Cloud Readiness / Oracle Risk Management Cloud
What's New
Expand All


  1. Update 20D
  1. Revision History
  2. Overview
  3. Feature Summary
    1. Risk Management
    2. Financial Reporting Compliance
        1. Updates to the Assessment Train
        2. Enhancements to Assessment Records Security Assignment
        3. Record Owner Receives Notification
    3. Advanced Access Controls
        1. New and Updated Delivered Model Content
        2. New Result Pages Summarized by Control, User, and Role
        3. Combine Up to Three Entitlement Filters
        4. Advanced Access Model Result Report Synchronization
        5. Data Set Advanced Controls No Longer Require Result Security Mapping
        6. Email Announcement of New Control Results Is Consolidated
    4. Advanced Financial Controls
        1. New Models in Content Library
        2. Changes Are Made to Business Objects
        3. Data Set Advanced Controls No Longer Require Result Security Mapping
        4. Email Announcement of New Control Results Is Consolidated
    5. Transactional Business Intelligence for Risk Management
        1. Report on Revoked Access
        2. New OTBI Subject Area for Model Results
  5. IMPORTANT Actions and Considerations

Update 20D

Revision History

This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:

Date Product Feature Notes
28 OCT 2020 IMPORTANT Actions and Considerations  

Updated document. Added topics.
18 SEP 2020     Created initial document.

Overview

This guide outlines the information you need to know about new or improved functionality in this update, and describes any tasks you might need to perform for the update. Each section includes a brief description of the feature, the steps you need to take to enable or begin using the feature, any tips or considerations that you should keep in mind, and the resources available to help you.

Give Us Feedback

We welcome your comments and suggestions to improve the content. Please send us your feedback at oracle_fusion_applications_help_ww_grp@oracle.com.

Feature Summary

Column Definitions:

Features Delivered Enabled

Report = New or modified, Oracle-delivered, ready to run reports.

UI or Process-Based: Small Scale = These UI or process-based features are typically comprised of minor field, validation, or program changes. Therefore, the potential impact to users is minimal.

UI or Process-Based: Larger Scale* = These UI or process-based features have more complex designs. Therefore, the potential impact to users is higher.

Features Delivered Disabled = Action is needed BEFORE these features can be used by END USERS. These features are delivered disabled and you choose if and when to enable them. For example, a) new or expanded BI subject areas need to first be incorporated into reports, b) Integration is required to utilize new web services, or c) features must be assigned to user roles before they can be accessed.

Ready for Use by End Users
(Features Delivered Enabled)

Reports plus Small Scale UI or Process-Based new features will have minimal user impact after an update. Therefore, customer acceptance testing should focus on the Larger Scale UI or Process-Based* new features.

Action is Needed BEFORE Use by End Users
(Features Delivered Disabled)

Not disruptive as action is required to make these features ready to use. As you selectively choose to leverage, you set your test and roll out timing.

Feature

Report

UI or
Process-Based:
Small Scale

UI or
Process-Based:
Larger Scale*

Risk Management

Financial Reporting Compliance

Updates to the Assessment Train

Enhancements to Assessment Records Security Assignment

Record Owner Receives Notification

Advanced Access Controls

New and Updated Delivered Model Content

New Result Pages Summarized by Control, User, and Role

Combine Up to Three Entitlement Filters

Advanced Access Model Result Report Synchronization

Data Set Advanced Controls No Longer Require Result Security Mapping

Email Announcement of New Control Results Is Consolidated

Advanced Financial Controls

New Models in Content Library

Changes Are Made to Business Objects

Data Set Advanced Controls No Longer Require Result Security Mapping

Email Announcement of New Control Results Is Consolidated

Transactional Business Intelligence for Risk Management

Report on Revoked Access

New OTBI Subject Area for Model Results

>>Click for IMPORTANT Actions and Considerations

Risk Management

Oracle Risk Management consists of the following key solution areas:

  • Financial Reporting Compliance to automate audit assessments and certifications.
  • Advanced Access Controls to manage user access and separation-of-duty risk.
  • Advanced Financial Controls to continuously monitor configuration changes and business transactions.
  • Access Certifications to streamline reviews by process owners to ensure that employees have been granted appropriate access based on their current jobs.
  • Enterprise Risk Management to streamline the analysis, evaluation, and treatment of documented risks.

