Cloud Readiness / Oracle Risk Management Cloud
New Feature Summary
  1. Update 19D
  1. Revision History
  2. Overview
  3. Risk Management
    1. Common
        1. Risk Management Home Springboard Is Enhanced
        2. Page Headers Are Enhanced
        3. Notifications Tab Is Removed and Overview Label Is Replaced with Worklist Label
        4. Nested Tabs Removed in Application Configuration
        5. User's Local Time Zone Enhancement
        6. Multiple Enhancements to Risk Management Lookup Values
    2. Financial Reporting Compliance
        1. Risk Models Are Enhanced
        2. Surveys Are Enhanced
        3. Workflow Navigation Is Enhanced
        4. Sort Functionality Added to Assessment Component Train Stop
    3. Advanced Financial Controls
        1. New Business Object Visualization Tool
        2. New Models in Content Library
        3. Changes Are Made to Business Objects
        4. Import Validation of Models and Controls
        5. Filter Condition Used for Delivered Business Objects
        6. Related Links Tab Is Removed
        7. Control Details Extract Report Is Removed
        8. Bell Notification Link Now Displays Results
        9. Perspective Shuttle Hover Text Is Clearer
        10. Purge Control Analysis Data Job Summary Enhanced
    4. Advanced Access Controls
        1. REST API for Third-Party Provisioning Tools
        2. Audit Is Enabled for Access Entitlements and Global Users
        3. New and Updated Delivered Model Content
        4. User-Defined Access Point Automatically Removes Invalid Access Points
        5. Enforcement Type Is Removed
        6. Obsolete Access Condition Attribute
        7. Based on Control Field Is Added for Simulations
        8. Visualization Is Enhanced in Simulations
        9. Related Links Tab Is Removed
        10. Control Details Extract Report Is Removed
        11. Bell Notification Link Now Displays Results
        12. Perspective Shuttle Hover Text Is Clearer
        13. Purge Control Analysis Data Job Summary Enhanced
    5. Access Certification
        1. Applied Finalize Roles Scoreboard
        2. Users' Direct Managers Can Review Role Assignments
    6. Transactional Business Intelligence for Risk Management
        1. Security Associated to New BI Reporting Role
        2. Reporting Access Granted to Risk Management Auditor Role
        3. Risk Evaluation Fields Are Added
        4. Test Plans Dimension Is Added
        5. Run Status Attribute Is Added
        6. New Dashboard Documents Remediation Plans in Simulations
        7. New Simulation Dimensions in Advanced Access Controls Subject Area
        8. Access Entitlement Created By and Last Updated By Populated

Update 19D

Revision History

Date Feature Notes
07 OCT 2019

REST API for Third-Party Provisioning Tools

Updated document. Renamed Role Level Provisioning Rules and revised feature information.

06 SEP 2019   Created initial document.

Overview

This guide outlines the information you need to know about new or improved functionality in this update.

DISCLAIMER

The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.

This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.

Risk Management

Oracle Risk Management consists of three products: Oracle Fusion Financial Reporting Compliance documents your policies for identifying and resolving risk in your financial processes. Oracle Advanced Access Controls detects risk inherent in the access granted to users of business applications. Oracle Advanced Financial Controls uncovers risk exhibited by transactions completed on business applications. Advanced Financial Controls and Advanced Access Controls belong to a module called Advanced Controls Management.

Advanced Access Controls includes an Access Certification set of features. It enables an organization to perform periodic reviews to determine whether job roles are assigned appropriately to users.

Common

Risk Management Home Springboard Is Enhanced

You can now access all of the Risk Management applications from a single home springboard icon. The feature icons will render based on your user's security configuration.

Page Headers Are Enhanced

Page headers are moving toward a common style called the universal panel. For example, depending on theme settings, this style may be a black background with the page header in white text. You'll also find the Done button is replaced with a back arrow for navigation.

Notifications Tab Is Removed and Overview Label Is Replaced with Worklist Label

The landing page for each work area, across applications, was titled Overview in earlier releases. In it, you could select between two tabs to display worklists or notifications. Now, the Notifications tab is removed. The landing page displays only worklists, and its title has title has changed from Overview to Worklists.

Nested Tabs Removed in Application Configuration

In prior releases, the Setup and Administration area for Application Configurations had nested tabs for General Maintenance, Datasource, and Global User Configurations. The functionality in these tabs is accessed differently within the same area.

