This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:
| Date | Feature | Notes |
|---|---|---|
| 29 MAY 2020 | Created initial document. |
This guide outlines the information you need to know about new or improved functionality in this update.
DISCLAIMER
The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.
This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.
Mass Edit More Than 25 Incidents
Previously, you could select up to 25 incident results to mass edit. Now, you can mass edit any number of incidents that match your search criteria.
This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:
| Date | Feature | Notes |
|---|---|---|
| 06 MAR 2020 | Created initial document. |
This guide outlines the information you need to know about new or improved functionality in this update.
DISCLAIMER
The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.
This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.
Oracle Risk Management consists of the following key solution areas:
- Financial Reporting Compliance to automate audit assessments and certifications.
- Advanced Access Controls to manage user access and segregation-of-duty risk.
- Advanced Financial Controls to continuously monitor configuration changes and business transactions.
- Access Certifications to streamline reviews by process owners to ensure that employees have been granted appropriate access based on their current job.
- Enterprise Risk Management to streamline the analysis, evaluation, and treatment of documented risks.
Filtered List of Users in Security Assignment
To designate owners, editors, or viewers of a record, an owner may select individual users from a list of values. The list is now filtered to show only users who are eligible to be assigned to the record, but have not yet been assigned.
Security Synchronization Job Summary Is Updated
The security synchronization job determines whether users assigned to records have the proper privileges to be eligible for their authorizations. Previously, the job summary showed a record count of users and roles affected by the job. This summary is replaced with record counts of ineligible users by object. With this information you can use the mass edit security assignment page to find and update object records where there are missing or ineligible users.
Security Artifacts Are Renamed
Security artifacts like job roles, duty roles, and privileges have been renamed. This is to support the new direct-assignment security model introduced in 20A.
Risk Management Auditor Job Updated
The predefined Risk Management Auditor job role was introduced in 19C and has been updated to grant view access certification and the corresponding OTBI subject area for reporting.
Financial Reporting Compliance
Changes Made to View Approval History
Changes have been made to the view approval history UX pages across the application. The comments text box has been removed, since comments can be added only while the record is in the workflow process. In addition, the action button has been removed, since no actions can be taken once the review and approval tasks have been completed.
Assessment Batches Support Duplicate Assessment Records
As you initiate an assessment batch, you can create duplicate assessment records for any given object (process, risk, or control), one for each perspective value assigned to the object. For each of the duplicates, you can then select a distinct set of assessors, reviewers, approvers, and viewers. Each set would then assess the object from the point of view of whatever interest the perspective value represents.
Advanced Options Filter Applied as Default
Model filters that search for text strings now return records containing matching strings regardless of whether they are preceded or followed by spaces. Therefore, an Ignore Leading and Trailing Spaces advanced option is removed.
Additional Users in Business Object Security
Previously you could assign business object access only to users who could view transaction models or controls. Now you can also assign business objects to users who can create and edit transaction models and controls.
Message In Business Object Security Is Updated
In the Business Object Security page, there is an option to "Grant access to all business objects." Previously when this was unchecked it gave an improper message. This is corrected.
Update to Advanced Control Import Job Details
In Advanced Financial Controls, a model or control may reference an imported business object. You can import the model or control from a file only if the imported object already exists in your target instance. If not, the import job now provides more information regarding which object is missing and so preventing the import.
A graph rebuild deletes all data for your data source and replaces it with current data for existing models and controls. It used to be that when this job was run, the job name read Transaction Synchronization. Now it reads Rebuild Graph.
Result Summary Extract Report Is Removed
The Result Summary Extract report for Advanced Financial Controls has been discontinued because OTBI enables the same capability but with a far richer user experience.
Unnecessary Synchronization Parameter Removed
In Advanced Controls Configurations, you can create a schedule for the synchronization of transaction data. A Transaction check box has been removed from the parameters you can set to create this schedule. The synchronization job applies to transaction data only, so the check box is unnecessary.
Result Summary Extract Report Is Removed
The Result Summary Extract report for Advanced Access Controls has been discontinued because OTBI enables the same capability but with a far richer user experience.
Entitlement and Conditions Reports Are Removed
The Entitlement Report and the Conditions Report have been removed from the Advanced Controls Reports work area. They’ve been discontinued because OTBI enables the same capability but with a far richer user experience. Since no reports continue to be associated with this link, it's removed as well.
Transactional Business Intelligence for Risk Management
User Assignment Security Is Added
To secure Risk Management records, you authorize individual users or user groups as owners, editors, or viewers. You can now report on which users and groups are authorized, and at what levels, for these objects: controls and issues in Financial Reporting Compliance, and controls and incidents in Advanced Controls.
Currency Code Is Removed from Issue Details and Remediation Plan Details
In a previous release, currency code was removed from Financial Reporting Compliance. To reflect that change, the currency code is removed in the Issue Details and Remediation Plan Details folders of Risk Management Cloud - Compliance Real Time subject area.
Enhancement to Reporting Issues, Remediation Plans and Related Objects
The dimensions have been enhanced in the Risk Management Cloud - Compliance Real Time subject area. You can now report on issues, remediation plans, and their related objects.
OTBI Analyses Provide Links to Pages
You can now drill down from an OTBI analysis directly to pages in Advanced Controls and Access Certification. For Advanced Controls, available links include the manage controls page, results for a control, a control definition, and the result detail page. For Access Certification, available links include owner overview, manager overview, certifier worksheet, and access certifications.
Report on Controls with Zero Results
Previously in OTBI you were not able to report on controls that didn't have any results. Now you can.