Resources
Understanding Role Delegations in Oracle ERP/HCM Cloud
Fraud and Data Loss - one and the same?
Securing the Financial Close
We have to establish the Oracle Cloud Applications are still a work in progress, not a bad thing, but one we must be conscious of as we look to secure and audit our processes. It would be rare to see a change to E-Business Suite or JD Edwards at this time in their lives that would change the way security is handled or key financial processes, but this is still happening with Cloud Applications. One of our services is to provide Patch Impact Analysis on customer environments to establish exactly what these quarterly changes will do to Production when they go live. It isn't all just security and risk related though, we look at everything coming in and establish if any roles and users will be affected and give you the visibility into what is available to use (and what has been removed).
In this post though we will focus on Security and Risk, looking at changes that will ensure a more secure less 'risky' experience.
The first change we are pleased to see is a report that shows a User and their Data Access. This will replace the need to build a custom report for this data and make it more ‘reliable’ from an external audit perspective than using a custom OTBI report. Thankfully, you can now run a pre-defined report and from what we have seen the output is what we would expect.
Oracle has also announced restrictions to General Ledger Period Close where there are open Intercompany Transactions. Now you can prevent the close of General Ledger periods when there are unprocessed Intercompany transactions in the respective ledger and period.
We also see that an Idea we have been tracking is being resolved: Vacation and Delegation Rule Report. Note that this is a feature we have been tracking in our Working Group. The Idea link for this is: HERE
Assignment Security is a feature that allows for users to have multiple assignments and lines of responsibility but secured to those lines. Currently, person-based security access is given, which means a user having access to a person has access to all assignments and personal information for that person.
Here are links to the release documents for more information, and we'll be publishing more in the coming weeks.
Financials
HCM
We provide:
* Segregation of Duties Analysis for and across any Application
* Sensitive Access Analysis for any Application
* User Access Reviews
* Patch Impact Analysis
* Configuration Analysis
In addition to this analysis we provide a combination of Technology and Services to help Organizations not only get reports on the issues, but also the solutions to resolving them.
Our subscription model provides more value at a lower price than traditional Software, and is designed to support you to meet your Security and Compliance goals.
Fraud and Data Loss - one and the same?
Securing the Financial Close