Financial Reporting Compliance

Updates to the Assessment Train

The complete assessment flow has been updated, to streamline the user experience. 

Complete Assessment UI View

The assessment Introduction step has been updated to display only Assessment Details and Participants sections. Among the details, you can click a Record Being Assessed value to open the record of the item you're assessing, in read-only mode. There you can view all information specific or relating to the item. To return to the Introduction page, click the back icon. In addition, the Review Prior Results step has been removed from the assessment flow. If you want to view prior assessment results, open the record of the item you're assessing and select its Assessment tab.

The overall benefit is to streamline the assessment flow.

Steps to Enable

You don't need to do anything to enable this feature.

Enhancements to Assessment Records Security Assignment

The Assessment Records Security Assignment UI page has been enhanced to simplify the view of associated perspective values and the assigned assessment actors.

Assessment Record Security Assignment - Associated Perspective and Security Assignment list are now aligned

The benefit is to streamline the assessment record security assignment.

Steps to Enable

You don't need to do anything to enable this feature.

Record Owner Receives Notification

In the event when there is no longer an assigned record reviewer for a record in the In Review state, the record owner will receive the required action notification.

The benefit is when the assigned record reviewer is no longer eligible, the record owner is notified and can update the security assignment.

Steps to Enable

You don't need to do anything to enable this feature.

Advanced Access Controls

New and Updated Delivered Model Content

Oracle delivers eight new models to detect separation-of-duties conflicts and sensitive access, and has revised three entitlements that affect several models.

New Models

  • 5241: Enter Accounts Receivables Invoice and Enter Journals
  • 5242: Enter Accounts Receivables Invoice and Post Journal Entry
  • 6924: Manage General Ledger Allocation Formulas and Generate Journal Entries from Allocation Formulas
  • 5898: Manage Approved Supplier List and Create Purchase Agreements
  • 5899: Manage Approved Supplier List and Create Purchase Orders
  • 9804: Sensitive Purchasing Privileges
  • 4574: Create Customer and Create Sales Order
  • 9805: HR Sensitive Access Analysis for Excluded Roles

Revised Entitlements

Add a privilege to the entitlement Create Purchase Orders:

  • Generate Purchase Order

Models affected by the entitlement change:

  • 5970: Create Purchase Orders and Create Payments
  • 6080: Create Purchase Orders and Define Procurement Approval Routing Rules
  • 6090: Create Purchase Orders and Approve Payables Invoices
  • 6120: Create Purchase Orders and Create Payables Invoices
  • 6190: Create Purchase Orders and Receive Goods and Services
  • 6210: Create Purchase Orders and Return Goods and Services
  • 8990: Create Purchase Orders and Manage Payables System Option 
  • 9370: Enter Budget and Create Purchase Orders 
  • 6820: Enter Journals and Create Purchase Orders 
  • 9013: Merge Suppliers and Create Purchase Orders 
  • 7620: Post Journal Entry and Create Purchase Orders

Remove privileges from the entitlement Create Purchase Orders:

  • Change Purchase Order as Procurement Requester
  • Retroactively Price Purchase Order

Models affected by the entitlement change:

  • 5970: Create Purchase Orders and Create Payments
  • 6090: Create Purchase Orders and Approve Payables Invoices
  • 6120: Create Purchase Orders and Create Payables Invoices
  • 6190: Create Purchase Orders and Receive Goods and Services
  • 6210: Create Purchase Orders and Return Goods and Services
  • 6410: Create Suppliers and Create Purchase Orders
  • 6820: Enter Journals and Create Purchase Orders
  • 7620: Post Journal Entry and Create Purchase Orders
  • 8181: Item Costing and Create Purchase Orders
  • 8220: Receipt Accounting Activities and Create Purchase Orders
  • 8990: Create Purchase Orders and Manage Payables System Option
  • 9013: Merge Suppliers and Create Purchase Orders
  • 9370: Enter Budget and Create Purchase Orders
  • 5899: Manage Approved Supplier List and Create Purchase Orders

