This Course is NASBA Certified!
NASBA CPE certification ensures that continuing education meets nationally recognized standards, helping CPAs maintain licensure, demonstrate professional competence, and meet regulatory requirements with confidence.
This course qualifies for NASBA CPE certification and awards 8 hours of Auditing CPE, with each CPE hour equal to 50 minutes of instruction. The program level is Basic, with no prerequisite knowledge or advance preparation required for successful completion, and the course is delivered through a QAS self-study format.
*****
ERP Risk Advisors is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org
Course Description
8 Hours of NASBA-Certified Auditing CPE
1 CPE hour = 50 minutes
Delivery Method: QAS Self Study
Software as a Service (SaaS) constitutes an increasing risk to enterprises as organizations transition from on-premise business applications to cloud based applications. SaaS applications can contain sensitive enterprise information that can be accessed from any device connected to the Internet.
Due to this significant enterprise risk, SaaS applications need to be assessed for effective security and controls. Unfortunately, this is not easily achieved in SaaS environments.
This on-demand seminar is designed to provide an understanding of foundational SaaS concepts, key risks and associated controls. Throughout the seminar the focus is development of a risk-based approach to protect enterprise information in SaaS applications.
A wide range of globally recognized security and control resources will be highlighted during the seminar that can be used for planning and executing SaaS cybersecurity audits.
The intended audience for this seminar is all auditors (IT Auditors, business auditors, internal and external auditors) and audit management with the responsibility to provide effective assessments of enterprise risk.
Course Objectives:
- Recognize foundational SaaS concepts, key risks and associated controls.
- Define an audit strategy to assess important SaaS risks and controls.
- Evaluate cybersecurity and operational aspects of SaaS applications including API, encryption, incident response management, business continuity, etc.
- Assess SaaS governance controls and procedures over 3rd Party SaaS relationships.Â
Agenda:
- SaaS Key Risks
ERP / SaaS Applications
- Cloud Security Resources
- Cloud / SaaS Governance
- Access Management
- Configuration & Change Management
- End Point Security / Zero Trust
- Encryption Key Management
- API - Application Programming Interface
- Incident Response Management
- SaaS Business Continuity
- Cloud Security Awareness Training
- Assessing Cloud Vendor Controls
Jeff Hare, CPA CISA CIA
Course Developer
Jeff Hare, CPA CISA CIA, is the CEO and Founder of ERP Risk Advisors. His background includes public accounting, 6.5 years in industry in CFO and Controller roles, and Oracle Applications consulting experience. Jeff has been... [Read More]
Fred C. Roth, CISA
Course Author & Instructor
Fred C. Roth, CISA, is a Sr. Adjunct Lecturer with ERP Risk Advisors. Fred is a graduate of the University of Michigan with a Computer Science and Mathematics bachelor’s degree. Fred received his MBA at the Rochester... [Read More]
Eleanora Heitzman
Course Project Manager
Eleanora Heitzman is the Operations Manager at ERP Risk Advisors. She is enthusiastic about providing excellent support strategies and solutions to organizations, and she strives to use her skills to streamline operations and cultivate... [Read More]
Course Curriculum
- Welcome!
- Session INTRO-1 Table of Contents
- Session INTRO-2 Study Guide
- Session INTRO-3 Course Instructions & Introduction (1:45)
- Session INTRO-4 Instructor Introduction (2:36)
- Session INTRO-5 Course Objectives & Agenda (3:00)
- Session INTRO-6 Resources (6:42)
- Session INTRO-7 Downloadable Slides & Notes PDFs
- Session 2-0 ERP Systems & SaaS Control Resources Introduction (1:08)
- Session 2-1 (9:09)
- Session 2-2 (5:20)
- Session 2-3 (3:56)
- Session 2-4 Part A (3:11)
- Session 2-5 Part B (6:17)
- Session 2-6 (4:14)
- Session 2-7 Module 2 Conclusion (0:42)
- Session 2-8 Review Quiz #2
- Session 2-9 Review Quiz #2 Answer Explanations
- Session 4-0 SaaS Access Management Introduction (1:37)
- Session 4-1 (4:17)
- Session 4-2 (4:57)
- Session 4-3 (4:39)
- Session 4-4 (5:53)
- Session 4-5 (6:50)
- Session 4-6 (3:01)
- Session 4-7 (4:31)
- Session 4-8 Module 4 Conclusion (0:47)
- Session 4-9 Review Quiz #4
- Session 4-10 Review Quiz #4 Answer Explanations
- Session 6-0 End Point Security & Encryption Key Management Introduction (1:01)
- Session 6-1 (5:46)
- Session 6-2 (5:04)
- Session 6-3 (5:21)
- Session 6-4 (3:46)
- Session 6-5 (9:37)
- Session 6-6 (5:45)
- Session 6-7 (2:15)
- Session 6-8 Module 6 Conclusion (0:50)
- Session 6-9 Review Quiz #6
- Session 6-10 Review Quiz #6 Answer Explanations
- Session 8-0 SaaS Operations Management Introduction (0:33)
- Session 8-1 (8:03)
- Session 8-2 (5:56)
- Session 8-3 (6:24)
- Session 8-4 (5:23)
- Session 8-5 (2:00)
- Session 8-6 (4:25)
- Session 8-7 (5:02)
- Session 8-8 (4:28)
- Session 8-9 Module 8 Conclusion (0:20)
- Session 8-10 Review Quiz #8
- Session 8-11 Review Quiz #8 Answer Explanations
Featured Courses
View our other ERP Armor: Learning courses and get the continuing education hours you need!
