Register today for Oracle CloudWorld. October 17th - 20th, Las Vegas

Register now

Hillel Cooperman, Senior VP of User Experience Design, has a message for you on Oracle CloudWorld

Watch now
Three crucial Ideas to support related to Application Security: Auditing Audit Policy changes and re — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Three crucial Ideas to support related to Application Security: Auditing Audit Policy changes and re

Accepted answer
29
Views
2
Comments
edited Dec 21, 2020 6:08PM in Applications Security 2 comments

Summary

There are no audit logs that support whether or not Audit Policies have been enabled consistently throughout your audit period - major audit risk!

Content

All, 

There is a major gap in the design of Audit Policies.  There is not audit logs / change tracking when an Audit Policy is enabled / disabled / changed.  This is critical to the overall control environment.  We have three uber-critical Ideas raised on this topic.    Every organization using ERP/HCM Cloud is at risk from an audit perspective.  The lack of audit logs means you have no way to prove that your Audit Policies have been in place for your entire audit period.  Some of you have probably voted on one or more of these, but the number of

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!