Revision History

This document will continue to evolve as existing sections change and new information is added. All updates are logged below, with the most recent updates at the top.

The new functionality referenced in this document may not be immediately available to you if your organization has chosen not to receive optional monthly updates.  Rest assured you will receive the new functionality in the next quarterly update which is required and cumulative. Quarterly updates are applied in February, May, August, and November.

.

Date

What's Changed

Notes

25 JUL 2017

Oracle Financial Reporting Compliance:

Transactional Business Intelligence Enterprise for Risk Management

New feature delivered in Update 8 (August), which will also be included in the August Quarterly update.

24 MAY 2017

Risk Management: Page Composer

New feature delivered in Update 6 (June), which will also be included in the August Quarterly update.

21 APR 2017

Oracle Financial Reporting Compliance: Management Page Search

New feature delivered in Update 5, the May Quarterly update.

05 DEC 2016

Initial Document Creation

Common Technologies

At Oracle, delivering products that reflect a superior and secure user experience is the result of an enormous investment. To understand your pain points, we spent countless hours examining how people like you actually work and use our enterprise applications. We then work closely with product management, security experts, strategy, and development to design innovative applications that help you to be more productive, secure, efficient, and effective.

Applications Security

Oracle Fusion Applications Security provides a single console where IT Security Managers and Administrators can perform various functions including user lifecycle management, role definition, security policy management (both functional and data), role hierarchy maintenance, username and password policy administration, and certificate management. The console also enables users to simulate the effect of security changes, to run security reports, and download a connector for integration with Microsoft Active Directory.

In Release 12, Oracle Fusion Applications Security offers several new capabilities that offer customers the following benefits:

Administrators can also tailor username and password generation by choosing from a list of shipped policies.

User Account Management

Create, manage, and assign user accounts using the Security Console. You can also search, retrieve, and manage user accounts automatically created for employees, contingent workers, supplier contacts, or partner contacts.

Administrator Password Management

Manage passwords of other user accounts as an administrator. You can auto-generate or manually enter a password for a user account. You can also define password lifecycle and complexity policies. Passwords will be automatically validated against these policies.

User Password Management (Self-Service)

Manage your own user account password. Your password will be automatically validated against the defined password lifecycle and complexity policies.

User Account Locking

Lock user accounts as an administrator. If you lock a user account, you will be temporarily preventing the user from logging in with that user account. You can also unlock a locked user account.

Enhanced Role Visualization

View only certain components of a role in the graphic visualizer. You can view only the privileges, aggregate privileges or roles assigned to a role. You can also view the graphic visualizer in full screen mode and pan over a specific region in the graph.

For complex roles, these features enable you to reduce the amount of information visualized and to focus on the area within the role hierarchy that requires your attention.

Tabular Role Hierarchy View

View role hierarchies in a tabular view. You can switch between the graphic visualizer view and the tabular view. You can also export the data you view in the tabular view.

Search in Role Hierarchy Visualization

Search and quickly locate security artifacts (nodes) in the role hierarchy visualization. You can search for privileges, roles or users in the visualization.

User Name Generation Rules

Define user name generation rules that will be used to auto-generate the user name when a user is created. You can define user name generation rules to be based on the user’s first and last names, first initial plus last name, e-mail or person or party number. You can also choose to use a system generated user name if the rule fails to generate a user name.

Password Policies

Define policies for password management. These policies can define the duration for various password lifecycle events like password expiration and password warning generation. You can also set the complexity of generated passwords by choosing from a pre-defined list of rules.

Notification Templates

Define custom notification templates for your user account life cycle events. You can also use pre-defined notification templates. These templates will be used to generate notifications for events like user account created, user password reset and user password expiry warning.

Upgrade-Safe Management of Factory Shipped Roles

Identify a predefined (factory shipped) Oracle role when viewing the role. Predefined Oracle roles are locked and you cannot customize the Oracle delivered functional and data security policies associated with these roles. You can, however, add data security policies to these roles.

Bridge for Microsoft Active Directory

Simplify Single Sign-On with Microsoft Active Directory by downloading and installing the Active Directory Bridge from the Security Console. Automatically synchronize user account information between Oracle Fusion Applications Security and Microsoft Active Directory.

User Password Changes Audit Report

Generate a report that lists password changes made by users. The report can be generated for changes made by specific users or for all changes made during a specific period.

Integrate Custom Identity Management Solution

Integrate optionally with your Identity Management solution for user and role management using industry standard System for Cross-domain Identity Management (SCIM) REST APIs and ATOM feeds.

Password Reset

Enhanced password reset flow. Now a notification email will be sent to the user who requests a password reset. The user will be required to click on this link within a specific period of time to change the password. This replaces the previous flow where users were required to answer a series of challenge questions to reset the password.

Security Console

Streamline use of some of the functionality that you have used in the past with the Security Console. The Security Console now includes the following functionality:

Resources are now granted through privilege and are no longer granted directly to Roles.

Risk Management

Oracle Risk Management Cloud offers Financial Reporting Compliance, which documents your policies for identifying and resolving risk in your financial processes.

Changes to Security-Related Jobs

Changes have been made to jobs that run in Oracle Risk Management Cloud to synchronize users, roles, worklists, and other related security artifacts. The following changes have been made to areas under Risk Management Tools, Setup and Administration:

Security Updates to Predefined Roles

Changes have been made to some predefined duty roles in Oracle Risk Management Cloud Release 12. When you are upgrading from Release 11 to Release 12, review and compare any custom duty roles that used a copy of a predefined role and evaluate if any changes are necessary in Release 12.

Page Composer

While Risk Management provides robust functionality as delivered, you can use Page Composer to make changes to it, if necessary. Risk Management has now been enabled to work with the common Page Composer tool.

Oracle Financial Reporting Compliance Cloud

Oracle Financial Reporting Compliance Cloud consolidates the process of documenting and assessing your business practices to satisfy financial reporting regulations, such as Sarbanes-Oxley and equivalent laws around the world and in the public sector. You can:

Management Page Search

Search regions for Financial Reporting Compliance object management pages, such as processes, risks, controls, and issues, has been moved to the left side of each page.

Transactional Business Intelligence Enterprise for Risk Management

Financial Reporting Compliance delivers two subject areas that allow creation of analyses based on Financial Reporting Compliance data. These include Risk Management Cloud - Compliance Real Time and Risk Management Cloud - Assessment Results Real Time.

---

A special Oracle logo highlighting Oracle's commitment to developing practices and products that protect the environment. copyrightlogo

12.08