This Course is NASBA Certified!
NASBA CPE certification ensures that continuing education meets nationally recognized standards, helping CPAs maintain licensure, demonstrate professional competence, and meet regulatory requirements with confidence.
This course qualifies for NASBA CPE certification and awards 10 hours of Auditing CPE, with each CPE hour equal to 50 minutes of instruction. The program level is Basic, with no prerequisite knowledge or advance preparation required for successful completion, and the course is delivered through a QAS self-study format.
*****
ERP Risk Advisors is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org
Course Description
10 Hours of NASBA-Certified Auditing CPE
1 CPE hour = 50 minutes
Delivery Method: QAS Self Study
This course provides a comprehensive review of Identity and Access Management (IAM) controls, essential for securing systems and data in modern IT environments.
Participants will explore the principles, processes, and technologies that underpin IAM, including authentication, authorization, user provisioning, access reviews, and identity lifecycle management.
The course emphasizes both technical and policy-based controls, with a focus on regulatory compliance, risk mitigation, and the implementation of least privilege and zero trust principles. Throughout the course participants will gain practical skills in designing, evaluating, and managing IAM controls to protect organizational assets from internal and external threats.
The course will review several ERP SaaS Cloud business application systems to apply the concepts covered in the class.
Course Objectives:
- Recognize foundational Identity & Access Management / IAM concepts, key risks and associated controls.
- Identify controls to protect your enterprise’s information from unauthorized access.
- Assess risks & controls pertaining to your enterprise developing and maintaining user access profiles.
- Define an audit strategy to assess IAM risks and controls for your enterprise systems.
Course Agenda:
IT Risks & Security Resources
- Risk & Risk Management
- Defining AI
- Machine Learning
- Robotic Process Automation (RPA)
Determining IAM Control Risks
Security & Control Resources
IT Asset Management
Access Management
- Authentication
- Authorization
- Single Sign-On
- Privileged Access
Audit Trails & Log Management
User Profile Management
- User Provisioning
- User Deprovisioning
- Role Design Change Management
Testing IAM Controls
Operations Management
- Incident Response Management
- Vulnerability Management
- Malware / Ransomware
- Zero Trust / Endpoint Security
ERP / SaaS Systems
- ERP Cloud SaaS Security
- Oracle Netsuite
- Oracle Fusion ERP
- Workday
IAM Best Practices
Jeff Hare, CPA CISA CIA
Course Developer
Jeff Hare, CPA CISA CIA, is the CEO and Founder of ERP Risk Advisors. His background includes public accounting, 6.5 years in industry in CFO and Controller roles, and Oracle Applications consulting experience. Jeff has been... [Read More]
Fred C. Roth, CISA
Course Author & Instructor
Fred C. Roth, CISA, is a Sr. Adjunct Lecturer with ERP Risk Advisors. Fred is a graduate of the University of Michigan with a Computer Science and Mathematics bachelor’s degree. Fred received his MBA at the Rochester... [Read More]
Eleanora Heitzman
Course Project Manager
Eleanora Heitzman is the Operations Manager at ERP Risk Advisors. She is enthusiastic about providing excellent support strategies and solutions to organizations, and she strives to use her skills to streamline operations and cultivate... [Read More]
Course Curriculum
- Welcome!
- Session INTRO-1 Table of Contents
- Session INTRO-2 Study Guide
- Session INTRO-3 Course Instructions & Instructor Introduction (7:01)
- Session INTRO-4A Course Learning Objectives (5:12)
- Session INTRO-4B Course Resources Introduction (2:58)
- Session INTRO-5 Key Control Concepts (7:42)
- Session INTRO-6 Downloadable Slides & Notes PDFs
- Session INTRO-7 Introduction Review Quiz
- Session INTRO-8 Introduction Review Quiz Answer Explanations
- Session 1-1 IT Risks & Security Resources Introduction (1:27)
- Session 1-2 IT Risks Introduction (5:46)
- Session 1-3 Breach Examples (9:25)
- Session 1-4 How Hackers are Hacking (6:03)
- Session 1-5 Security Resources Part A (3:41)
- Session 1-6 Security Resources Part B (5:38)
- Session 1-7 Security Resources Part C (5:53)
- Session 1-8 Security Resources Part D (6:14)
- Session 1-9 Module 1 Conclusion (1:06)
- Session 1-10 Review Quiz #1
- Session 1-11 Review Quiz #1 Answer Explanations
- Session 2-1 Access Management Introduction Part A (0:53)
- Session 2-2 Asset Management (5:47)
- Session 2-3 Access Management Introduction Part B (5:43)
- Session 2-4 Authentication (11:09)
- Session 2-5 Multi-Factor Authentication (MFA) (7:18)
- Session 2-6 Single Sign-On (SSO) (2:33)
- Session 2-7 Authorization (7:47)
- Session 2-8 Privileged Access (9:29)
- Session 2-9 Module 2 Conclusion (0:47)
- Session 2-10 Review Quiz #2
