This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:
| Date | Module | Feature | Notes |
|---|---|---|---|
| 26 JAN 2023 | IMPORTANT Actions and Considerations | Guidance for Journal Entry Objects | Updated document. Added section. |
| 16 DEC 2022 | Created initial document. |
HAVE AN IDEA?
We’re here and we’re listening. If you have a suggestion on how to make our cloud services even better then go ahead and tell us. There are several ways to submit your ideas, for example, through the Ideas Lab on Oracle Customer Connect. Wherever you see this icon after the feature name it means we delivered one of your ideas.
GIVE US FEEDBACK
We welcome your comments and suggestions to improve the content. Please send us your feedback at oracle_fusion_applications_help_ww_grp@oracle.com.
DISCLAIMER
The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.
This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.
Column Definitions:
Report = New or modified, Oracle-delivered, ready to run reports.
UI or Process-Based: Small Scale = These UI or process-based features are typically comprised of minor field, validation, or program changes. Therefore, the potential impact to users is minimal.
UI or Process-Based: Larger Scale* = These UI or process-based features have more complex designs. Therefore, the potential impact to users is higher.
Features Delivered Disabled = Action is needed BEFORE these features can be used by END USERS. These features are delivered disabled and you choose if and when to enable them. For example, a) new or expanded BI subject areas need to first be incorporated into reports, b) Integration is required to utilize new web services, or c) features must be assigned to user roles before they can be accessed.
| Ready for Use by End Users Reports plus Small Scale UI or Process-Based new features will have minimal user impact after an update. Therefore, customer acceptance testing should focus on the Larger Scale UI or Process-Based* new features. |
Customer Must Take Action before Use by End Users Not disruptive as action is required to make these features ready to use. As you selectively choose to leverage, you set your test and roll out timing. |
|||||
|---|---|---|---|---|---|---|
| Feature |
Report |
UI or |
UI or |
|
||
New Fact Folder Relationships Between Existing Dimension Folders |
||||||
Selection of Perspective Hierarchies for Assessment Batches Is Refined |
||||||
Better Visibility to the Progress of Business Object Data Synchronization |
||||||
You can create additional lookup values for predefined lookup codes in Risk Management > Setup and Administration > Lookups. When you create a new value, the combination of the lookup value and code must be unique.
Example of the Risk Management > Setup and Administration > Lookups.
The secondary header for the Risk Management > Setup and Administration > Configuration Options has been updated to Configure Module Objects.
An Example of the Configuration Objects Layout
Because administrators can no longer use the same values in multiple lookup code and value combinations, a possibility for creating confusion for end users is eliminated. The clarification of the secondary header in the Configuration Options page decreases the likelihood of misinterpretation.
Steps to Enable
You don't need to do anything to enable this feature.
Transactional Business Intelligence for Risk Management
New Dimension Control Assessment Result Details Available
A new dimension is now available in Risk Management Cloud - Compliance Real Time: Control Details > Control Assessment Result Details. The following attributes are included:
- Assessment Result State
- Completion Date
- Response
- Result ID
- Result Summary
View of the Risk Management Cloud - Compliance Real Time > Controls > Control Assessment Result Details
Internal control is a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance: That information is reliable, accurate, and timely. The addition of the Control Assessment Result Details enables customers to quickly build a time period-based analysis to render control records that haven't been assessed versus those that have been assessed.
Steps to Enable
You don't need to do anything to enable this feature.
Tips And Considerations
To enhance the overall performance of an analysis with assessment results, the following SQL should be applied:
Navigation: OTBI > Analysis > Advanced SQL Clauses > Prefix
SET VARIABLE OBIS_ORACLEDB_HINTS_FOR_TOP_SELECT='OPT_PARAM
(''_complex_view_merging'',''false'')
OPT_PARAM(''_optimizer_skip_scan_enabled'',''false'')
OPT_PARAM(''_push_join_predicate'',''false'')
OPT_PARAM(''_optimizer_push_pred_cost_based'',''false'')
GATHER_PLAN_STATISTICS MONITOR';
Before applying the above SQL copy and paste into an application to remove unnecessary characters (for example Notes) and then apply to your analysis.
New Fact Folder Relationships Between Existing Dimension Folders
The default fact for a subject area determines the join to be used when you combine dimensions. To override that default fact, you add facts. For example, you may use the Compliance Real Time subject area to create an analysis that includes Process Name and Perspective. To see perspective values assigned to processes, you need to add a metric from the Process fact; otherwise, control perspectives appear.