Add a privilege to the entitlement Create Suppliers:

  • Manage Supplier Profile by REST Service

Models affected by the entitlement change:

  • 5897: Create Suppliers and Receive Goods and Services
  • 5980: Create Suppliers and Create Payments
  • 5984: Create Suppliers and Create Purchase Agreements
  • 5985: Create Suppliers and Maintain Supplier Bank Accounts
  • 6370: Create Suppliers and Approve Payables Invoices
  • 6390: Create Suppliers and Create Payables Invoices
  • 6410: Create Suppliers and Create Purchase Orders

Add privileges to the entitlement Sensitive Human Resource Privileges:

  • Pending Worker Quick Hire
  • Manage Mass Updates Work Area
  • Perform Worker Mass Legal Employer Change
  • Perform Worker Local and Global Transfers

A model is affected by the entitlement change:

  • 4079: Sensitive Human Resource Privileges

Several new models were introduced in previous releases that were not mentioned in any What's New documentation. Here's what's been available:

Delivered in 20A:

  • 10000: Maintain Project Contracts and Maintain Projects
  • 10001: Maintain Project Contracts and Approve Contract Invoices
  • 10002: Maintain Project Contracts and Manage Contract Invoices
  • 10003: Manage Contract Invoices and Approve Contract Invoices
  • 10004: Capture Project Expenditures and Release Project Expenditures
  • 10005: Create Payables Invoices and Maintain Project Contracts
  • 10006: Maintain Project Contracts and Manage Project Forecasts, Budgets
  • 10007: Manage Project Forecasts, Budgets and Adjust Project Costs
  • 10008: Maintain Projects and Maintain Capital Projects
  • 10009: Adjust Project Costs and Maintain Capital Projects
  • 10010: Manage Allocation Transactions and Define Project Cost Allocation Rules
  • 10011: Adjust Project Costs and Perform Project Capitalization
  • 10013: Maintain Project Billing, Revenue and Enter Accounts Receivables Invoice
  • 10014: Maintain Project Accounting Periods and Manage Accounting Period Statuses for Project Accounting
  • 10015: Maintain Project Accounting Transactions, Reporting and Enter Journals
  • 10016: Maintain Project Accounting for General Ledger and Enter Journals
  • 5893: Maintain Supplier Bank Accounts and Approve Payables Invoices

Delivered in 20B:

  • 9361: Sensitive IT Security Privileges
  • 9803: Sensitive Accounting Period Status Privilege

Some entitlements were changed in previous releases, and these changes were not mentioned in any What's New documentation. Here's what was done:

Added privileges to the entitlement Create Suppliers:

  • Manage Supplier Registration Request by Web Service
  • Manage Supplier Spend Authorization Request by Web Services
  • Maintain Supplier Business Relationship

Models affected by the entitlement change:

  • 5897: Create Suppliers and Receive Goods and Services
  • 5980: Create Suppliers and Create Payments
  • 5984: Create Suppliers and Create Purchase Agreements
  • 5985: Create Suppliers and Maintain Supplier Bank Accounts
  • 6370: Create Suppliers and Approve Payables Invoices
  • 6390: Create Suppliers and Create Payables Invoices
  • 6410: Create Suppliers and Create Purchase Orders

Removed a privilege from the entitlement Create Suppliers:

  • Edit Supplier Registration Bank Account

Models affected by the entitlement change:

  • 5897: Create Suppliers and Receive Goods and Services
  • 5980: Create Suppliers and Create Payments
  • 5984: Create Suppliers and Create Purchase Agreements
  • 5985: Create Suppliers and Maintain Supplier Bank Accounts
  • 6370: Create Suppliers and Approve Payables Invoices
  • 6390: Create Suppliers and Create Payables Invoices
  • 6410: Create Suppliers and Create Purchase Orders

