This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:
| Date | Module | Feature | Notes |
|---|---|---|---|
| 27 APR 2023 | Created initial document. |
HAVE AN IDEA?
We’re here and we’re listening. If you have a suggestion on how to make our cloud services even better then go ahead and tell us. There are several ways to submit your ideas, for example, through the Ideas Lab on Oracle Customer Connect. Wherever you see this icon after the feature name it means we delivered one of your ideas.
GIVE US FEEDBACK
We welcome your comments and suggestions to improve the content. Please send us your feedback at oracle_fusion_applications_help_ww_grp@oracle.com.
DISCLAIMER
The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.
This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.
Column Definitions:
Report = New or modified, Oracle-delivered, ready to run reports.
UI or Process-Based: Small Scale = These UI or process-based features are typically comprised of minor field, validation, or program changes. Therefore, the potential impact to users is minimal.
UI or Process-Based: Larger Scale* = These UI or process-based features have more complex designs. Therefore, the potential impact to users is higher.
Features Delivered Disabled = Action is needed BEFORE these features can be used by END USERS. These features are delivered disabled and you choose if and when to enable them. For example, a) new or expanded BI subject areas need to first be incorporated into reports, b) Integration is required to utilize new web services, or c) features must be assigned to user roles before they can be accessed.
| Ready for Use by End Users Reports plus Small Scale UI or Process-Based new features will have minimal user impact after an update. Therefore, customer acceptance testing should focus on the Larger Scale UI or Process-Based* new features. |
Customer Must Take Action before Use by End Users Not disruptive as action is required to make these features ready to use. As you selectively choose to leverage, you set your test and roll out timing. |
|||||
|---|---|---|---|---|---|---|
| Feature |
Report |
UI or |
UI or |
|
||
Changes Are Made to Business Objects
This update includes the following business object changes.
- Previously, a transaction synchronization job returned all records for the Payroll Definition business object. Now the job returns all active records, and any inactive records that were updated after the most recent run of the job. The date of that most recent run is the transaction synchronization date on the Advanced Controls Configuration page. The Effective Dates: Effective End Date attribute is used to identify active records. Since this is a configuration object with effective dates, you may have had false positive results and this update may close some of your control incidents.
-
The Employee Job Assignment object was only returning the latest history on a given effective start date. It has been updated to return all assignment changes that occur on the same effective start date. This may generate new control incident results since a person's daily job assignment history is considered.
Updates to business objects can provide a more complete set of data, but others may reduce the records synchronized when they are irrelevant for risk analysis.
Steps to Enable
When you use business objects that introduce a change, you must run the Transaction Data Source Synchronization job. Business objects with attribute or object changes require that the data synchronization job be run in order to return the related values. Depending upon the number of business objects you are using across models and controls, the data synchronization job may take a little longer than usual.
IMPORTANT Actions and Considerations
ADVANCED FINANCIAL CONTROLS
Action required: If you analyze transactions with Advanced Controls, perform these steps:
- Determine whether you have models, UDOs, or controls that use the object Journal Entry Expanded.
- If you do, replace them with models, UDOs, and controls that use the object Journal Entry. Here's how:
- If you have models that use Journal Entry Expanded:
- Take note of the settings in each model: the business objects used, the logic and filter settings, and the result attributes.
- Either delete those models or edit them and remove Journal Entry Expanded (if you like you can replace it with Journal Entry).
- If you have UDOs or controls that use Journal Entry Expanded: Inactivate them.
- Build and test models that use Journal Entry (and UDOs if needed). Deploy your new models as controls and make sure they generate the desired incidents.
- Optional: Purge your inactivated controls' incidents and UDOs’ results, then delete the controls and UDOs.
- If you have models that use Journal Entry Expanded:
IMPORTANT: Be sure to complete those steps by quarterly update 23C. For greater details and questions, go to the Action required if you analyze transactions with Advanced Controls posting on Oracle Customer Connect for Risk Management and Compliance.
This document will continue to evolve as existing sections change and new information is added. All updates appear in the following table:
| Date | Module | Feature | Notes |
|---|---|---|---|
| 17 MAR 2023 | Created initial document. |
HAVE AN IDEA?
We’re here and we’re listening. If you have a suggestion on how to make our cloud services even better then go ahead and tell us. There are several ways to submit your ideas, for example, through the Ideas Lab on Oracle Customer Connect. Wherever you see this icon after the feature name it means we delivered one of your ideas.
