Two Ground-Breaking Solutions for Oracle EBS

ERP Risk Advisors and CaoSys Announce Two New Ground-Breaking Solutions for Oracle E-Business Suite

ERP Risk Advisors and CaoSys have collaborated to build two new ground-breaking solutions for organizations running Oracle E-Business Suite: CS*License and CS*Lookback. ERP Risk Advisors and CaoSys have been strategic partners since 2008 and have designed, developed, and released two new solutions that are highly valuable for compliance purposes.


CS*License is a unique and innovative solution for understanding your organization’s risks related to licensing for Oracle E-Business Suite. This solution maps 100% of Functions and Concurrent Programs to the Application they are associated with and provides suggested mapping for objects that aren’t associated with an Application. CS*License can provide you visibility into where your organization stands with respect to your Oracle E-Business Suite license with Oracle. CS*License includes the following:

  • Predefined rules for all Functions and Concurrent Programs, currently built up to 12.2.7
  • Updates for new content as Oracle provides upgrades – as part of annual support
  • Ability to override default applications to which a Function or Concurrent Program is mapped
  • Ability to map Applications to your licensing buckets
  • Summary and Detailed reports to help you analyze your exposure – including down to Menu and Navigation Paths to identify how the object is accessed

CS*Lookback is a unique and innovative solution that helps you determine who has done what within your Oracle E-Business Suite applications; this is an invaluable tool that greatly assists with lookback procedures and other audit related tasks. CS*Lookback includes the following:

  • Analyze data based on configurable groups of tables and users
  • Analyze an entire schema and even the entire database
  • Perform a lookback analysis across common time rolling periods, such as “This week”, “This Month”, “This quarter”, “This year”, etc.
  • Perform a lookback analysis of any user defined time period
  • On-screen interactive reporting allows you to drill into the data from many angles
  • Powerful out-of-the-box summary level analysis and detailed reporting

CS*License and CS*Lookback compliment other leading GRC solutions for Oracle E-Business Suite including:


CS*Comply is the most effective way to deal with access control risks such as Segregation of Duties and Single Function Risks. CS*Comply offers best-in-class reporting and preventive controls. CS*Comply includes the following:

  • Over 1,000 pre-defined rules across the most commonly used modules covering over 36,000 known function based combinations – the most comprehensive set of rules available on the market.
  • Our pre-defined content covers nearly 4,500 security objects, including nearly 3,000 functions and 1,400 high risk concurrent programs and can easily be extended to address custom objects developed by US Steel
  • Comprehensive reporting and analysis of SoD/Single function risks
  • Powerful, easy to use analysis / reporting tools
  • Dozens of other reports / best practice monitoring tools to help with access controls
  • Multiple preventive controls to help you take a pro-active approach to risk
  • Remediation Toolkit, Collusion Detection, Menu Cloning, Request Group Cloning, and much more)

CS*Audit is the most effective way to satisfy audit requirements as it relates to capturing and monitoring change to data within Oracle E-Business Suite. CS*Audit also features an easy to configure near-real-time notification of changes being made. CS*Audit includes the following:

  • Extensive library of pre-defined policies with mapping of related meta-data
  • Rule driven, fine-grained auditing and monitoring of changes to data
  • Near-real-time notification engine
  • Documentary approvals
  • Powerful reporting options
  • Capture change management information to provide to your auditors
  • Data security in our reporting repository where sensitive data is audited

CS*Provisum consists of two main components, Periodic Access Review (PAR) and Automated Assignment Provisioning (Provisioning (AAP). CS*Provisum (AAP) provides an efficient and effective means of automating the request and assignment of access within Oracle.

CS*Provisum (AAP)

CS*Provisum (AAP) includes the following:

  • Initiation of responsibility request by the user, manager, or process owner
  • Visibility to potential SoD / single function risks as part of the approval process
  • Supervisor and/or process owner approval of access requests; no approval required can also be configured
  • Ability to create the user account when requests are approved
  • Superior visibility to pending and approved access requests

CS*Provisum (PAR)

CS*Provisum (PAR) provides an efficient and effective means of validating user access on a regular basis. CS*Provisum (PAR) includes the following:

  • Multiple review types (Process/Module owner, supervisor and transfer reviews)
  • “Selective” reviews for specific types of access (i.e. SoX Review, Financials Review, etc.)
  • Integrated with CS*Comply to provide visibility of SoD risk during the review process
  • Assignment de-provisioning is automated (no need to involve Security/System Administrator)
  • Review delegation, automated reminders/escalation and much more

CS*Rapid is a unique and innovative solution for delivering real-time operational reports and application extensions for Oracle E-Business Suite. CS*Rapid includes the following:

  • Allows you to bring in-scope SOX reports into Oracle EBS so you can remove your data warehouse from your in-scope applications
  • Is fully integrated with Oracle E-Business Suite
  • A familiar look and feel
  • No up-front licensing costs, no additional hardware or software required
  • Your operational reporting requirements can go from concept to the users’ menu in minutes.
Jeffrey T. Hare

Jeffrey Hare, CPA CIA CISA is the founder and CEO of ERP Risk Advisors. His extensive background includes public accounting (including Big 4 experience), industry, and Oracle Applications consulting experience. Jeffrey has been working in the Oracle Applications space since 1998 with implementation, upgrade, and support experience. Jeffrey is a Certified Public Accountant (CPA), a Certified Information Systems Auditor (CISA), and a Certified Internal Auditor (CIA).

No Comments

Post A Comment