Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Governance, Risk, and Compliance Handbook for Oracle Applications
Governance, Risk, and Compliance Handbook for Oracle Applications

Governance, Risk, and Compliance Handbook for Oracle Applications: Written by industry experts with more than 30 years combined experience, this handbook covers all the major aspects of Governance, Risk, and Compliance management in your organization with this book and ebook.

eBook
€33.99 €48.99
Paperback
€62.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Table of content icon View table of contents Preview book icon Preview Book

Governance, Risk, and Compliance Handbook for Oracle Applications

Chapter 2. Corporate Governance

The first domain of GRC that we will look at is Governance, and in particular, Corporate Governance. It is the area of GRC that has had least attention from the software vendors. In the Chapter 1, Introduction, we introduced the organizational structure of Infission at the top of the enterprise and we introduced the members of Infission that are most concerned with the governance problem.

We break the corporate governance chapter into the following areas:

  • Developing and Communicating Corporate Strategy with Balanced Scorecard

  • Communicating and Confirming Corporate Strategy with iLearning

  • Managing Records

  • Financial Planning and Analysis

  • Monitoring Execution with Oracle Business Intelligence

  • Risk Management

  • Whistleblower Protections

Developing and Communicating Corporate Strategy with Balanced Scorecard


The first thing that we do for the management team is we help them bring their vision for the company to a set of measurable goals that they can justify to their investors. We use Oracle's balanced scorecard tools to do this. We develop the scorecard at the corporate level, and break it down for some senior executives to align objectives at divisional level. We then move the objectives into the executive's goals in the performance management applications that are part of Human Capital Management (HCM). Here we will show the reports and metrics that are delivered by Oracle Applications that allow these goals to be monitored and thereby the executive's performance measured.

Balanced Scorecard Theory

The rise of Balanced Scorecard was a reaction to the narrow definitions of performance that purely financial measures cause, measuring performance in terms of historical results, not keeping an eye on the needs of the customer...

Communicating and confirming Corporate Strategy with iLearning


The next thing we do for InFission is that we develop some training material to be delivered and confirmed through iLearning. Some of the training is to confirm understanding of corporate policies such as ethics standards and harassment policies. Some of the training material is to confirm understanding of the strategy that we helped develop in the previous section. An example might be a course entitled "Infission's Social Responsibility and Ethical Purchasing Strategies". Here we show the courses and reports from iLearning that help us confirm policy compliance and strategy comprehension.

Developing Learning Assets Flow

The following diagram shows the learning process:

The steps for the learning assets flow are as follows:

  1. 1. Place compliance course in catalog.

  2. 2. Upload load learning content.

  3. 3. Create a question bank.

  4. 4. Review employee learning.

The major components of the Learning System

The major components of the Learning...

Managing Records Retention Policies with Content Management Server


The next thing we do for Infission is to talk to Chief Counsel to define and implement records categories of documents, and the periods for which the documents must be retained, and after which they must be destroyed. This is to aid discovery of documents during the period that they must be retained, and to remove the liability inherent in discovery when documents are no longer required to be retained. We define sensitivity levels and develop access control lists to grant appropriate access to sensitive documents. We then show how the records retention policies are implemented.

Note

Note that as authors we debated whether to document Oracle Files or Universal Content Manager (UCM) as our baseline for documentation here in EBS 12.0. We decided that UCM is really the go forward content management system for Oracle.

Many companies deploying E-Business Suite may not be aware that the attachments capability can be more natively...

Financial planning and analysis with Hyperion FR


The next thing we do for Infission Corporation is talk to the CFO and controller about how to turn the strategic plan that we have developed into a financial plan. This plan may form the guidance that we issue when we review the Management Discussion and Analysis in the annual results, or guidance that we are issuing on a quarterly basis. We show the various Oracle tools used in collating and communicating the plan. We will also show how to test the assumptions on which the plan is based.

Financial Planning and Analysis Flow

The following diagram shows the flow through the financial planning and analysis process:

Accessing the Financial Planning and Analysis tools

With the acquisition of Hyperion, Oracle acquired the leading financial planning tool in the market, Hyperion FP. This tool was integrated in the field to the leading Financial Management Applications.

The following screenshot is the homepage of the Enterprise Performance Management...

Monitoring Execution with Oracle Business Intelligence


To close the loop on the corporate governance we will show how the strategy is tracked in Business Intelligence. We show a few of the financial and non-financial goals that we agreed at the start of the corporate governance process and how we can measure progress towards those goals with various business intelligence tools.