Added privileges to the entitlement Create Purchase Orders:

  • Change Purchase Order as Procurement Requester
  • Retroactively Price Purchase Order
  • Manage Purchase Order by REST Service
  • Reassign Purchasing Document

Models affected by the entitlement change:

  • 5970: Create Purchase Orders and Create Payments
  • 6080: Create Purchase Orders and Define Procurement Approval Routing Rules
  • 6090: Create Purchase Orders and Approve Payables Invoices
  • 6120: Create Purchase Orders and Create Payables Invoices
  • 6190: Create Purchase Orders and Receive Goods and Services
  • 6210: Create Purchase Orders and Return Goods and Services
  • 8990: Create Purchase Orders and Manage Payables System Option 
  • 9370: Enter Budget and Create Purchase Orders 
  • 6820: Enter Journals and Create Purchase Orders 
  • 9013: Merge Suppliers and Create Purchase Orders 
  • 7620: Post Journal Entry and Create Purchase Orders
  • 8181: Item Costing and Create Purchase Orders
  • 8182: Manage Receipt Accounting Activities and Create Purchase Orders 
  • 8220: Receipt Accounting Activities and Create Purchase Orders

Some models were changed in previous releases, and these changes were not mentioned in any What's New documentation. Here's what was done:

Changed in 20A

  • Changed entitlement name from ‘Approval Authorization Control’ to ‘Define Procurement Approval Routing Rules’
  • Changed model name from: '6080: Create Purchase Orders and Approval Authorization Control' to '6080: Create Purchase Orders and Define Procurement Approval Routing Rules'

You can quickly identify users that are granted access that is often considered conflicting or sensitive by deploying controls from our best-practice library of content. You can leave the delivered model definitions as-is, or modify them to fit your business compliance criteria. Either way having something to start with should save time and effort.

Steps to Enable

As a rule, when you import a model that uses entitlements, you import the entitlements automatically. But if an earlier version of an entitlement exists in your target environment, the content-import job cannot replace it with a newer version. So:

  • If an entitlement has been revised, but you have not yet imported any of the models that use it, you can import one of these models now. The import operation includes the new entitlement along with the model.
  • If an entitlement has been revised, and you imported a model that uses it during an earlier update, you also imported the earlier version of that entitlement. To use the new version, your only option is to edit your existing entitlement to incorporate its revisions.

New Result Pages Summarized by Control, User, and Role

There are two new pages in the Advanced Controls Results management area. The first is for access violations summarized by control and user, and the second is for access violations summarized by control, user, and role. Both pages enable mass edit of incidents.

To get to these pages, drill on the new User Count column in the Results by Control Summary page.

Results by Control Summary - User Count

Each user that has pending incident paths is listed.

Results by Control and User

Open the user card to see more information about that user, including manager and department.

User Card

Let's say this person is a consultant and is no longer on the project. Select the pencil icon to mass edit all pending incident paths and note the remediation action. In this case, it might be to inactivate the user. Or, drill further to view the roles this user has by clicking the pending incident paths count.

Results by Control, User, and Role

In this case, let's say the user isn't an accounts payable manager. So we click the pencil icon to mass edit all pending incident paths for that user-and-role combination, with a remediation action to remove the accounts payable manager role from the user.

Mass Edit

Or finally, we may want to drill in further to do more analysis on the actual privileges this user has been granted. So we can drill into the pending incident paths to go to the results screen you may already be familiar with.

Results

Watch a Demo

The primary purpose of these new pages are to make it easier for a result investigator to decide or act on pending access incidents after ERP go-live. After ERP go-live, it is unlikely that roles can be redesigned quickly and so investigators need to update potentially thousands of pending access incidents with ease.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

The user count on the Results by Control Summary page and the pending incident counts on the new pages include summarized counts. These counts are updated by a Result Summary Update job, which runs automatically anytime the security synchronization job or a control analysis job is run. If you've just changed security authorizations on a record, or functional security granted to a user, you may find these summarized counts are not immediately updated. Run the security synchronization job to get the latest counts.