The following relationships have been applied to Risk Management Cloud Compliance Real Time and Assessment Results Real Time subject areas.
Facts - Assessment Results
- Control Test Plans
- Inaccessible Records and Worklists
Facts - Controls
- Assessment Results Details
- Process Details
- Survey Details
Facts - Issue
- Control Test Plan Results
Facts - Process
- Assessment Results Details
- Control Details
- Control Stratification
- Control Test Plan Results
- Survey Details
Facts - Risk
- Assessment Results Details
- Control Test Plan Results
- Control Test Plans
- Process Details
- Survey Details
Facts - Remediation
- Control Test Plan Results
- Perspective
- Treatment Plans
Facts - Survey
- Assessment Result Attachments
- Assessment Results Details
- Control Test Plan Results
- Inaccessible Records and Worklists
The addition of fact relationships further enhances your real-time insight into your data. By understanding data patterns, you can be alerted to key events or anomalies.
Steps to Enable
You don't need to do anything to enable this feature.
Financial Reporting Compliance
Financial Reporting Compliance
Record ID Is Displayed and Available for Search
The following object records have a unique ID field known as Record ID. The Record ID is system-generated and can't be edited or deleted. It's generated every time a new record is inserted into the application.
- Process
- Risk
- Control
- Control Test Plans (4 total)
- Assessment Result Record
- Issue
- Remediation Plan
- Action Item (attribute was Action ID and updated to Record ID)
The Record ID is rendered within the object's manage page, edit page, and view page. By default the Record ID isn't rendered in the manage page table; however, you can easily add the column to the view and save it there. You can also use the Record ID to search for defined records.
A Record ID is an additional identifier that marks that particular record as unique from every other record. It allows the defined record to be referenced without confusion or unintentional overwriting of other records.
Steps to Enable
You don't need to do anything to enable this feature.
The layout of Detail forms and Additional Information panels is improved for records of the following objects. Changes have been made in the create, edit, and view modes.
- Assessment Records
- Controls
- Control Test Plans
- Issues
- Remediation Plans
The focus of these enhancements was on anticipating what the user needs to document, arranging the order in which labels appear, and ensuring consistency across object records.
An Example of the Create Control Layout
The Perspectives > Perspectives Hierarchies > Perspective shuttle headers have been updated to Perspective Hierarchy and Perspective Items.
An Example of the View Perspective Definition Layout
A better muticolumn-layout experience decreases the likelihood of misinterpretation. Users will be less likely to skip required fields, input data into the wrong fields, or simply abandon forms entirely.
Steps to Enable
You don't need to do anything to enable this feature.
Selection of Perspective Hierarchies for Assessment Batches Is Refined
While initiating an assessment batch, you can select perspective values as filters; the batch can then include only object records assigned those values. In the Assessment Batch Scoping guided process, the Perspective Selection step now presents only perspective hierarchies mapped to the type of object you're assessing (Process, Risk, or Control).
You're now prevented from selecting perspective hierarchies and values that aren't relevant to the assessment batch you're scoping.
Steps to Enable
You don't need to do anything to enable this feature.
Support of Rich HTML in Survey Instructions
While creating a survey template, users often include instructions to assist the survey participants. Within the Survey Content section, the ability to apply rich HTML to the instructions included in the Survey Content area has been enhanced. Users can now add strike-through, and font color. Rich HTML provides appearance tools to adjust text size and style, such as italics or bold text. In addition, you can include formatting to the instructions, such as bullet lists, and align text to suit your messaging goals. You can also apply formatting adjustments to emphasize important parts of your instructions.
An Example of Create Survey Template Page
Rich HTML in the survey instructions allows you to apply a range of styles and features that can make the instructions more engaging to your survey participants.
Steps to Enable
You don't need to do anything to enable this feature.
Tips And Considerations
To ensure proper technical-security protocols, hyperlinks within the survey instruction will not be supported. When a hyperlink is needed, the URL will be rendered as text and the end user can copy and paste the URL within a browser window.
You can define control type values in the Lookups feature of Setup and Administration, and then assign the values to controls as you create or edit them. In the Controls search page, you can now search for control records by type. But this capability is not available by default. You have to configure it: click Show Filters > Add, and select Object Type. Then enter a search-parameter value in the Object Type field.