With its new release of Business Intelligence, Oracle has created a common data warehouse structure and extracts, transforms, and loads data from many of its acquired applications product lines into this data warehouse. Oracle Business Intelligence Applications includes dashboards that deliver performance metrics directly to executives, managers, and analysts in the form of easy-to-read charts, graphs, and tables. The complete environment contains over 500 dashboard pages.

The business intelligence content is decomposed into a number of business intelligence applications.

  • Oracle Financial Analytics

  • Oracle Procurement...

Enterprise Risk Management


Next, we open our dialogue with the Chief Audit Executive for InFission Corporation.

We help him develop the Audit plan to confirm the risks to the enterprise mission and ensure that the controls that mitigate for those risks are effective.

Within Oracle this is really the realm of GRC Manager and GRC Intelligence. This topic will be covered in detail when we get to the risk management section of the book. The reason that we also touch on it in the governance section of the book is to point out the overlap between the strategic direction setting for the enterprise and the risk management activities of the enterprise. Part of direction setting needs to be risk assessment.

As the Institute of Risk Management in the UK puts it as "The Board has responsibility for determining the strategic direction of the organization and for creating the environment and the structures for risk management to operate effectively. This may be through an executive group, a non-executive...

Whistle-blower protections


We circle back with the Audit Committee of the board to ensure that they have a system for concerned employees and other stakeholders to report their concerns confidentially and without fear of prejudice.

Section 301 of the Sarbanes-Oxley states:

"(4) COMPLAINTS- Each audit committee shall establish procedures for--

(A) the receipt, retention, and treatment of complaints received by the issuer regarding accounting, internal accounting controls, or auditing matters; and

(B) the confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters."

Section 806 states:

"No company with a class of securities registered under section 12 of the Securities Exchange Act may discharge, demote, suspend, threaten, harass, or in any other manner discriminate against an employee in the terms and conditions of employment because of any lawful act done by the employee to provide information regarding any conduct which the...

Summary


In this chapter, we have looked at issues surrounding corporate governance. We have looked at the problem from the perspective of the Board of Directors and very senior management. We have taken a cursory glance at the array of corporate governance problems and given an insight into some candidate applications from Oracle that address those problems. What we have covered here should be enough to open a dialogue with senior management and to explore the value of these tools.

In the Developing and Communicating Corporate Strategy with Balanced Scorecard section, the first domain of the Governance part of GRC, we have looked at corporate governance. We have seen the job titles of those charged with governing the corporation, from the board and through the executive level. We introduce the members of Infission that are most concerned with the governance problem. We used Oracle's Balanced Scorecard to help turn the mission of the enterprise into a set of goals. We brought the senior management...

Left arrow icon Right arrow icon

Key benefits

  • Governance: In depth coverage of corporate, IT, and security Governance, which includes important topics such as strategy development and communication, strategic reporting and control, and more
  • Risk Management: Creating a risk management program, performing risk assessment and control verification, and more
  • Compliance Management: Cross-industry, cross-regional laws and regulations, industry-specific laws and regulations, region-specific laws and regulations
  • To maximize real world learning, the book is built around a fictional company establishing its governance processes
  • Written by industry experts with more than 30 years combined experience

Description

It seems that every year since the Enron collapse there has been a fresh debacle that refuses to lower the spotlight from corporate Governance, Risk, and Compliance management.Before Sarbanes Oxely forced company managers to become risk conscious, if you asked a chief executive whether he thought he had adequate internal controls, the most likely answer would have been "What is an internal control?" This is clearly no longer the case. Every week some story breaks detailing a lack of good governance, a failure to plan for a foreseeable catastrophe or a failure to comply with an important law or regulation. These stories bring GRC themes into public view, and public scrutiny, and make management and directors keen to show they have put their best efforts forward to govern their companies well, manage risks to the enterprise, and to comply with all applicable laws.Perhaps only Oracle and SAP are in a position to really address all three aspects. The mission of GRC applications is to ensure that the managers and directors of Enterprises that run such applications have a strong defensible position. Written by industry experts with more than 30 years combined experience, this book covers the Governance, Risk Management and Compliance Management of a large modern enterprise and how the IT Infrastructure, in particular the Oracle IT Infrastructure, can assist in that governance. This book is not an implementation guide for GRC products rather it shows you how those products participate in the governance process, how they introduce or mitigate risk, and how they can be brought into compliance with best practice, as well as applicable laws and regulations.The book is divided into three major sections:Governance ñ where we discuss the strategic management of the enterprise, setting plans for managers, making disclosures to investors, and ensuring that the board knows that the enterprise is meeting its goals and staying within its policies.Risk Management ñ where we discuss audit disciplines. This is where we work out what can go wrong, document what we have to do to prevent it from going wrong and check that what we think prevents it going wrong - actually works! We move through the various sub-disciplines within the audit profession and show what tools are best suited from within the Oracle family to assist.Compliance Management ñ where we map the tools and facilities that we have discovered in the first two sections to frameworks and legislations. We give this from an industry and geography agnostic viewpoint, and then drill into some specific industries and countries.We neither stay in the narrow definition of GRC applications, nor limit ourselves to the Business Applications but take you to the most appropriate places in the full Oracle footprint. The book is written from the perspective of big GRC. It is not an implementation manual for the GRC products, although we hope you can get the best out of the GRC products after reading this book. We discuss many applications and technology products that are not in the GRC product family.