GIVE US FEEDBACK
We welcome your comments and suggestions to improve the content. Please send us your feedback at oracle_fusion_applications_help_ww_grp@oracle.com.
DISCLAIMER
The information contained in this document may include statements about Oracle’s product development plans. Many factors can materially affect Oracle’s product development plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle.
This information may not be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. Oracle specifically disclaims any liability with respect to this information. Refer to the Legal Notices and Terms of Use for further information.
Column Definitions:
Report = New or modified, Oracle-delivered, ready to run reports.
UI or Process-Based: Small Scale = These UI or process-based features are typically comprised of minor field, validation, or program changes. Therefore, the potential impact to users is minimal.
UI or Process-Based: Larger Scale* = These UI or process-based features have more complex designs. Therefore, the potential impact to users is higher.
Features Delivered Disabled = Action is needed BEFORE these features can be used by END USERS. These features are delivered disabled and you choose if and when to enable them. For example, a) new or expanded BI subject areas need to first be incorporated into reports, b) Integration is required to utilize new web services, or c) features must be assigned to user roles before they can be accessed.
| Ready for Use by End Users Reports plus Small Scale UI or Process-Based new features will have minimal user impact after an update. Therefore, customer acceptance testing should focus on the Larger Scale UI or Process-Based* new features. |
Customer Must Take Action before Use by End Users Not disruptive as action is required to make these features ready to use. As you selectively choose to leverage, you set your test and roll out timing. |
|||||
|---|---|---|---|---|---|---|
| Feature |
Report |
UI or |
UI or |
|
||
Updates to Monitor Jobs and Job Schedules
A few updates have been made to the Monitor Jobs and Scheduling pages.
- The Global User Synchronization job is now listed in the Scheduling page by default. It can also still be scheduled from the Global User page.
Seeded Oracle Jobs
- In the Monitor Jobs page, a flag is added to allow for automatic refreshing every 10 seconds. You can turn this off by unchecking the box. You can also refresh the page manually.
Jobs Page Refresh
- Sorting capabilities are updated on the Monitor Jobs page. A new Start Date option was added as the default. It's based on the date:timestamp value.
- There are improvements to the ability to cancel pending jobs and purge job history:
- You can multi-select pending jobs to cancel them.
- You can multi-select jobs to purge from the job history.
- You can select or deselect all jobs.
Multi-Select
- A transaction data sync report can be exported in XLSX format. It contains the count of records by business object included in the transaction data sync job.
Transaction Data Sync Export
- Messaging is improved for the transaction data sync job. Depending on the timing in which the transaction data sync job was run related to the prior run, no data may have been added or updated. If so, this message is displayed: "There were no new or updated records."
These updates improve the usability of managing and monitoring jobs that have run, are currently running, or have been or will be scheduled to run.
Steps to Enable
You don't need to do anything to enable this feature.
Transactional Business Intelligence for Risk Management
Subject Areas Now Cover Attachments
For the Risk Management Cloud - Compliance Real Time and Risk Management Cloud - Assessment Results Real Time subject areas, new dimensions are added so that you can include URL and attachment names in the reports you create. These new dimensions are related to processes, issues, remediation plans, and surveys.
The following are the new dimensions, metrics, and attributes that have been added for each specific object:
Risk Management Cloud - Compliance Real Time
- Process Details > Process Attachments
- Issue Details > Issue Attachments
- Remediation > Remediation Plan Details > Remediation Plan Attachments
Risk Management Cloud - Assessment Results Real Time
- Process Details > Process Attachments
- Issue Details > Issue Attachments
- Remediation > Remediation Plan Details > Remediation Plan Attachments
- Survey > Survey Details > Survey Attachments
Each dimension contains the following attributes:
- Attached By
- Attached Date
- File Name or URL
- Type
Often attachments are associated to records. Now the user can view the who, when, and type for attachments in an OTBI report. If the attachment is a URL, the user can quickly drill in, rather than navigate back to the application.
Steps to Enable
You don't need to do anything to enable this feature.
Tips And Considerations
Attachments that are URLs can be formatted such that they are hyperlinks. Attachments that are files can have deep links to the objects where the actual attachments can be opened.