User's Local Time Zone Enhancement

Your local timezone preference will now persist throughout the application.

Multiple Enhancements to Risk Management Lookup Values

The follow capabilities have been added in relation to the lookup values within Risk Management:

Financial Reporting Compliance

Risk Models Are Enhanced

You can now access all risk models in a single management page. 

Surveys Are Enhanced

The landing survey page header has been updated with the common style called the universal panel. In addition, to this update the related links tab has been removed and the links are now tabs within the landing page. In addition, survey question text can now be unlimited.

Workflow Navigation Is Enhanced

After an object is created or edited, a reviewer or approver may accept it, reject it, or return it for information. When that task is complete, the user is returned to the object worklist page rather than the review or approval page.

Sort Functionality Added to Assessment Component Train Stop

You can now sort the proposed object records as you select which records should be included in or excluded from a batch assessment.

Advanced Financial Controls

New Business Object Visualization Tool

A new Business Object Visualization page is available. This analysis tool enables users to search on a business object and review its direct relationships to others in a graphical presentation.

New Models in Content Library

Three new models for Advanced Financial Controls are available for import. These include 30008: Contract Payment Terms Different than Invoices, 34001: Sales Orders for Watchlist Customers, and 60018: Updates to Accounting Period Status.

Changes Are Made to Business Objects

This release includes updates and additions to business objects. New business objects include Sales Order, Purchasing Contracts, Audit - Accounting Period Status, and Customer Account Sites, and flexfield attributes were added to Expense Report Details. Additionally, an attribute was removed from Expense Report Attendees, and various attributes were added to or removed from audit business objects.

Import Validation of Models and Controls

A validation is performed when you import model or control xml files. If imported models reference obsolete attributes or business objects, the import job indicates "Job completed with warnings," the status of models with obsolete artifacts is set to Inactive, and their state is set to Invalid. If imported controls reference obsolete attributes or objects, they are not imported, and the import job indicates "Job completed with errors."

Filter Condition Used for Delivered Business Objects

As you define a standard filter for a transaction model, you can use the "Is not related to" condition only between delivered business objects. This condition is no longer available for filters that call user-defined or imported objects.

Related Links Tab Is Removed

Several pages included a Related Links panel tab. This tab has been removed, and each link is relocated elsewhere — in the Actions menu, as a new tab, or as a button directly on a page.

Control Details Extract Report Is Removed

The Control Details Extract report for Advanced Controls no longer exists. You can now use OTBI to create the same report.

Bell Notification Link Now Displays Results

In prior releases, the Fusion notification link with title New Incidents for Control would open a page that showed the springboard. Now, when you select the link in the notification, the results related to that control are displayed.

Perspective Shuttle Hover Text Is Clearer

In the model definition page, the perspective shuttle has buttons that allow you to move perspective values from the available perspective values side to the selected perspective values side, and vice versa. The hover text for these buttons was ambiguous, but now clearly communicates what each does.

Purge Control Analysis Data Job Summary Enhanced

When the Purge Control Analysis Data job finishes running, you can click on the hyperlink of the job status to view the purge parameters and the number of records purged.

Advanced Access Controls

REST API for Third-Party Provisioning Tools

A new synchronous REST API capability enables you to integrate rules with third-party user-provisioning workflows. In a new page in Advanced Access Controls, security administrators can quickly create provisioning rules that define pairs of Oracle Cloud job roles that are considered high risk. Once these rules are created, the third-party provisioning tool can call the REST API to determine if a job-role assignment violates any of these provisioning rules.

Audit Is Enabled for Access Entitlements and Global Users

Using audit, you can now track changes made to access entitlements and global users.

New and Updated Delivered Model Content

Oracle delivers one new model to detect segregation-of-duties conflicts (5892: Maintain Supplier Bank Accounts and Create Payments), and has revised several entitlements used by models delivered with earlier updates. Updated entitlements include Approve Payables Invoices, Create Payments, Cycle Counting, Inventory Transactions, Payroll Personal Data, Physical Inventory, Pick Release Goods, Receive Goods and Services, Release Sales Order, and Ship Confirm Goods.

User-Defined Access Point Automatically Removes Invalid Access Points

Although rare, it is possible for an access point such as a role or privilege to become obsolete. Previously, if even one access point in a user-defined access point was obsolete, no values would be returned in the user-defined access point definition. Now, only the obsolete access point will be removed from the definition.

