11i ORACLE eBusiness Suite - PC Clients specifications & requirements A Practical Guide
-
Upload
nikos-plevris -
Category
Documents
-
view
117 -
download
1
description
Transcript of 11i ORACLE eBusiness Suite - PC Clients specifications & requirements A Practical Guide
11i eBS specifications & requirementsA Practical Guide
Nikos PlevrisPrincipal Service Delivery Manager
<Insert Picture Here>
Agenda
• 11i PC specifications• The multi-tier model• 11i eBS browser recommendations• Recommended Browsers & security zones• Browser security considerations
• 11i eBS AuditTrail practices• Summary• Q & A
11i PC specifications
• CPU: Pentium-class III or higher• RAM: 256Mb or higher• OS: MS Windows 2000 SP2 or higher
ORACLE_HOMEiAS
Forms
ReportsConcurrent Managers
Designer
TNS Listener
Apache
APPL_TOPORACLE_HOME
Tools
ORACLE_HOMERDBMS
RAC
Mod_plsql
Jerver
Web Borwser, Jinit
APPLICATION TIER
DATABASE TIERDESKTOP TIER
The multi-tier environment
11i eBS browser recommendations
• Oracle's certification of the various third party client operating system and browsers aligns with the respective vendor's support lifecycle
• MSIE 6.0 & 6.0 SP1 and SP2 are the preferred browsers for E-Business Suite 11i on MS Windows clients
• Mozilla Firefox 1.0.x, 1.5.x, Netscape 7.2 are certified• Currently 'Internet Explorer' is the only browser that
allows you to access multiple instances or multiple Application Responsibilities concurrently from the same desktop session, through the use of multiple browser sessions.
Recommended Browsers & security zones1
Browser version
MS Win XP MS Win 2000
MSIE 6.0 JInitiator 1.1.8.x
JInitiator 1.3.1.x
JInitiator 1.1.8.x
JInitiator 1.3.1.x
MSIE 7.0 JInitiator 1.3.1.x Not Supported
Security Zone Usage Default Internet Web sites not placed in
other zonesIE 6 - Medium
IE 7 - Medium-high
Local Intranet Web sites on your organization's intranet
Medium-low
Trusted sites Web sites you trust not to damage your computer
IE 6 - Low
IE 7 – Medium
Restricted sites Web sites that could potentially damage your computer
High
Oracle Applications is run through the 'Trusted Sites' zone, with a 'Medium' Security Setting
Recommended Browsers & security zones2
Browser version
MS Win XP MS Win 2000
NETSCAPE 7.2 JInitiator 1.3.1.x JInitiator 1.3.1.x
Mozilla 1.7.x (where x is greater than or equal to 5)
JInitiator 1.3.1.x JInitiator 1.3.1.x
Firefox 1.0.4 and later JInitiator 1.3.1.x JInitiator 1.3.1.x
Firefox 1.5 and later JInitiator 1.3.1.x JInitiator 1.3.1.x
Browser security considerations
• Enable Page Refresh• Shared Desktop Security (multiple users share the same
desktop)• Prevent users to view a previous user browser content by pressing the 'Back'
button on the browser. To fix this issue, please apply Oracle Applications Framework 11i.FWK.H Patch 3262919 or later and patch 4318900. You must also set the Applications 11i 'Force Page Refresh' profile option to 'Yes'.
• it is advisable not to save encrypted pages onto the drive. To set this option, go to Tools -> Internet Options -> Advanced tab -> Security settings and tick 'Do not save encrypted pages to Disk‘ (applicable to MS Explorer)
• Disable Autocomplete in Internet Explorer • Set HTTP 1.1/Keep Alive Settings • Java applet-Uncheck the 'Enable Java' option (applicable to
Netscape/Mozilla/Firefox)
Tough Questions for Oracle Applications
• How do you know key controls are operating effectively throughout year?
• Can you report on ALL changes to key controls?
• How do you search for segregation of duties or evaluate user access?
• How do you know controls are same for each business unit?
• How do you document key controls within systems?
Why an ERP audit?
• Increased risk • Higher Levels of Regulation
• Sarbanes Oxley 2002• Increased adoption of IAS
Sarbanes-Oxley Cycles
YEAR 1Document
Processes, Risks & Controls
YEAR 2, 3, 4…Monitor Changes & Test Controls
Continuous Monitoring
Auditing scope - Best Practices1
• Financial Reporting and Maintenance of Accounting Records
• General Ledger
• Cash Management
• Accounts Receivable
• Accounts Payable
• Procure to Pay Business Process• Purchasing
• Accounts Payable
• Inventory
• Costing
• Order to Cash• Order Entry
• Accounts Receivables
• Inventory
• Human Resource Management and Payroll• Human Resource Mgt. System
• Payroll
• Application Administration (including security
and configuration management)
• System Administration• Application Object Library (AOL)
Auditing scope - Best Practices2
Apps modules
Setups
InstancesSets of BooksOperating UnitsVersions
MonitoringReportingAlerting
Application Setups
Automated Documentation
Comparisons
Change Tracking
Migration
Apps Codebase
FormsReportsCode
EnvironmentsOracle VersionsCode Versions
MonitoringReportingAlerting
Code Promotion
Examples of Setups
Setup Data• Application Security• Document Approvals• Chart of Accounts• Profile Options• Users• Application Setups• MRP rules
Operational Data• Customers• Suppliers• Employees• Buyers• Items• Chart of Account Values• Category Codes
Example of System Controls
• 3-way matching of PO, Invoice and Receipt• Document spending limits (authorization of PO)• Security rules – access to sensitive transactions
• Employee salaries
• Chart of account values
• Financial statement reports (FSGs)
• Price lists
• Inventory attributes
• Action for late delivery of goods• Inventory stocking rules• Rules to create tax on sales orders• Depreciation methods
11i eBS Audit Trail feature
• Apps objects - Change Tracking• Who?• What?• When?• Where?
Automatically captures a complete historical audit trail. Details of
EVERY change.
Summary
• Define auditing requirements• Only audit what needs to be audited • Implement audit trail• Create Maintenance and Administration plan• Secure auditing objects