Platform Specific Controls

PeopleSoft

Oracle provides Enterprise Resource Planning (ERP) business applications that tightly integrate business processes organization wide in its PeopleSoft application.  PeopleSoft was purchased by Oracle in the early 2000s.  ERP business applications are the cornerstone for any organization.  An organization’s most critical business cycles and most sensitive data are most often managed by an ERP and as such the risk inherent in these applications is critical and must be controlled effectively.

The following PeopleSoft related controls are organized by Control Type. You can also “Jump To” other Control Types and Categories by clicking on the link located at the right of this screen.

The following are links to more detailed pages:

Data Controls

Showing 2 controls:
Control TitleControl TypeRisk Rating
Monitor accounts with access to PCI relevant data Data ControlsHigh
Monitor accounts with access to PHI or PII relevant data Data ControlsHigh

Identity Governance

Showing 6 controls:
Control TitleControl TypeRisk Rating
Count of Permission Lists by User Identity GovernanceMedium
Monitor employees with more than one user account Identity GovernanceHigh
Monitor generic user accounts – IDs not associated with an active employee Identity GovernanceHigh
Monitor unlocked accounts associated with terminated users Identity Governance, IT General ControlsHigh
Monitor unlocked stale accounts with no activity for more than 3 months Identity GovernanceMedium
PeopleSoft – Govern Access to Critical Roles Identity Governance, IT General Controls, Least PrivilegeHigh

IT General Controls

Showing 3 controls:
Control TitleControl TypeRisk Rating
Logging of unsuccessful login attempts IT General ControlsHigh
Monitor all user accounts that have created other User IDs IT General ControlsMedium
Monitor objects in PeopleSoft to ensure they are controlled by an object group IT General Controls

Least Privilege

Showing 34 controls:
Control TitleControl TypeRisk Rating
Access Administration – Critical Access Least Privilege, Segregation of DutiesCritical
Count of non-Display Only pages by Permission List Least PrivilegeMedium
Create Suppliers – Critical Access Least Privilege, Segregation of DutiesHigh
Customer Account Maintenance – Critical Access Least Privilege, Segregation of DutiesHigh
Development – Critical Access Least Privilege, Segregation of DutiesCritical
General Ledger Periods – Critical Access Least Privilege, Segregation of DutiesHigh
General Ledger Setup – Critical Access Least Privilege, Segregation of DutiesHigh
Limit access that create Segregation of Duties risk Least PrivilegeHigh
Limit access to critical PeopleSoft menus and pages Least PrivilegeHigh
Limit access to use of Correction in authorized actions for component pages Least PrivilegeHigh
Limit user accounts having access to super-user type functionality Least PrivilegeHigh
Maintain Chart of Accounts – Critical Access Least Privilege, Segregation of DutiesHigh
Maintain Hierarchies – Critical Access Least Privilege, Segregation of DutiesHigh
Monitor access of PeopleSoft pages for under utilization Least PrivilegeMedium
Monitor accounts assigned delivered PeopleSoft roles or permission lists Least PrivilegeHigh
Monitor accounts with access to SOX Critical Functions Least PrivilegeHigh
Monitor querying capabilities of users Least PrivilegeMedium
Monitor read-only Roles and Permission Lists with write access Least PrivilegeMedium
Monitor user primary permission lists and row security class Least PrivilegeHigh
Monitor users or roles with access to ALLPNLS or ALLPAGES and *PNLS Permission Lists Least PrivilegeHigh
Monitor users with access to Cash Management Setup Least PrivilegeHigh
Monitor users with access to delivered PeopleTools roies Least PrivilegeHigh
Monitor users with access to Payments Setup Least PrivilegeHigh
Monitor users with the ability to add or update vendors in their User Preferences settings Least PrivilegeHigh
Monitor users witht he ability to post journal entries in the their user preferences settings Least PrivilegeHigh
Payables Setup – Critical Access Least Privilege, Segregation of DutiesHigh
Purchasing Setup – Critical Access Least Privilege, Segregation of DutiesHigh
Receivables Setup – Critical Access Least Privilege, Segregation of DutiesHigh
Restrict Users that have access to development tools in Production Least PrivilegeHigh
Restrict Users that have access to integration tools in Production Least PrivilegeHigh
Restrict Users that have access to reporting and analysis tools in Production Least PrivilegeHigh
Restrict Users that have access to the Maintain Security menu Least PrivilegeHigh
Restrict Users that have access to Utilities in Production Least PrivilegeHigh
Set Up Payment – Critical Access Least Privilege, Segregation of DutiesHigh