Key Resources

Combine Up to Three Entitlement Filters

You can now create access models that allow multiple filters as long as there are no more than three entitlement based filters. For example, you can create a model definition such as Enter Journals & Post Journal Entry & Manage Accounting Period Statuses for General Ledger.

Access Model with Three Entitlements

This feature allows you to be more specific in your model definition, resulting in fewer false positives.

Steps to Enable

You don't need to do anything to enable this feature.

Advanced Access Model Result Report Synchronization

A new subject area for access model results is being added to OTBI, and is covered under the New OTBI Subject Area for Model Results feature. To be reported on, model-result data must by synchronized into the OTBI repository. You run the synchronization job from the Models page: you would first select models whose result data is to be updated in OTBI, then select the Synchronize Results in OTBI option in the Actions menu. Previously synchronized data for other models remains intact.

Synchronize Results in OTBI

This feature assists in the data synchronization process in by allowing the user to select a single model or several models to perform a report sync that updates the results for just those models, and leaves the previously synced data for other models intact. This keeps the overhead down for the report synchronization job whenever a user wants to update the reporting data for a model, which can happen frequently. 

Steps to Enable

You don't need to do anything to enable this feature.

Data Set Advanced Controls No Longer Require Result Security Mapping

In Advanced Controls, an incident control generates records of access assignments or transactions that may violate risk definitions, while a data set control generates data to be included in a user-defined object. You can no longer define result security as you create data set controls, although you continue to be required to define result security as you create incident controls.

Result Security Trainstop for Data set Controls

There is no value in defining security for Advanced Control data set results as they are not accessible on their own and are regenerated each time the control is run.  Disabling this and the need to define result investigators as steps in the Advanced Control creation will make that process more streamlined.

Steps to Enable

You don't need to do anything to enable this feature.

Email Announcement of New Control Results Is Consolidated

Each time the Notification job runs, it sends email messages concerning new pending incidents. For each recipient, the message is consolidated: it contains a list of every advanced control that has generated at least one new incident the recipient is authorized to edit, or own. An incident is new if it was generated after the last time the recipient was alerted.

The benefit of this feature is to reduce the volume of emails that a single user will receive from the Risk Management application. 

Steps to Enable

You don't need to do anything to enable this feature.

Advanced Financial Controls

New Models in Content Library

Advanced Financial Controls has two new models that can be imported through the delivered Content Library. When you have access to these models, you will be able to select the Import action on the Models tab and select them from the Content Library. The following table provides information on the content library, library type, model name and business objects associated to the new model.

Content Library Library Type Model Name Business Objects

Enterprise Resource Planning Library

Advanced Transaction Controls

40005: Suppliers and Purchase Orders Managed by the Same User

Supplier

Purchase Order

Business Operating Unit

Enterprise Resource Planning Library

Advanced Transaction Controls

40006: Customers and Receivables Invoices Managed by the Same User

Customer

Receivables Invoice

These new models for transaction analysis complement separation of duty access models by identifying users who have actually created or updated records between two different entitlements. These access models already exist in the import library and include 6410: Create Suppliers and Create Purchase Orders and 4571: Create Customer and Enter Accounts Receivables Invoice.

Steps to Enable

No advance setup is required for you to import models. However:

  • For audit models, you must review audit-level information configured under Manage Audit Policies in Oracle Fusion Applications. Models that use audit business objects in Advanced Financial Controls can return data only after the corresponding information is enabled and configured under Manage Audit Policies.
  • A Risk Management administrator must set the Transaction and Audit Performance Configuration date options under the Advanced Controls Configurations tab under Risk Management > Setup and Administration. Two created-as-of-date options are required, one for transactions and the other for audit events. This setting improves performance by eliminating older data from data-synchronization jobs.

Finally, once you have performed the above and imported the models, you must run data synchronization, which retrieves the source data used during model analysis.

