Course Description
sAccess controls are widely tested by auditors during their audit. However, they are not tested consistently and often not tied to all risks. In this Learning class, Jeff Hare, CPA CISA CIA will provide the background you need to understand why and when access controls need to be tested for all in scope systems. This course may challenge some sacred cows for you. Please come with an open mind and willingness to learn.
Agenda:
- IT Dependent Controls that Depend on a Configuration
- Recapping the Two Reasons Access Controls Must Be Tested for All In-Scope Systems
- IT Dependent Controls: Sensitive Access Risks that Allow for the Bypassing of Controls
- Consideration of Role Change Management Process
- Consideration of Patch Change Management Process
- Recap: What will you do with this information?
- The Case for Access Control Software and ERP Armor
- Contact us / Questions
Course Curriculum
Introductory Sessions
Available in
days
days
after you enroll
Lecture Sessions
Available in
days
days
after you enroll
- Session 1 SoD and SA Risks (4:20)
- Session 2 SA 1st SoD 2nd (6:07)
- Session 3 What SA Testing Does (5:31)
- Session 4 What SoD Does (2:14)
- Session 5 Role Conflict Matrix (3:10)
- Session 6 What Are Access Controls (1:52)
- Session 7 User Privileges and Role Design (6:24)
- Session 8 Reason 1 (1:27)
- Session 9 Reason 2 (1:02)
- Session 10 Reviewing the RACM (8:49)
- Session 11 SoD Configurations (4:11)
- Session 12 Bypassing Controls (7:04)
- Session 13 Reasons Recap (2:38)
- Session 14 Role Change Management (4:02)
- Session 15 Patch Change Management (4:08)
- Session 16 Development Change Management (3:23)
- Session 17 The Case for Access Control Software (5:54)
Concluding Sessions
Available in
days
days
after you enroll
Featured Courses
View our other ERP Armor: Learning courses and get the continuing education hours you need!
We respect your privacy. We will not share or sell your information.