Financial Reporting Compliance
Financial Reporting Compliance
Rich Text Enabled for Manual Email Reminders
Manual email reminders can be sent to users who have not completed their tasks. These emails now support rich-text format, thereby allowing users to add many types of markups and formatting features, such as font sizes, colors, underlines, strike-throughs, italics, and bolding.
Example of a Manual Email Reminder
Rich HTML in email templates increases user engagement pertaining to the tasks they are being asked to complete.
Steps to Enable
You don't need to do anything to enable this feature.
Support for Flexfields in Treatment Plans
A descriptive flexfield is now available for use with risk treatment plans. You can create up to 70 flexfield "segments," each of which can hold values unique to your requirements. These include 40 text-string segments, 20 numeric segments, and 10 date segments. Each segment you create appears as a field in an Additional Information section of the record of a treatment plan.
Example of flexfield segments in a treatment plan
The treatment-plan flexfield includes these advantages: You can customize your application to conform to your current business practices for your risk treatment plans, customize your application to capture data it would not otherwise track, rely on your application to validate the values, customize data fields to meet your business needs without programming, and combine values that you enter in intelligent fields.
Steps to Enable
To use the descriptive flexfield to store details unique to treatment plans, you must configure flexfield segments. See the Configure Flexfield Segments topic in the Implementing Risk Management guide.
Improvements to Risk Analysis and Context Models
As you create or edit a risk, the drop downs for the context and analysis models will display only active models.
Example of Editing a Risk Record
To streamline the creation or edit of a risk record, the user can view and associate only active models.
Steps to Enable
You don't need to do anything to enable this feature.
Improvements to Risk Likelihood and Impact Models
Impact and likelihood models, which are components of risk analysis, consist of labels that correspond to numeric values. While defining these models, you can now apply a description to each of the labels.
Example of the Impact Details
Example of the Likelihood Details
The impact and likelihood details represent the probability of random variable realizations conditional on particular values of the statistical parameters. The addition of description enables the user to articulate the intent of each rating.
Steps to Enable
You don't need to do anything to enable this feature.
You can associate advanced controls to defined process, risk, and control records. To view these relationships the user navigates to the record's definition UX page and selects the last tab; Advanced Controls. The Advanced Controls tab within the record definition page has been updated to display the appropriate header 'Advanced Controls'.
Example of the Advanced Controls Tab
The clarification of the UX page header in the Advanced Controls page decreases the likelihood of misinterpretation.
Steps to Enable
You don't need to do anything to enable this feature.
Improvement to Assessment Notifications
The emails for the Financial Reporting Compliance Assessments feature have been updated. When more than four emails would have been previously generated, they are now consolidated into a single email for less notification noise.
There are several key benefits to this enhancement:
- Refreshed and consistent layout
- More pertinent information
- A direct link to the page where the action can be performed
- Consolidation of emails when applicable to reduce email volume noise
Steps to Enable
You don't need to do anything to enable this feature.
Advanced Access Requests implements a self-service workflow for requesting and assigning ERP roles and data access. As steps in this workflow, access controls perform separation-of-duties and sensitive-access analysis, and a review-and-approval process takes place. The controls, which are created in the Advanced Controls application, define access conflicts: Requested roles conflict with each other or with a user’s already-assigned roles if they combine to create the potential for fraud or significant error.
The initial step is a self-service request for functional access and, if applicable, MDA data-level access.
Initial User Access Request
Once a request is submitted and the requisite control analysis is performed, a request approver can optionally assign another person to perform a review and supply feedback on the appropriateness of the request. Typically this is the user's direct manager, but it could be a predefined business process owner. Whether or not a review is performed, ultimately the request approver must make an approve-or-reject decision. If the request is rejected, the access is not granted. If it's approved, both the functional and the data-level access are automatically and immediately granted.
Access Request Approval
Throughout the process, all affected users can actively monitor and manage the requests.
Access Request Dashboard
This feature enables your organization to identify separation-of-duties risk during the provisioning process and before access is granted. Proactively managing SOD access helps minimize the risk of unacceptable access in an environment.
Steps to Enable
Provide the required access before using the feature. Details are in the Access #Requirements section.
Tips And Considerations
For this functionality to be enabled, users must be granted functional access to request, review, and approval work areas. A user assigned a job role called Access Request Security Administrator (ORA_GTG_ACCESS_REQUEST_SECURITY_ADMINISTRATOR_JOB) has full rights to all three of these work areas. A user with this role can serve as a request approver.