Tips And Considerations

Before using new model content, evaluate available models that match requirements for your organization under the Import action for models. The Import from Content Library page is organized by product area and model types. Once you identify models appropriate for you, import, review, and modify them in your test environment. Importing all available models is not recommended. In some cases, you may have already imported the model in a previous update. Or, some may source data from products or audit configurations you have not enabled. Moreover, models may contain user-defined or imported business objects that create data set controls or objects, respectively.

Key Resources

  • For more information about importing models, see the "Import Models, Controls, or Conditions" topic in Using Advanced Controls at Oracle Help Center > Cloud Applications > Risk Management > Books.

Changes Are Made to Business Objects

In this release there is some housekeeping to existing audit business objects in Advanced Financial Controls, where there have been additions, name changes, and removal of attributes.

Access the list of Revised Business Object Attributes to review the changes.

Models and controls that use audit business objects return data from product areas and attributes that have been configured and enabled under Manage Audit Policies.  To maintain alignment to this data source, updates to objects and attributes in Advanced Financial Controls are required to reflect those changes.

Steps to Enable

NOTE: If you use any of the obsolete attributes listed, ensure you have the most current models that correspond to your controls by exporting the controls from your 20C environment before you upgrade. Immediately import the controls as models in the 20C environment, because controls using any deprecated attribute in 20D will become invalid.

After you upgrade, identify models and controls that use obsolete attributes by searching on the Inactive status and the Invalid state.

  • You can update models. Follow the inline guidance to do so.
  • You cannot update controls. For any control that uses obsolete attributes, revise the model from which the control is developed so that it uses only valid attributes. Then redeploy the model as a control.

Tips And Considerations

  • Obsolete attributes impact only environments upgraded from 20C; they do not impact new implementations of 20D.
  • For renamed attributes, you don't need to do anything to models or controls that reference these names. Just be aware they have changed. 

Key Resources

Reference the list of Revised Business Object Attributes.

If you use any of the obsolete audit attributes listed, and are upgrading from 20C:

  • For models, refer to the 19A topic "Upgrade Impact to Models with Obsolete Attributes." When you have used an obsolete attribute in your model, additional actions may be required.
  • For controls refer to the 19B topic "Pre-Upgrade Impact to Controls with Obsolete Attributes." When you have used an obsolete attribute in your control, additional actions will be required.

Data Set Advanced Controls No Longer Require Result Security Mapping

In Advanced Controls, an incident control generates records of access assignments or transactions that may violate risk definitions, while a data set control generates data to be included in a user-defined object. You can no longer define result security as you create data set controls, although you continue to be required to define result security as you create incident controls.

Result Security for Data Set Controls

There is no value in defining security for Advanced Control data set results as they are not accessible on their own and are regenerated each time the control is run.  Disabling this and the need to define result investigators as steps in the Advanced Control creation will make that process more streamlined.

Steps to Enable

You don't need to do anything to enable this feature.

Email Announcement of New Control Results Is Consolidated

Each time the Notification job runs, it sends email messages concerning new pending incidents. For each recipient, the message is consolidated: it contains a list of every advanced control that has generated at least one new incident the recipient is authorized to edit, or own. An incident is new if it was generated after the last time the recipient was alerted.

The benefit of this feature is to reduce the volume of emails that a single user will receive from the Risk Management application.

Steps to Enable

You don't need to do anything to enable this feature.

Transactional Business Intelligence for Risk Management

Report on Revoked Access

Records are secured by being assigned to users authorized as owners, editors, or viewers. These authorizations can be assigned only to users granted functional access in the Security Console. In OTBI, you can report on users who remain authorized, but no longer have functional access. To report on this, select the existing "Eligibility Flag" in any user security folder and search for the new value "Authorized but not eligible."

Authorized But Not Eligible

Use this new value to determine users who either need to be removed from the security assignment of an object (since they aren't eligible) or need to be granted the functional access so that they are indeed authorized and eligible.

Steps to Enable

Leverage new subject area(s) by adding to existing reports or using in new reports. For details about creating and editing reports, see the Creating and Administering Analytics and Reports book (available from the Oracle Help Center > your apps service area of interest > Books > Administration).

