Critical FedRamp Enhancements Needed by Oracle for ERP / HCM Cloud Oracle ERP / HCM Cloud is an evolving suite of applications. Most organizations considering implementing ERP/HCM Cloud probably believe the “foundation” of the applications is solid. Unfortunately, that is still not the case. We currently track over 200 enhancement requests that we and others have submitted. There are some significant gaps for public and private […] July 9, 2024
Top 4 Reasons You Need THIS Cyber Security Approach From our Cyber Security technical expert, Connor Thompson, CIA CISA In the Software as a Service (SaaS) world, cyber security risks extend far beyond traditional perimeter defenses and malware protection. Today, a strong cyber security strategy for SaaS environments must encompass a multi-faceted approach. This includes strong authentication methods, user training against social engineering attacks, […] June 28, 2024
The Irony Related in Oracle’s Latest Article on Cybersecurity There’s a Lack of Native MFA in ERP/HCM Cloud. Oracle released this article in March highlighting the top cybersecurity threats and how to prevent them. In the article, they highlight the number one risk as “Business Email Compromise (BEC).” The article states “BEC is a type of phishing attack. Other phishing scams try to trick […] May 29, 2024
EBS System Administrator View-Only Creation I’ll keep my message short and simple: below is everything you need to know about EBS System Administrator view-only creation. For assistance or clarification, please reach out to me. Step 1: Create the Following View-Only Functions Start with the following view-only functions: ***Change ABC_ to the proper naming convention for your organization. Each function […] April 8, 2024
Top 3 Tips for Resovolutions: Setting the Right Objectives The Why Behind Our Tips In the following article, I make the case for why these top 3 tips are crucial action steps for your organization. We call it “turning resovolutions into action.” For 25+ years I have been watching ERP (Enterprise Resource Planning) implementations go live that are half-baked at best. This has created […] March 28, 2024
AZN Menus Pose Big Risks in EBS – And What to Do About It AZN Menus Background AZN menus were introduced by Oracle around 11.5.3 to help provide a more rapid implementation to the SMB business segment. They provide users with a graphical depiction of a process flow and the ability access the functions directly from the graphical navigation. When an AZN menu is contained in a menu, the […] March 15, 2024
A Revolution of Resovolutions Part of our 2024 Resovolutions is to revolutionize the way organizations identify, manage, and mitigate risk in their ERP systems. Application security design and management risks produce a significant, immature control within organizations. Management knows these risks are often not being managed properly. The benefits seem to outweigh the risks when you consider: The long-term cost […] February 28, 2024
ERP Risk Advisors CEO Comments on the Acquisition of FastPath by Delinea Last week, news broke of the acquisition of FastPath by Delinea. Acquisitions continue to occur at a rapid pace in the IGA/PAM/Application Access Controls software space. There has been significant consolidation over the past few years as these spaces in the industry are converging and maturing. Delinea is a leader in the PAM space. FastPath […] February 26, 2024
User Profile Values Risks and Controls Background: Oracle provides a form to allow users to maintain certain profile options. The form is “Personal Profile Values”, and the function is “Profile User Values”. See an 11i screen shot of the form below: And an R12 version of the same form: This form allows an application user to set profile options to be […] February 19, 2024