Password controls

Showing 4 controls:
Control TitleControl TypeRisk Rating
Monitor accounts whose password never expires Password controlsHigh
Monitor accounts with high number of duplicate passwords Password controlsMedium
Monitor all accounts with passwords older than six months Password controlsHigh
Monitor failed login password configuration Password controlsHigh

Segregation of Duties

Showing 98 controls:
Control TitleControl TypeRisk Rating
Approve Invoices conflicts with Create Suppliers Segregation of DutiesHigh
Approve Invoices conflicts with Payables Invoices Segregation of DutiesHigh
Approve Invoices conflicts with Payables Payments Segregation of DutiesHigh
AR Write-off conflicts with Receivables Transactions Segregation of DutiesHigh
Bank Reconciliations conflicts with Payables Invoices Segregation of DutiesHigh
Bank Reconciliations conflicts with Payables Payments Segregation of DutiesHigh
Bank Reconciliations conflicts with Receivables Receipts Segregation of DutiesHigh
Benefits Configuration conflicts with Maintain Payroll Configuration Segregation of DutiesHigh
Benefits Configuration conflicts with Process Payroll Segregation of DutiesHigh
Benefits Configuration conflicts with Payroll Maintenance Segregation of DutiesHigh
Create Requisition conflicts with Create Suppliers Segregation of DutiesHigh
Create Requisition conflicts with Payables Invoices Segregation of DutiesHigh
Create Requisition conflicts with Payables Payments Segregation of DutiesHigh
Create Requisition conflicts with Purchase Orders Segregation of DutiesHigh
Create Sales Order conflicts with Receivables Transactions Segregation of DutiesHigh
Create Suppliers conflicts with Approve Suppliers Segregation of DutiesHigh
Create Suppliers conflicts with Payables Invoices Segregation of DutiesHigh
Create Suppliers conflicts with Payables Payments Segregation of DutiesHigh
Create Suppliers conflicts with Purchase Orders Segregation of DutiesHigh
Customer Account Maintenance conflicts with Create Sales Order Segregation of DutiesHigh
Customer Account Maintenance conflicts with Receivables Credit Memos Segregation of DutiesHigh
Customer Account Maintenance conflicts with Receivables Transactions Segregation of DutiesHigh
Customer Account Maintenance conflicts with Release Sales Order Segregation of DutiesHigh
Customer Account Maintenance conflicts with Remittances Segregation of DutiesHigh
Development conflicts with Access Administration Segregation of DutiesHigh
Enter Debit Memo conflicts with Release Sales Order Segregation of DutiesHigh
Enter Journal Entry conflicts with Approve Invoices Segregation of DutiesHigh
Enter Journal Entry conflicts with Create Sales Order Segregation of DutiesHigh
Enter Journal Entry conflicts with Enter Customer Receipts Segregation of DutiesHigh
Enter Journal Entry conflicts with General Ledger Set Up Segregation of DutiesHigh
Enter Journal Entry conflicts with Payables Invoices Segregation of DutiesHigh
Enter Journal Entry conflicts with Payables Payments Segregation of DutiesHigh
Enter Journal Entry conflicts with Post Journal Entry Segregation of DutiesHigh
Enter Journal Entry conflicts with Purchase Orders Segregation of DutiesHigh
Enter Journal Entry conflicts with Release Sales Order Segregation of DutiesHigh
Enter Journal Entry conflicts with Remittances Segregation of DutiesHigh
General Ledger Periods conflicts with Enter Journal Entry Segregation of DutiesHigh
General Ledger Periods conflicts with Payables Invoices Segregation of DutiesHigh
General Ledger Periods conflicts with Payables Payments Segregation of DutiesHigh
General Ledger Periods conflicts with Post Journal Entry Segregation of DutiesHigh
General Ledger Periods conflicts with Receivables Receipts Segregation of DutiesHigh
General Ledger Setup conflicts with Enter Journal Entry Segregation of DutiesHigh
General Ledger Setup conflicts with Mass Allocate Journal Entries Segregation of DutiesHigh
HR Benefits conflicts with Process Payroll Segregation of DutiesHigh
Maintain Chart of Accounts conflicts with General Ledger Periods Segregation of DutiesHigh
Maintain Chart of Accounts conflicts with General Ledger Setup Segregation of DutiesHigh
Maintain Chart of Accounts conflicts with Post Journal Entry Segregation of DutiesHigh
Maintain Employee Master Data conflicts with Maintain Payroll Configuration Segregation of DutiesHigh