Who is this book for?

The audience for this book is the people that advise the board, the internal audit department and CIO office on controls, security and risk assurance. Consultants that are implementing Financials or GRC Applications who wish to gain an understanding of the Governance Risk and Compliance processes, and how they are represented in Oracle, should find it a useful primer. Risk Assurance professionals will find it a reliable companion.

What you will learn

  • Master Oracle s Balanced Scorecard that helps management govern the enterprise through the development and communication of strategy for the enterprise
  • Trace execution of the strategy that was laid out in the balanced scorecard through Oracle Business Intelligence
  • Express security priorities and objectives in the form of a balanced scorecard and ensure that the objectives are in line with the corporate strategy
  • Perform risk assessment and control verification
  • Capture whistleblower complaints by setting up a guest account in iSupport
  • Develop and maintain control documentation that will be effective in the verification of controls included in the audit plan
  • Complete coverage of Management Testingóits uses, approach and techniquesówhich is a critical phase of the GRC program
  • Manage your internal Audit Function and learn how it is assisted through access controls, preventative controls, and configuration controls
  • Describe IT Audit activities; provide an approach for managing the IT audit program and review examples of automating IT Audit activities
  • Look at regulations that apply to particular industries and manage major compliance issues in high tech manufacturing, pharmaceutical and life sciences, and banking
  • Build and manage an integrated compliance platform to address regional regulations in major economic zones around the world.
Estimated delivery fee Deliver to Portugal

Premium delivery 7 - 10 business days

€17.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Aug 24, 2012
Length: 488 pages
Edition : 1st
Language : English
ISBN-13 : 9781849681704
Vendor :
Oracle
Tools :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Estimated delivery fee Deliver to Portugal

Premium delivery 7 - 10 business days

€17.95
(Includes tracking information)

Product Details

Publication date : Aug 24, 2012
Length: 488 pages
Edition : 1st
Language : English
ISBN-13 : 9781849681704
Vendor :
Oracle
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 157.97
Oracle 11g Anti-hacker's Cookbook
€45.99
Business Intelligence Cookbook: A Project Lifecycle Approach Using Oracle Technology
€48.99
Governance, Risk, and Compliance Handbook for Oracle Applications
€62.99
Total 157.97 Stars icon

Table of Contents

12 Chapters
Introduction Chevron down icon Chevron up icon
Corporate Governance Chevron down icon Chevron up icon
Information Technology Governance Chevron down icon Chevron up icon
Security Governance Chevron down icon Chevron up icon
Risk Assessment and Control Verification Chevron down icon Chevron up icon
Documenting Your Controls Chevron down icon Chevron up icon
Managing Your Testing Phase: Management Testing and Certifying Controls Chevron down icon Chevron up icon
Managing Your Audit Function Chevron down icon Chevron up icon
IT Audit Chevron down icon Chevron up icon
Cross Industry Cross Compliance Chevron down icon Chevron up icon
Industry-focused Compliance Chevron down icon Chevron up icon
Regional-focused Compliance Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
(2 Ratings)
5 star 50%
4 star 0%
3 star 50%
2 star 0%
1 star 0%
junaid ur rehman May 28, 2015
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
I bought this book to learn more about Oracle GRC solution. Its a really good book and gives a complete overview of GRC (in relation to Oracle Applications)
Amazon Verified review Amazon
Stephen Phillips Oct 29, 2012
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Just recently, I had the opportunity to review this book: Governance, Risk, and Compliance Handbook for Oracle Applications.The book was very interesting and covered a broad range of information regarding governance, risk, and compliance. It was very good at giving a high level picture that could span across a broad organization.Multiple applications were mentioned. Hyperion, Oracle Applications, and of course Oracle GRC were mentioned with screenshots. The book didn't dive into specific step by step detail, but it did give some screenshots and just enough detail to accomplish the best practices.All in all, I felt that this was a good book to paint the big picture and help implement best practices in the area of GRC.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela