You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Three crucial Ideas to support related to Application Security: Auditing Audit Policy changes and re

Accepted answer
89
Views
2
Comments
edited Dec 21, 2020 6:08PM in Applications Security 2 comments

Summary

There are no audit logs that support whether or not Audit Policies have been enabled consistently throughout your audit period - major audit risk!

Content

All, 

There is a major gap in the design of Audit Policies.  There is not audit logs / change tracking when an Audit Policy is enabled / disabled / changed.  This is critical to the overall control environment.  We have three uber-critical Ideas raised on this topic.    Every organization using ERP/HCM Cloud is at risk from an audit perspective.  The lack of audit logs means you have no way to prove that your Audit Policies have been in place for your entire audit period.  Some of you have probably voted on one or more of these, but the number of

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!