complete coverage of Management Testing—its uses, approach and techniques—which is a critical phase of the GRC program
- Manage your internal Audit Function and learn how it is assisted through access controls, preventative controls, and configuration controls
- Describe IT Audit activities; provide an approach for managing the IT audit program and review examples of automating IT Audit activities
- Look at regulations that apply to particular industries and manage major compliance issues in high tech manufacturing, pharmaceutical and life sciences, and banking
- Build and manage an integrated compliance platform to address regional regulations in major economic zones around the world.