An Example of Show Filters
The ability to add control Object Type further optimizes the search results.
Steps to Enable
You don't need to do anything to enable this feature.
Changes Are Made to Business Objects
This release includes changes and attribute additions to business objects.
Business Object Changes
The following business objects have been updated with new attributes.
| Business Object | New Attributes |
|---|---|
| Employee Job Assignment |
|
| Business Operating Unit |
|
| Audit - Person Allocated Checklist |
|
Business Object Category Changes
There are two business objects where the Category changed.
- Payroll Transaction object Category was changed from Configuration to Transaction. Transaction categories synchronize data based on the Transactions Created as Of date on the Advanced Controls Configuration page.
- Purchasing Approved Supplier List Statuses object was changed from Transaction to Operational master data. Operational categories synchronize all records. This may generate new control incident results since all object data is now considered.
Attribute Name Changes
Business object attributes correspond to various business areas. In an effort to align the attribute labels shown in the Advanced Financial Controls business objects to labels defined in the corresponding application pages, some are updated.
| Business Object Name | Old Attribute Name | New Attribute Name |
|---|---|---|
| Employee Job Assignment | Created By | Assignment: Created By |
| Employee Job Assignment |
Creation Date | Assignment: Creation Date |
| Employee Job Assignment |
Last Updated By | Assignment: Last Updated By |
| Employee Job Assignment |
Last Updated Date | Assignment: Last Updated Date |
| Employee Job Assignment |
Effective Date From | Effective Start Date |
| Audit - Customer Account | Do Not Confuse With Old | Don't Confuse With Old |
| Audit - Customer Account | Do Not Confuse With New | Don't Confuse With New |
| Audit - Customer Site Location Details | Do Not Validate Old | Don't Validate Old |
| Audit - Customer Site Location Details |
Do Not Validate New | Don't Validate New |
| Audit - Item Supplier Extensible FlexField | Item Number | Item |
| Audit - Supplier Sites | Over-receipt Tolerance Old | Overreceipt Tolerance Old |
| Audit - Supplier Sites |
Over-receipt Tolerance New |
Overreceipt Tolerance New |
| Audit - Supplier Sites |
Over-receipt Action Old |
Overreceipt Action Old |
| Audit - Supplier Sites |
Over-receipt Action New |
Overreceipt Action New |
Business Object Relationship Changes
There are times when business object relationships are evaluated and could be removed or changed. For this release, these changes include:
-
The existing relationship direction between Supplier and Supplier Site Location was reversed. Now the relationship path is Supplier Site Location to Supplier to improve performance and data accuracy. As an example, and depending upon your model design, using these two business object in conjunction with transactions like invoices might have generated extra results when there are many sites for a given supplier. The updated relationship reversal will only associate the supplier site related to the invoice record.
-
A relationship exists between the Purchase Order and Supplier business objects and the Purchase Order and Business Operating Unit business objects. These relationships were including Payables Invoice Details object, and should not have retrieved that data. This has been removed, and therefore any model using Purchase Order and Payables Invoice should be evaluated on whether you should consider adding Payables Invoice Details object. Invoices can contain purchase order references at the header or line level of an invoice. Model 30003: Backdated Purchase Order is directly impacted, as mentioned in this document under Revised Model in Content Library.
Updates to business objects provide additional attribute criteria for your controls, and those updated for audit maintain alignment to Manage Audit Policies data source.
Steps to Enable
When you use business objects that introduce new attributes or different types, you must run the Transaction Data Source Synchronization job. Business objects with attribute or object changes require that the data synchronization job be run in order to return the related values. Depending upon the number of business objects you are using across models and controls, the data synchronization job may take a little longer than usual.
Tips And Considerations
For renamed attributes, you don't need to do anything to models or controls that reference these names. Just be aware they have changed.
Revised Model in Content Library
The Enterprise Resource Planning Library content library has one model that was updated. When you have access, you will be able to select the Import action on the Models tab and select revised 30003: Backdated Purchase Orders from the content library.
