Segregation of Duties for Oracle ERP-HCM Cloud Applications

Users, Abstract Roles, Job Roles, Duty Roles, Privileges, Abstract Privileges, Data Security Policies, Procurement settings, the list go on, securing your Oracle Cloud Applications involves analyzing many elements. Roles can be buried in Roles, creating layer upon layer of Access to the underlying functionality in the Application.

On top of that you need a solid understanding of all of the key Risks and those elements that you should be monitoring, from here SoD and Sensitive Access Rules can be created. Do you know all of the functionality that would allow someone to create and approve a Vendor/Supplier? Customers tell us they spent countless hours from Audit and IT Budgets putting together the lists of elements they needed to review in line with the Organization's Risk and Control Matrix. For some having a one size fits all SoD rule set from a Vendor was still not enough, these rules needed configuring to suit their Organization's processes.

The one area that Software for SoD excels at is in the reporting, with these solutions able to report on all of the different ways your Users can violate a Rule. This helps overcome having to create reports by yourself using SQL or some other manual method, however these reports in order to be accurate can be huge! We have seen reports

Many Organizations have chosen to implement Oracle Cloud Applications using the delivered (seeded) Roles. The benefit to this approach is that the Application can be deployed quickly without a vast Role Design project. The downside is that many of these Roles contain Separation of Duty violations and access to both configuration and the transaction side.

In addition each new update from Oracle can bring new Risks to these delivered Roles, as updates can be deployed directly to them. This means when the changes hit Production, any Users with these Roles may inherit the new functionality.

Seecuring can assist in the following areas:

Analyzing access to the Sensitive and Critical elements of the Application

* Segregation of Duties analysis

* Review the impact of making changes to your security and make the right decisions to get your Controls and Configurations resolved

* Assign actions to your team for resolving issues

* Create exceptions to Violations, stored and ready to be reported on as part of your Access Certification

* Ensure your issues are being resolved by measuring progress over time, if you need a Role removing from a User, Seecuring will let you know if it has been done

Patch Impact Analysis

With each new update from Oracle, new functionality is provided. These updates bring in new Privileges and COnfiguration changes that may also be granted to the seeded/delivered Roles.

If you are using these Roles, then these updates will be inherited by the Users attached to them.

License Analysis

How do you ensure you are in Compliance with your Licensing? Seecuring provides an analysis of your Applications to help establish compliance with your Licenses.

Role Design services

* a complete library of Roles to be imported and used immediately

* SoD and Access issues can be picked up and resolved before importing the Security

Configuration Review

* for changes made to the Application that may affect the performance of your processes and transactions

The Process

There is no software to deploy and we can provide everything you need to start

We provide the ability to extract data from your Environment (being sure not to take PII or Sensitive Data), and analyze the Data against a proven, specific Oracle Segregation of Duties Matrix.

Contact Us


Understanding Role Delegations in Oracle ERP/HCM Cloud

Continue Reading...


30 Days to Data Compliance with Mentis

Securing the Financial Close