Cloud Readiness / Oracle Risk Management Cloud
New Feature Summary
Expand All


  1. Update 20B
  1. Revision History
  2. Overview
  3. Risk Management
    1. Common
        1. Filtered List of Users in Security Assignment
        2. Security Synchronization Job Summary Is Updated
        3. Security Artifacts Are Renamed
        4. Risk Management Auditor Job Updated
    2. Financial Reporting Compliance
        1. Changes Made to View Approval History
        2. Assessment Batches Support Duplicate Assessment Records
    3. Advanced Financial Controls
        1. Advanced Options Filter Applied as Default
        2. Additional Users in Business Object Security
        3. Message In Business Object Security Is Updated
        4. Update to Advanced Control Import Job Details
        5. Rebuild Graph Now Unique Job
        6. Result Summary Extract Report Is Removed
        7. Unnecessary Synchronization Parameter Removed
    4. Advanced Access Controls
        1. Result Summary Extract Report Is Removed
        2. Entitlement and Conditions Reports Are Removed
    5. Transactional Business Intelligence for Risk Management
        1. User Assignment Security Is Added
        2. Currency Code Is Removed From Issue Details and Remediation Plan Details
        3. Enhancement to Reporting Issues, Remediation Plans and Related Objects
        4. OTBI Analyses Provide Links to Pages
        5. Report on Controls with Zero Results

Update 20B

Revision History

This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:

Date Feature Notes
06 MAR 2020   Created initial document.

Overview

This guide outlines the information you need to know about new or improved functionality in this update.

DISCLAIMER

The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.

This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.

Risk Management

Oracle Risk Management consists of the following key solution areas:

  • Financial Reporting Compliance to automate audit assessments and certifications.
  • Advanced Access Controls to manage user access and segregation-of-duty risk.
  • Advanced Financial Controls to continuously monitor configuration changes and business transactions.
  • Access Certifications to streamline reviews by process owners to ensure that employees have been granted appropriate access based on their current job.
  • Enterprise Risk Management to streamline the analysis, evaluation, and treatment of documented risks.

Common

Filtered List of Users in Security Assignment

To designate owners, editors, or viewers of a record, an owner may select individual users from a list of values. The list is now filtered to show only users who are eligible to be assigned to the record, but have not yet been assigned.

Security Synchronization Job Summary Is Updated

The security synchronization job determines whether users assigned to records have the proper privileges to be eligible for their authorizations. Previously, the job summary showed a record count of users and roles affected by the job. This summary is replaced with record counts of ineligible users by object. With this information you can use the mass edit security assignment page to find and update object records where there are missing or ineligible users.

Security Artifacts Are Renamed

Security artifacts like job roles, duty roles, and privileges have been renamed. This is to support the new direct-assignment security model introduced in 20A.

Risk Management Auditor Job Updated

The predefined Risk Management Auditor job role was introduced in 19C and has been updated to grant view access certification and the corresponding OTBI subject area for reporting.

Financial Reporting Compliance

Changes Made to View Approval History

Changes have been made to the view approval history UX pages across the application. The comments text box has been removed, since comments can be added only while the record is in the workflow process. In addition, the action button has been removed, since no actions can be taken once the review and approval tasks have been completed.

Assessment Batches Support Duplicate Assessment Records

As you initiate an assessment batch, you can create duplicate assessment records for any given object (process, risk, or control), one for each perspective value assigned to the object. For each of the duplicates, you can then select a distinct set of assessors, reviewers, approvers, and viewers. Each set would then assess the object from the point of view of whatever interest the perspective value represents.

Advanced Financial Controls

Advanced Options Filter Applied as Default

Model filters that search for text strings now return records containing matching strings regardless of whether they are preceded or followed by spaces. Therefore, an Ignore Leading and Trailing Spaces advanced option is removed.

Additional Users in Business Object Security

Previously you could assign business object access only to users who could view transaction models or controls. Now you can also assign business objects to users who can create and edit transaction models and controls.

Message In Business Object Security Is Updated

In the Business Object Security page, there is an option to "Grant access to all business objects." Previously when this was unchecked it gave an improper message. This is corrected.

Update to Advanced Control Import Job Details

In Advanced Financial Controls, a model or control may reference an imported business object. You can import the model or control from a file only if the imported object already exists in your target instance. If not, the import job now provides more information regarding which object is missing and so preventing the import.

Rebuild Graph Now Unique Job

A graph rebuild deletes all data for your data source and replaces it with current data for existing models and controls. It used to be that when this job was run, the job name read Transaction Synchronization. Now it reads Rebuild Graph.

Result Summary Extract Report Is Removed

The Result Summary Extract report for Advanced Financial Controls has been discontinued because OTBI enables the same capability but with a far richer user experience.

Unnecessary Synchronization Parameter Removed

In Advanced Controls Configurations, you can create a schedule for the synchronization of transaction data. A Transaction check box has been removed from the parameters you can set to create this schedule. The synchronization job applies to transaction data only, so the check box is unnecessary.

Advanced Access Controls

Result Summary Extract Report Is Removed

The Result Summary Extract report for Advanced Access Controls has been discontinued because OTBI enables the same capability but with a far richer user experience.

Entitlement and Conditions Reports Are Removed

The Entitlement Report and the Conditions Report have been removed from the Advanced Controls Reports work area.  They’ve been discontinued because OTBI enables the same capability but with a far richer user experience.  Since no reports continue to be associated with this link, it's removed as well.

Transactional Business Intelligence for Risk Management

User Assignment Security Is Added

To secure Risk Management records, you authorize individual users or user groups as owners, editors, or viewers. You can now report on which users and groups are authorized, and at what levels, for these objects: controls and issues in Financial Reporting Compliance, and controls and incidents in Advanced Controls.

Currency Code Is Removed From Issue Details and Remediation Plan Details

In a previous release, currency code was removed from Financial Reporting Compliance. To reflect that change, the currency code is removed in the Issue Details and Remediation Plan Details folders of Risk Management Cloud - Compliance Real Time subject area.

Enhancement to Reporting Issues, Remediation Plans and Related Objects

The dimensions have been enhanced in the Risk Management Cloud - Compliance Real Time subject area. You can now report on issues, remediation plans, and their related objects.

OTBI Analyses Provide Links to Pages

You can now drill down from an OTBI analysis directly to pages in Advanced Controls and Access Certification. For Advanced Controls, available links include the manage controls page, results for a control, a control definition, and the result detail page. For Access Certification, available links include owner overview, manager overview, certifier worksheet, and access certifications.

Report on Controls with Zero Results

Previously in OTBI you were not able to report on controls that didn't have any results. Now you can.