Enforcement Type Is Removed

In prior releases, an enforcement type — Prevent, Monitor, or Approval Required — could be assigned to each control. To eliminate a false perception that an automated enforcement was in place, rather than just a suggested treatment, the Enforcement Type field is removed entirely.

Obsolete Access Condition Attribute

As a heads-up, a redundant access condition attribute will be removed in an upcoming release. The HCM Data Role attribute lists all roles. Roles are just access points and the same can be found in the access point condition attribute.

If you have any existing global or model level conditions referencing that attribute, be sure to replace them with the access point attribute so that you won't be affected when we make it obsolete in the future.

Based on Control Field Is Added for Simulations

You can create a simulation from a visualization; its remediation steps would apply to the one control depicted by the visualization. Or you can create a simulation from LOV fields; its remediation steps would encompass all active controls. Previously, there was no way to tell if the simulation applied to one control or across all active controls. This information is now exposed on the Access Simulations management page and the pages to create and edit simulations.

Visualization Is Enhanced in Simulations

You can now use the visualization tool to remove remediation steps graphically from a simulation.

Related Links Tab Is Removed

Several pages included a Related Links panel tab. This tab has been removed, and each link is relocated elsewhere — in the Actions menu, as a new tab, or as a button directly on a page.

Control Details Extract Report Is Removed

The Control Details Extract report for Advanced Controls no longer exists. You can now use OTBI to create the same report.

Bell Notification Link Now Displays Results

In prior releases, the Fusion notification link with title New Incidents for Control would open a page that showed the springboard. Now, when you select the link in the notification, the results related to that control are displayed.

Perspective Shuttle Hover Text Is Clearer

In the model definition page, the perspective shuttle has buttons that allow you to move perspective values from the available perspective values side to the selected perspective values side, and vice versa. The hover text for these buttons was ambiguous, but now clearly communicates what each does.

Purge Control Analysis Data Job Summary Enhanced

When the Purge Control Analysis Data job finishes running, you can click on the hyperlink of the job status to view the purge parameters and the number of records purged.

Access Certification

Applied Finalize Roles Scoreboard

The Finalize Roles page now displays the number of roles you have selected for a certification, the number of roles that have been returned by the scoping filters, and the number of roles you have chosen to exclude.

Users' Direct Managers Can Review Role Assignments

You can now route user-role combinations to users' direct managers as the initial workflow phase of a certification. Each direct manager can view or take action only on records of users who report directly to him or her. Direct managers have access to the My Team page, which is secured by a new privilege associated to the Line Manager duty role. Direct managers are notified of their tasks through email and bell notifications.

Transactional Business Intelligence for Risk Management

Security Associated to New BI Reporting Role

All family-specific folders such as Human Capital Management, Financials, and Risk Management are visible in the OTBI catalog under Shared Folders. Even if you don't have data access to the delivered reports in these folders, you can still see the folders. New reporting duty roles control which folders are visible. Use the Security Console to assign these roles.

Reporting Access Granted to Risk Management Auditor Role

A new predefined job role, called Risk Management Auditor, was made available in 19C. The role did not have access to run reports in OTBI. It now does.

Risk Evaluation Fields Are Added

Risk evaluation fields have been added to the risk analysis dimension to the Risk Management Cloud - Compliance Real Time subject area.

Test Plans Dimension Is Added

A Test Plans dimension has been added to the Risk Management Cloud - Compliance Real Time subject area. The new dimension is a subfolder to the Control Details dimension.

Run Status Attribute Is Added

The Advanced Control Details dimension now contains a Run Status attribute. This dimension exists in two subject areas: Risk Management Cloud - Advanced Access Controls Real Time and Risk Management Cloud - Advanced Financial Controls Real Time. Examples of the values returned by the new attribute are Failed, Completed, and Not Started.

New Dashboard Documents Remediation Plans in Simulations

A new Simulation Remediation Plan dashboard is delivered in OTBI. In a future release, this dashboard will replace the report currently run from the Simulation page.

New Simulation Dimensions in Advanced Access Controls Subject Area

Three new dimensions support the new Simulation Remediation Plan dashboard. Included in the Risk Management Cloud - Advanced Access Controls Real Time subject area, these dimensions are Simulation, Simulation and Incident Path Counts, and Simulation User and Role Impact.

Access Entitlement Created By and Last Updated By Populated

Previously, access entitlement created by and last updated by attributes were not populated. Now they are.