Design Secure & Compliant Roles for Oracle ERP & HCM Cloud Lakshmi Rajamohan Product Management and Strategy, Risk Management Cloud Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Built-in Risk Management for ERP & HCM Cloud Financials Procurement Risk Management Human Capital Management Project Portfolio Management Continuous security, transaction & configuration analysis • Audit & compliance workflows Common User Experience & Interface Common User Security, Data Model, Application Administration, Updates & Patches Common Extensibility Tools – Page Composer & Flex Fields Copyright © 2018, Oracle and/or its affiliates. All rights reserved. 3
Risk Management Solutions Accelerate ERP & HCM deployments Continuous security & compliance monitoring Get started in hours Eliminate manual analysis tasks Activate library of 100+ packaged rules Certify users with sensitive access SOD, Security, Privacy and User Access Controls Fraud Detection – AP, expenses & payroll Controls Configuration Change Tracking – suppliers, bank# etc. SOX certifications & GDPR Compliance Management Secure Role Design Dashboards & Alerts Deep SOD Analysis Compliance Workflows User Access Certifications Certify Before Go-live Advanced Configuration Controls Advanced Access Controls Advanced Transaction Controls Copyright © 2018, Oracle and/or its affiliates. All rights reserved. 4
Access & SOD Challenges Getting to the Details USER = Application User Access Points OTHER IMPORTANT ATTRIBUTES: Business Unit Data Access Set ERP/HCM Data Role What this gives you is a layered approach to controls….starting with analysis at the finest grain. Not at the role or user level, but at the privileges. This is virtually impossible for a provisioning engine to do. Submenu’s? Extensibility/Personalization: Page Composer? JOB ROLE DATA ROLE Abstract Role Data Dimensions DUTY ROLE Functional Privileges Data Dimensions
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Confidential – Oracle Internal/Restricted/Highly Restricted
Pre-built Controls Financials Enter Journals and… Enter Budget and… Set Up General Ledger Sets Set Up General Ledger Statistical Units of Measure Assets Depreciation Assets Workbench Capitalizing Assets Manage Accounting Period Statuses Post Journal Entry Setup Assets Define Accounting Calendars Set Up General Ledger Chart of Accounts Manage Journal Approval Rules Set Up General Ledger Currencies Set Up General Ledgers Set Up General Ledger Daily Rates Manage General Ledger Balances Cube Manage Accounting Data Security Manage General Ledger Enterprise Structures Post Journal Entry and… Set Up General Ledger Chart of Accounts Manage Accounting Period Statuses Set Up General Ledger Currencies Define Accounting Calendars Set Up General Ledger Daily Rates Manage Journal Approval Rules Manage Accounting Data Security Set Up General Ledgers Set Up General Ledger Sets Manage General Ledger Balances Cube Set Up General Ledger Options Manage General Ledger Enterprise Structures Set Up General Ledger Statistical Units of Measure Assets Depreciation Enter Budget and… Assets Workbench Create Purchase Orders Capitalizing Assets Create Payables Invoices Set Up Assets Post Journal Entry Approve Payables Invoices
Pre-built Controls Procurement Security Enter Journals and… Create Payables Invoices Maintain Supplier Bank Accounts Create Payments Receive Goods and Services Create Purchase Orders Approve Payables Invoices Merge Suppliers Bank Account Reconciliation Post Journal Entry and… Create Payments and… Set up Payment Create Payables Invoices and… Create Suppliers and… Create Purchase Orders and… Receive Goods and Services Approval Authorization Control Create Payments Create Purchase Agreements Maintain Supplier Bank Accounts Approve Payables Invoices Return Goods and Services Create Payables Invoices Receipt Accounting Create Purchase Orders Manage Payables System Option Merge Suppliers Security Create Role and… Provision Role
Pre-built Controls Supply Chain Enter Journals and… Enter Accounts Receivables Invoice Enter Customer Receipts Physical Inventory Release Sales Order Remittances Receive Goods and Services and… Post Journal Entry and… Cycle Counting Inventory Transactions Return Goods and Services and… Create Payables Invoices Create Customer and… Receive Goods and Services Item Costing and… Enter Customer Receipts and… Create Items Pick Release Goods Release Sales Order Bank Account Reconciliation Ship Confirm Goods Release Sales Order and… Create Items and… Cycle Counting Maintain Automatic Receipts Inventory Transactions Item Costing or Manage Cost Accounting Activities Delete Receipts Enter Accounts Receivables Invoice Enter Customer Receipts Create Purchase Orders and… Remittances Item Costing or Manage Receipt Accounting Activities Reversing Receipts
Advanced HCM Controls: Planned Pre-built Library of Best Practice Access Controls Manage Employee Position and… Sensitive Human Resource Privileges Manage Payroll Sensitive Payroll Privileges Manage Payroll Batch Processes Manage Payroll Costing Sensitive Time and Labor Privileges Manage Compensation Manage Time and Labor Manage Time and Labor and… Manage Employee and… Manage Payroll Manage Payroll Batch Processes Create User and… Manage Payroll Costing Manage Time and Labor Manage Compensation Manage Worker and… Manage Compensation and… Manage Person and… Confidential – Oracle Internal/Restricted/Highly Restricted
Risk Management Sessions @OOW18 Mon 3:45pm Protect Employee Private Data and Comply with GDPR Within Oracle HCM Cloud [BUS3922] Moscone South, Room 158 Mon 4:45pm Use Data Science to Fight Fraud, Strengthen Security with ERP Advanced Controls [BUS4254] Moscone South, Room 156 Mon 5:45pm Streamline SOX Compliance and Segregation of Duties Using Oracle ERP Cloud [CAS5818] Moscone South, Room 153/155 Tue 1:45pm Implement Segregation of Duties Automation Within Weeks Using Oracle ERP Cloud [CAS5825] Moscone South, Room 156 Tue 4:45pm Audit 100 Percent of Expense/AP payments using Advanced Data analysis in ERP Cloud [CAS5821] Moscone South, Room 154 Tue 5:45pm Strengthen Security Using Advanced ERP and HCM Controls [CAS5823] Moscone South, Room 156 Wed 11.30am Design Secure & Compliant Roles for Oracle ERP Cloud & Oracle HCM Cloud [TH6916] The Exchange@Moscone South, Theatre 2 Wed 4:45pm Implement SOX Certifications Within Weeks Using Oracle ERP Cloud [CAS5827] Moscone South, Room 156 Thu 9:00am Best Practices to Promote Employee Safety and OSHA Compliance Using Oracle HCM Cloud [PRO3920] Moscone South, Room 157 Thu 10:00am Protect Personal Data and Comply with GDPR Using ERP Advanced Controls [BUS4255] Moscone South, Room 156 Thu 11:00am GRC Special Interest Group [SIG3864] Moscone South, Room 156 CPE CPE CPE CPE CPE CPE CPE CPE CPE
Oracle Risk Management Customers ….and more!
Oracle Risk Management User Forums conference presentations, product updates, training materials, Q&A etc. cloudcustomerconnect.oracle.com
Risk Product Demo @OOW18 Request 1 on 1 meeting with product team Contact dane.roberts@oracle.com Visit Demo Booth #ERP-A03 (Moscone South Lower Level) Monday 9:45 to 5:45 Tuesday 10:30 to 5:45 Wednesday 10:30 to 4:45
Oracle Risk Management – Learn More Get started, documentation, release notes, training. Guided Tours Path to Success Training Personal Guidance User Documentation Release Readiness Forum
Confidential – Oracle Internal/Restricted/Highly Restricted