This sample work program provides procedures to evaluate system control objectives relating to Siebel/Oracle information security.

The control objectives include: ensure that overall security policies and administration procedures are documented and communicated to personnel; ensure that new user setup follows a specific procedure and is documented adequately; ensure that visibility has been granted to users based on their job responsibilities and that adequate segregation of duties exists; ensure regular maintenance of user access and notification of personnel changes; and ensure that adequate controls exist for data input and output.