- Session 2-11 Review Quiz #2 Answer Explanations
- Session 4-1 User Profile Management Introduction (0:49)
- Session 4-2 Provisioning (6:53)
- Session 4-3 Deprovisioning Part A (2:30)
- Session 4-4 Deprovisioning Part B (5:17)
- Session 4-5 Role Change Management (4:26)
- Session 4-6 Module 4 Conclusion (0:47)
- Session 4-7 Review Quiz #4
- Session 4-8 Review Quiz #4 Answer Explanations
- Session 5-1 Operations Management Introduction (1:07)
- Session 5-2 Incident Response (8:14)
- Session 5-3 Vulnerability Management (8:39)
- Session 5-4 Malware (4:56)
- Session 5-5 End Point Security (8:11)
- Session 5-6 Module 5 Conclusion (1:03)
- Session 5-7 Review Quiz #5
- Session 5-8 Review Quiz #5 Answer Explanations
- Session 7-1 ERP - SaaS Introduction (1:38)
- Session 7-2 ERP Part A (5:40)
- Session 7-3 ERP Part B (0:42)
- Session 7-4 ERP Part C (5:36)
- Session 7-5 SaaS Part A (3:24)
- Session 7-6 SaaS Part B (9:00)
- Session 7-7 SaaS Part C (6:05)
- Session 7-7.5 SaaS - Cloud Security Alliance (CSA) (2:04)
- Session 7-8 SaaS - Third Party (10:06)
- Session 7-9 Module 7 Conclusion (1:01)
- Session 7-10 Review Quiz #7
- Session 7-11 Review Quiz #7 Answer Explanations
- Session 8-1 SaaS Applications Introduction (1:36)
- Session 8-2 Workday - Introduction (3:17)
- Session 8-3 Workday - Profile Management (5:58)
- Session 8-4 Workday - Authentication (4:41)
- Session 8-5 Workday - Audit Trails (1:44)
- Session 8-6 Workday - Conclusion (1:21)
- Session 8-7 Netsuite - Introduction (3:27)
- Session 8-8 Netsuite - Organization (2:43)
- Session 8-9 Netsuite - Profile Management (6:26)
- Session 8-10 Netsuite - Authentication (3:53)
- Session 8-11 Netsuite - Audit Trail (1:38)
- Session 8-12 Netsuite - Conclusion (1:06)
- Session 8-13 Fusion - Terminology (3:47)
- Session 8-14 Fusion - Profiles (1:41)
- Session 8-15 Fusion - Authentication (5:34)
- Session 8-16 Fusion - Conclusion (2:06)
- Session 8-17 Module 8 Conclusion (1:24)
- Session 8-18 Review Quiz #8
- Session 8-19 Review Quiz #8 Answer Explanations
- Session CONCLUSION-0 Class Exercise (2:31)
- Session CONCLUSION-1 Course Conclusion: Review of Agenda, IP Reminder, & Thank You! (5:21)
- Session CONCLUSION-2 Glossary of Terms
- Session CONCLUSION-3 Final Assessment
- Session CONCLUSION-4 Final Assessment Answer Explanation
- Session CONCLUSION-5 Resources
- Session CONCLUSION-6 Course Feedback Survey
Featured Courses
View our other ERP Armor: Learning courses and get the continuing education hours you need!
Policies:
Refund Policy
ERP Risk Advisors provides refunds in accordance with the refund policy of Teachable, our learning platform host. Refunds must go through the support funnel found at https://support.teachable.com/hc/en-us/articles/360004215372-Request-a-Refund. Teachable’s terms of use, including the refund policy, can be found at: https://teachable.com/terms-of-use.
Program Cancellation Policy
If a participant cancels a paid ERP Armor: Learning subscription plan, the cancellation will become effective at the end of the then-current billing cycle. When a participant cancels a paid plan, their account will revert to a free account and Teachable may disable access to features available only to paid plan users.
Complaint Resolution Policy
Participant(s) should email support@erpra.net and provide as much detail as possible about the complaint, including any relevant screenshots, account information, or transaction details. Upon receiving the complaint, ERP Risk Advisors’ support team will acknowledge it within 24 hours during business days. ERP Risk Advisors’ support team will investigate the complaint thoroughly. This may involve reviewing relevant records, consulting with appropriate personnel, and gathering additional information as necessary. ERP Risk Advisors aims to resolve all complaints as quickly as possible. Depending on the complexity of the issue, resolution may take up to 5 business days or more. During this time, ERP Risk Advisors will keep the participant(s) informed of the progress and any steps being taken to address their concerns. Once a resolution has been proposed, ERP Risk Advisors will contact the participant(s) to discuss the outcome. If participant(s) are dissatisfied with the initial resolution provided by ERP Risk Advisors’ support team, they may request that their complaint be escalated. Escalations will be reviewed by a senior manager to ensure a fair and impartial review of concerns. ERP Risk Advisors treats all complaints with the utmost confidentiality. Information provided will only be used for the purposes of investigating and resolving a complaint, in accordance with our Privacy Policy. For more information regarding administrative policies such as complaints and feedback, please contact our support desk at support@erpra.net.
*****
For all other Administrative and Course Development Policies, please visit ERP Armor: Learning FAQ and click on the first Frequently Asked Question dropdown.