New OTBI Subject Area for Model Results

A new subject area called Risk Management Cloud - Advanced Access Models Real Time provides a way to analyze the results of models created in Advanced Access Controls. You're also able to synchronize model results to OTBI for select models (instead of all models).

Risk Management Cloud - Advanced Access Models Real Time

An example analysis might look something like this:

Model Analysis

Watch a Demo

With the ability to report on model results in OTBI, a deeper analysis can be done before the model is deployed as a control. It gives an opportunity to do some preliminary remediation activities, or refine the model definition before control deployment.

Steps to Enable

Leverage new subject area(s) by adding to existing reports or using in new reports. For details about creating and editing reports, see the Creating and Administering Analytics and Reports book (available from the Oracle Help Center > your apps service area of interest > Books > Administration).

Tips And Considerations

A synchronization program must be run to gather information pertaining to the Risk Management Cloud - Advanced Access Models Real Time subject area. To do this, navigate to Risk Management > Advanced Controls and select the Models tab, then select one or more models and Actions > Synchronize Results in OTBI. A job is submitted with a format such as: Report Synchronization for 4571: Create Customer and Enter Accounts Receivables Invoice

Note the existing Report Synchronization job only pertains to control results; it will not synchronize models results.

Key Resources

Role Information

The new Advanced Access Control Model Transaction Analysis Duty role for this subject area (FBI_ADVANCED_ACCESS_CONTROL_MODEL_TRANSACTION_ANALYSIS_DUTY) has been seeded to the Advanced Access Controls Analyst job role.

IMPORTANT Actions and Considerations

COMMON

Security

As has been planned and documented since the introduction of Change to Direct Assignment Security Model in 20A, obsolete security artifacts have been removed in 20D.  This also included the following two job roles:

  • Enterprise Risk and Controls Manager job role (replaced with Risk Administrator)
  • Compliance Manager job role (replaced with Risk Activities Manager)

The Security Reference for Risk Management is available at Oracle Help Center > Cloud Applications > Risk Management > Books.

Administration Reports

The Administration Reports link in the slide out tab found in Risk Management > Advanced Controls Reports will be removed in an upcoming release. This is because all equivalent administration reports are now accessible in OTBI.  For example, you can find Change History, Inaccessible Records and Worklists, Unassigned Perspectives, and Related Records Dashboards in OTBI now.

Notifications

In a future release, you will not be able to set a schedule on the Notification job under Setup and Administration > Scheduling.  The Notification job is already embedded and run in conjunction with Security Synchronization.

Perspective Attachments

In a future release you will not be able to attach documents to perspective hierarchies.

ADVANCED CONTROLS

Performance Improvements (Incident Results)

The display of results for Advanced Controls has undergone a significant performance improvement.  In some cases, an improvement of over 50% may be experienced.  When there are few incident results generated for an Advanced Control, the rendering of the incidents should be very fast.  In the past, however, when larger sets of incident results existed, there was a noticeable delay before the data was rendered.  With this improvement, any delay should be far less noticeable.

As part of the performance changes made, all customer defined saved searches created in prior release were not able to be upgraded and therefore must be recreated.

Load Control and Incident Result Records

To load additional control and incident records, you now use a scroll bar to scroll through the records continuously. This replaces a Next button, which used to load 25 records at a time.

Access Attributes Will Be Removed

The following attributes of the Access Condition business object are not supported: Country, Department, Legal Employer, Location, and Reference Data Set. They are to be removed in a future release.

FINANCIAL REPORTING COMPLIANCE

New Assessment-Related Privilege

The next release will add an existing privilege called Create Assessment Batch and Assign Users to predefined duties. It will be used to replace several privileges related to creating impromptu assessments and assigning users to them. The privileges that are to be replaced will be removed in the quarterly update that follows the introduction of the new privilege. If you use customized copies of duty roles that belong to the Risk Activities Manager job role, you'll need to add the new privilege manually to your security roles. Predefined duty roles are updated automatically.