The model was updated due to the relationship change mentioned in Changes Are Made to Business Objects, requiring the Payables Invoice Detail business object to be added. These changes include:
A new user-defined object (UDO) identifies any invoice containing a purchase order across the Payables Invoice and Payables Invoice Details business objects. This UDO is called Payables Invoices with Purchase Orders. Model-logic filters include:
- Date filter to return three months of invoice transactions
- Identifies invoices with purchase order IDs either at the header level, or at the line level
- An equals filter is applied on business unit between Payables Invoice and Business Operating Unit objects
The final model 30003 then uses this new Payables Invoices with Purchase Orders UDO with the Purchase Order object. The Model Logic includes:
- Date filter to return three months of invoice transactions
- Creates a relationship between the Purchase Order ID and invoice header, or invoice line of transaction
- The final filter is still the same, where it looks for purchase orders created after the invoice date
Updates to existing model content can be made periodically, based on changes to business objects, input, or recommendations by experts.
Steps to Enable
NOTE: There is no way to revise an existing control with new business objects, filters, or the attributes displayed. Uptake of the delivered-model revision starts by importing and reviewing it as a model. Later, you can inactivate your original model 30003 if you are currently using it.
No advance setup is required for you to import models in Advanced Controls. However, a Risk Management administrator must set the Transaction and Audit Performance Configuration date options under the Advanced Controls Configuration tab under Risk Management > Setup and Administration. The two created-as-of-date options are required, one for transactions and the other for audit events. These settings improve performance by eliminating older data from data-synchronization jobs. When these created-as-of-date options already exist, you should periodically review and change them to return only current data.
Tips And Considerations
Before using new model content, evaluate available models that match requirements for your organization under the Import action for models. The Import from Content Library page is organized by product area and model types. Once you identify models appropriate for you, import, review, and modify them in your test environment. Importing all available models is not recommended. In some cases, you may have already imported the model in a previous update. Or, some may source data from products or audit configurations you have not enabled. Moreover, models may contain user-defined or imported business objects that create data set controls or objects, respectively.
Better Visibility to the Progress of Business Object Data Synchronization
During a data synchronization job, a new status display enables you to view the current status of each business object undergoing synchronization: whether it's pending, in progress, or completed. In addition, the count of records processed with no error now includes those that haven't been updated, but were still processed. To view this information, open the Summary page available from the record of the synchronization job in the Manage Jobs page.
Business object sync status indicator
In previous releases, you could monitor whether record counts were still updating. That would give a pretty good, but not exact, idea of whether synchronization of each business object was finished. This new status indicator gives you the actual status.
Steps to Enable
You don't need to do anything to enable this feature.
Tips And Considerations
Sometimes the transaction sync job can run for awhile, especially if there is a lot of data being requested for analysis. To get a sense of where the sync job is, simply open the details via the job status link and you can see as the primary business objects, and all related business objects are updated.
Now you can copy access entitlements. In the Access Entitlements page, select an entitlement. (You can copy only one entitlement at a time.) Then click the copy icon located between the add and edit icons in the toolbar.
Copy Action
All of the access points defined in the selected entitlement are copied to a new entitlement, where you can add or remove access points as needed.
Copied Entitlement
Just change the entitlement name to make it unique and click Save and Close. You're all set to use the newly copied entitlement.
You may need to create a new entitlement depending on the control requirements of your organization. Oracle offers many delivered controls and entitlements, and customers can also create their own. In either case as controls are reviewed, it may become necessary to tailor the controls and entitlements to match the needs of your organization. For example, a customer may choose to create sensitive-access controls related to web-service privileges. It may be quicker to copy a delivered entitlement that already includes the desired web-services and remove the privileges that are not web-services.
Steps to Enable
You don't need to do anything to enable this feature.
Updated Delivered Model Content
Oracle has made some changes to delivered content. If you're using any of the affected models, consider making the same changes.
GENERAL LEDGER
Updated Entitlement
- Set up General Ledgers
Removed Privileges
- Run Data Access Set Listing Report
- Run Balancing Segment Value Assignment Report
- Define Reporting Currency
- Specify Ledger Option
The Run Data Access Set Listing Report and Run Balancing Segment Value Assignment Report privileges don't have any transactional risk and therefore are removed. The Define Reporting Currency and Specify Ledger Option privileges were removed because they were already covered in the following existing controls:
- 6912: Enter Journals and Set Up General Ledger Currencies
- 7692: Post Journal Entry and Set Up General Ledger Currencies
- 6916: Enter Journals and Set Up General Ledger Options
- 7696: Post Journal Entry and Set Up General Ledger Options
Affected Models
- 6921: Enter Journals and Set Up General Ledgers
- 7554: Post Journal Entry and Set Up General Ledgers
Removed Entitlement
- Manage GL Enterprise Structures
This entitlement only had one privilege: Manage Oracle Fusion General Ledger User Preferences. This privilege only allowed a user to change their own user preferences and so it isn't a risk.
