Auditing PeopleSoft To effectively manage risk in most organizations today, internal auditors and control specialists must have a thorough knowledge of PeopleSoft security and control features. During this course, a joint effort between The IIA and Deloitte & Touche, participants will explore all the functions of PeopleSoft, from its security and workflow functionality to its login and password management features. As instructors delve deeper into PeopleSoft version 9.x, participants will learn about the software s customization, programming, and change management control considerations, as well as the impact of the Sarbanes-Oxley Act on the internal control environment for PeopleSoft. Participants will take part in facilitated discussions, computer-simulated class exercises and perform hands-on case studies and a mock audit using a live PeopleSoft 9.x system.
Course Duration: 3.5 Days CPE Hours Available: 32 CPE Knowledge Level: Intermediate Field of Study: Auditing Prerequisites: None Advance Preparation: None Delivery Format: Seminar, On-site
Course Outline: Auditing Environment Core PeopleSoft modules UNIX/Oracle Basic control mechanisms Common organization impacts PeopleSoft support resources Auditing PeopleSoft Enterprise Internal control components Common system architectures Tables in PeopleSoft Internal control considerations PeopleSoft support tools PeopleSoft and audit materiality Security Architecture Security mechanisms Security architecture components Reporting and object security PeopleSoft User Authentication Authentication process Password management Enterprise directory and key benefits Security Administration Configurable components: user id's, permission lists, roles, passwords Key functionality: page actions, security and password setup tabs Query Security Configurable components: query trees, access groups, public queries Key functionality: query profiles, query configurations
Process Scheduler Security Configurable components: jobs, security groups, requests Object Security Configurable components: security rules, PeopleTools, change control Functionality: menu access security, object and tool permissions Financials Security Configurable components: row level security, user preferences Control features: ledger security, book security HRMS Security Configurable components: local country menu, global security, dept. id Row level security Architecture Overview Two-tier architecture - Benefits and short-comings Three-tier architecture - Benefits PeopleSoft Internet architecture (PIA) Customizations and Patch Migration Change control rules Change control migration path Naming conventions What's new? Interfaces and Conversions Key process steps Uploading data into PeopleSoft Control components: version control, error logs, data mapping Audit considerations
Workflow Basic components: App designer, process maps Primary agents Rules, roles, routings Control features: role user maintenance, approval rule definition Audit considerations Financial Reporting Cycle (FCRP) Describe the financial reporting process Key setup and maintenance Transaction processing Period end close considerations Human Resources and Payroll Cycle Describe the HR and payroll process PeopleSoft HRMS integration Table structure and auditing considerations Expenditure Cycle Describe the purchasing and payables process Levels of control for each module Matching rules and activities Pay cycle functionality Revenue Cycle Describe the revenue process Levels of control