09 Jun ERP Cloud: Updates on Enhancements for Security and Compliance
In working with our customers on Oracle ERP Cloud projects we have been working hard to enter Service Requests, get Enhancement Requests, and post ideas in the Ideas Lab. The goal is to identify key issues, get consensus with our customers, and drive enhancements before many of our customers enter the end of year external audit.
Here are three critical Ideas that need to get advanced to the top of all development in Oracle. This is our top three! Please vote for these three and provide meaningful comments as you submit the vote.
- Audit Policy over Core Audit Policies – Need full change tracking when Core Audit Policies are enabled / disabled / changed; Critical from an audit perspective
- Audit Policy over Functional Audit Policies – Need full change tracking when Core Audit Policies are enabled / disabled / changed; Critical from an audit perspective
- Ability to report on “Core” Audit Policies” through OTBI
If you only have time to work on the above – then please take the time to vote on these three issues by clicking the links and voting.
The reason these 3 issues are so important is there is currently no way to provide reasonable assurance that your audit policies have been enabled and effective during the entire audit period. In the meantime, we have developed an OTBI report that can monitor changes to the ‘Functional’ Audit Policies through a snapshot approach. This may or may not pass as ‘reasonable assurance’ by your external auditors. The ‘Core’ Audit Policies cannot be queried via OTBI and Oracle has refused, via one SR, to query that data directly for us using a database login.
There are several others that we would consider critical to round out our top 10. If you have enough time, please vote for all:
SOA Suite – Disabling Approvals through Transaction Console
Ability to disable roles that should not be assigned ever to anyone. This would reduce risk.
Ability to disable high risk privileges that you would never want a User to have in production. Like the ability to decrypt credit cards or purge certain data
New users are not required to change passwords on login.
Full audit trail of changes to OTBI Reports
Full audit trail of changes vacation rules
Please join the discussion on Linked In here: https://www.linkedin.com/feed/update/urn:li:activity:6676201372070871040
Contact us at firstname.lastname@example.org if you have questions or we can help in any way.