Removed Models
- 6923: Enter Journals and Manage General Ledger Enterprise Structures
- 7556: Post Journal Entry and Manage General Ledger Enterprise Structures
ACCOUNTS PAYABLE
Updated Entitlement
- Create Payments
Removed Privileges
- Edit Payables Payment: This privilege allows for changes on invoices but the invoice total must remain the same. Nothing material can be changed on the invoice and so it's not considered a risk.
- Reissue Payables Payment: This privilege allows a previous payment to be voided and a replacement to be created. Nothing material can be changed and so it's not considered a risk. A general use case might be if someone loses a check and requests a new one.
Affected Models
- 5810: Approve Payables Invoices and Create Payments
- 5890: Create Payables Invoices and Create Payments
- 5892: Maintain Supplier Bank Accounts and Create Payments
- 5896: Create Payments and Receive Goods and Services
- 5970: Create Purchase Orders and Create Payments
- 5980: Create Suppliers and Create Payments
- 6680: Set Up Payment and Create Payments
- 6810: Enter Journals and Create Payments
- 7610: Post Journal Entry and Create Payments
- 9012: Merge Suppliers and Create Payments
- 9300: Bank Account Reconciliation and Create Payments
The content library is continually reviewed by experts in relevant business areas to provide the most accurate and comprehensive SoD and sensitive access control definitions. Consider uptaking these new models and entitlement changes based on your business requirements.
Steps to Enable
You don't need to do anything to enable this feature.
Expanded the Copy Certification List of Values
As you create a new certification, you can base it on a prior certification. You can now select among all previous certifications, regardless of their status. The Reuse Prior Certification Definition field displays the certifications in chronological order with the most recent listed first, and allows suggestive search.
The enhancement to copy any previous certification further streamlines the process of managing certifications with ease.
Steps to Enable
You don't need to do anything to enable this feature.
Email reminders request that users complete certification tasks. Owners and managers can now send them on demand. This replaces a method by which owners set due dates, and the application sent reminders automatically when those dates arrived. To maintain consistency across Risk Management, the feature is similar to reminder emails in Financial Reporting Compliance.
The certification owner can alert managers, certifiers, and direct managers who have tasks to complete for an active certification. Managers can alert the certifiers they manage and direct managers of users assigned the roles they manage. The wording of a predefined reminder-email template varies depending on whether the certification due date is approaching or has passed, and owners and managers can modify the template.
An example of the action to send an email reminder
An example of the send email reminder form. The owner can choose the group of actors to receive the email and customize the subject and body of the email.
Email reminders provide the certification owner an opportunity to effectively catch recipients' attention to the tasks requiring them to act.
Steps to Enable
You don't need to do anything to enable this feature.
Tips And Considerations
The email-reminder attributes in the General certification train stop have been removed and replaced with the new Send Email Reminder functionality. It is important to appropriately manage email reminders to a minimum. Proper management will decrease the potential of the reminders becoming an annoyance.
IMPORTANT Actions and Considerations
ADVANCED FINANCIAL CONTROLS
Performance Improvement
Overall, there are performance and storage management updates when you run data synchronization and analysis. With these updates, you will need to run data synchronization after upgrade that will perform a full sync instead of an incremental one. Depending upon the number of business objects you are using across models and controls, the data synchronization job may take a little longer than usual. There is no impact to existing control incident records.
Guidance for Journal Entry Objects
Quarterly update 22B introduced a new Journal Entry business object that can be synchronized and analyzed faster than the original one, which was renamed to Journal Entry Expanded. If you use the original object, we recommend that you transition to the new one. Here’s how:
- Identify all models and controls that use the original object Journal Entry Expanded.
- Build new models and test them using the new object Journal Entry, then deploy them as controls once you’re satisfied.
- Optionally, compare the results of your new models and controls to your original ones to further validate their design. If you choose this step, we recommend completing it in 23A, because 23B and later will let you sync either the new object or the original one, but not both.
- Once you’re satisfied with your new models and controls, delete your original models and inactivate your original controls. Once the controls are inactive, you can also delete them. Be sure to complete this step by 23C, because in future releases we won't sync the original Journal Entry Expanded object.