Maintain Employee Master Data conflicts with Maintain Time Data Segregation of DutiesHigh
Maintain Employee Master Data conflicts with Payroll Maintenance Segregation of DutiesHigh
Maintain Employee Master Data conflicts with Process Payroll Segregation of DutiesHigh
Maintain Employee Position conflicts with Maintain Payroll Configuration Segregation of DutiesHigh
Maintain Employee Position conflicts with Payroll Maintenance Segregation of DutiesHigh
Maintain Employee Position conflicts with Process Payroll Segregation of DutiesHigh
Maintain Hierarchies conflicts with Create Suppliers Segregation of DutiesHigh
Maintain Hierarchies conflicts with Enter Journal Entry Segregation of DutiesHigh
Maintain Hierarchies conflicts with General Ledger Setup Segregation of DutiesHigh
Maintain Hierarchies conflicts with Payables Invoices Segregation of DutiesHigh
Maintain Hierarchies conflicts with Payables Payments Segregation of DutiesHigh
Maintain Hierarchies conflicts with Post Journal Entry Segregation of DutiesHigh
Maintain Payroll Configuration conflicts with Process Payroll Segregation of DutiesHigh
Maintain Time Data conflicts with Maintain Payroll Configuration Segregation of DutiesHigh
Maintain Time Data conflicts with Payroll Maintenance Segregation of DutiesHigh
Maintain Time Data conflicts with Process Payroll Segregation of DutiesHigh
Mass Allocate Journal Entries conflicts with Enter Journal Entry Segregation of DutiesHigh
Payables Invoices conflicts with Payables Payments Segregation of DutiesHigh
Payables Invoices conflicts with Payables Setup Segregation of DutiesHigh
Payables Invoices conflicts with Purchase Orders Segregation of DutiesHigh
Payables Payments conflicts with Purchase Orders Segregation of DutiesHigh
Payables Setup conflicts with Payables Payments Segregation of DutiesHigh
Payroll Maintenance conflicts with Process Payroll Segregation of DutiesHigh
Post Journal Entry conflicts with Approve Invoices Segregation of DutiesHigh
Post Journal Entry conflicts with Create Sales Order Segregation of DutiesHigh
Post Journal Entry conflicts with Enter Customer Receipts Segregation of DutiesHigh
Post Journal Entry conflicts with General Ledger Setup Segregation of DutiesHigh
Post Journal Entry conflicts with Payables Invoices Segregation of DutiesHigh
Post Journal Entry conflicts with Payables Payments Segregation of DutiesHigh
Post Journal Entry conflicts with Purchase Orders Segregation of DutiesHigh
Post Journal Entry conflicts with Release Sales Order Segregation of DutiesHigh
Post Journal Entry conflicts with Remittances Segregation of DutiesHigh
Purchase Orders conflicts with Approve Invoices Segregation of DutiesMedium
Purchase Orders conflicts with Receive Goods and Services Segregation of DutiesHigh
Purchase Orders conflicts with Return Goods and Services Segregation of DutiesHigh
Purchasing Setup conflicts with Purchase Orders Segregation of DutiesHigh
Purchasing Setup conflicts with Receive Goods and Services Segregation of DutiesHigh
Receivables Banks conflicts with Receivables Receipts Segregation of DutiesHigh
Receivables Clear Customer Balances conflicts with Receivables Receipts Segregation of DutiesHigh
Receivables Credit Memos conflicts with Receivables Receipts Segregation of DutiesHigh
Receivables Receipts conflicts with Create Sales Order Segregation of DutiesHigh
Receivables Receipts conflicts with Customer Account Maintenance Segregation of DutiesHigh
Receivables Receipts conflicts with Release Sales Order Segregation of DutiesHigh
Receivables Setup conflicts with Receivables Transactions Segregation of DutiesHigh
Receivables Transactions conflicts with Customer Credit Information Segregation of DutiesHigh
Receivables Transactions conflicts with Release Sales Order Segregation of DutiesHigh
Receivables Transactions conflicts with Remittances Segregation of DutiesHigh
Remittances conflicts with Create Sales Order Segregation of DutiesHigh
Set Up Payment conflicts with Payables Invoices Segregation of DutiesHigh
Set Up Payment conflicts with Payables Payments Segregation of DutiesHigh

System Hardening

Showing 2 controls:
Control TitleControl TypeRisk Rating
Monitor all accounts created by PS INSTALL or SYSADMIN System HardeningHigh
Monitor delivered and super user accounts not locked System HardeningHigh