FAQ

Q.  What kind of transaction monitoring does the Oversight system perform?

A.   The system automatically analyzes each financial transaction using a combination of pre-defined integrity checks, based on audit industry lessons learned and established best practices, supplemented and enhanced with customized checks based on client-specific requirements. Using advanced forensic analysis, the system identifies those transactions that are unexpected or unusual in some manner. As an example, journal entry transactions:

• Entered during weekends, off-hours, or holidays
• Representing unusual activity levels by individual users
• That are manual postings to accounts not normally posted manually
• Posted to accounts by users who don’t normally post to those accounts
• That are split to avoid thresholds and approval levels
• For unusual amounts based upon historical baselines, or for rounded amounts

The results of this analysis and correlation are made available via the Workbench and Dashboard, so that managers, auditors and financial staff can, as appropriate, review the preliminary findings, document and assign exceptions for further action, manage, execute and track problem resolution, and distribute to other resources who might need insight into the results.

Q.  How is the Oversight system connected to the client financial system?

A.   The Oversight appliance resides on a dedicated server in the client’s data center, in close network proximity to the source application(s). It extracts relevant data directly from the various source systems by connecting to the client’s financial system at the database level through a JDBC connector. No software need be installed on application servers (small ABAP program required for SAP only). Data mapping from source systems into a common data model is done via XML files for fast implementation and ease of maintenance.

Q.  How frequently is data captured and analyzed?

A.   Data-capture and analysis is configurable based on the operational needs of the client. Financial transactions can be captured as frequently as every couple of minutes and as infrequently as quarterly.

Q.  What kind of performance impact does this data-capture and analysis have on the client’s financial systems?

A.  The performance impact of the Oversight appliance is the equivalent of that of a single user. By design, the more complex queries and joins are performed on the Oversight appliance to minimize impact on the source financial system. Tests using performance monitoring software has indicated that the performance monitoring software itself consumed more CPU cycles than the Oversight appliance.

Q.  How will the appliance impact the client’s IT security environment? 

A.   Managed-on-premise model: The Oversight system is designed to pose minimal risk to the client’s IT security environment. The appliance is installed in the client’s data center in close network proximity to the ERP data source(s). This allows the appliance to reside behind the client’s firewall. The Oversight system requires read-only database access to the ERP source(s). ERP application access is not required.

On-Demand model: Because the Oversight solution is available “On-Demand,” all the client does is load a set of data (annual, quarterly, monthly) and the analysis starts right away. All data and results are stored and analyzed on secure servers, with security at all levels, from physical to logical, including safeguards on support and service personnel that have access to client data. All transfer of data over the Internet is done via encrypted links. Client data is stored on servers in a secure environment protected by state-of-the art infrastructure. Disaster Recovery Services ensure that the solution isn't harmed by a failure or disaster, meeting client time frames for recovery thanks to robust redundancy, data retention policies, storage technologies and secure backup.

Q.   What security safeguards are in place to protect the client data residing on the Oversight server?

A.   The Oversight system is designed to provide the highest levels of data security. The server runs a minimal set of services. Only http and ssh are externally exposed and available. Http is available for end-users to connect to the Oversight Case Management Workbench to review and work exceptions. Https can be substituted for http. Ssh is available for maintenance and administration.

Q.  Who is responsible for maintaining the Oversight system?

A.   Oversight will be responsible for maintaining the system. Remote management VPN access is the recommended approach to maintaining the Oversight appliance. In these cases, the VPN is configured to only allow access to the Oversight appliance and nothing else on the client’s network.

Q.  What is the level of effort required and what are the cost considerations for the client related to installing the Oversight server?

A.   Minimal amounts of time are required from client’s IT and operational staff:

• Approximately 10-18 hours of IT time is required to complete the appliance configuration questionnaire, perform network configuration, install the server, and create ERP database account(s). A detailed description of required IT effort is provided in the Oversight Implementation Considerations document.
• Staff familiar with the ERP system configuration will be asked to provide information regarding implementation configuration specifics (i.e. which document types are used), and to answer questions regarding data mapping. This is typically no more than a couple of hours a week during the configuration of the software and can likely be addressed by a knowledgeable user in the financial process.

Q.  How long does it take for an Oversight system implementation to go into production?