While relatively few users would be request approvers, virtually any user might have reason to request a role or might be selected to review a request. A duty role called Access Provisioning Requests and Review (ORA_GTG_ACCESS_PROVISIONING_REQUESTS_AND_REVIEW_DUTY) enables such users to work in the My Access Requests and Access Request Reviews work areas. By default this role is not included in any assignable role; it’s up to you to decide what roles to add it to. The recommendation is, add it to a custom job role that’s based on a role meant to be assigned widely, such as Employee.
Access Requirements
For this new feature to manage access-provisioning requests, a new job role has been added with five privileges. Additionally, there is a new orphan duty you can use, and two existing privileges have been renamed. The Access Request Security Administrator job role (ORA_GTG_ACCESS_REQUEST_SECURITY_ADMINISTRATOR_JOB) enables complete functional access to the feature set. The Access Provisioning Requests and Review duty role (ORA_GTG_ACCESS_PROVISIONING_REQUESTS_AND_REVIEW_DUTY) enables users to work in the My Access Requests and Access Request Reviews work areas.
The new Access Request Security Administrator job role (ORA_GTG_ACCESS_REQUEST_SECURITY_ADMINISTRATOR_JOB) is not predefined with a duty role, but has five privileges that include the following:
- Administer Access Requests (GTG_ADMINISTER_ACCESS_REQUESTS_PRIV)
- View Access Requests (GTG_VIEW_ACCESS_REQUESTS_PRIV)
- Access Requests (GTG_ACCESS_REQUESTS_PRIV)
- Review Access Requests (GTG_REVIEW_ACCESS_REQUESTS_PRIV)
- Manage Data Access for Users (PO_MANAGE_PRC_AGENT_WEB_SERVICE_PRIV)
The new orphan duty role called Access Provisioning Requests and Review Duty (ORA_GTG_ACCESS_PROVISIONING_REQUESTS_AND_REVIEW_DUTY) inherits two of these new privileges. This duty role can optionally be added to a custom Employee role.
- Access Requests (GTG_ACCESS_REQUESTS_PRIV)
- Review Access Requests (GTG_REVIEW_ACCESS_REQUESTS_PRIV)
These two existing privileges were updated:
- View Object Configuration for a Module was renamed to View Risk Management Configuration Options (GTG_VIEW_OBJECT_CONFIGURATION_FOR_A_MODULE_PRIV)
- Edit Object Configuration for a Module was renamed to Edit Risk Management Configuration Options (GTG_EDIT_OBJECT_CONFIGURATION_FOR_A_MODULE_PRIV)
Improvements for Advanced Control Analysis Jobs
Advanced control analysis jobs have been updated to make them more informative and resilient.
-
Completion of control analysis batch jobs when some controls fail: If multiple controls are included in a single analysis batch, analysis may be completed successfully for some controls, but not for others. In the past we would stop the entire batch at the first control that failed. We will now continue the analysis job to complete the entire batch of controls. In that event the control analysis job has some controls that failed, the job status will be Job completed with errors.
- Improved messaging when the control analysis fails: Continuing the previous use case, where a control analysis job contains some controls that failed, in the job details we will now identify which controls failed and why.
Control Analysis Job Details With Control Issue
These improvements are designed to provide more information related to control analysis to enable users to maintain consistent risk management.
Steps to Enable
You don't need to do anything to enable this feature.
Updated Delivered Model Content
Oracle has made some changes to delivered content. If you're using any of the affected models, consider making the same changes.
PROCUREMENT
Removed Model
- 6681: Set Up Procurement
Removed Entitlement
-
Set Up Procurement
The entitlement Set Up Procurement had the following privileges:
- Change Approved Supplier List Entry
- Generate Approved Supplier List Entry
These have been moved to the existing entitlement Sensitive Supplier Privileges, which affects model 9801: Sensitive Supplier Privileges.
The entitlement Set Up Procurement also had the following privileges:
- Manage Buyer Assignment Rules
- Manage Procurement Agent
These have been moved to the existing entitlement Sensitive Supplier Privileges, which affects model 9804: Sensitive Purchasing Privileges.
Updated Entitlements
- Sensitive Supplier Privileges - Include Change Approved Supplier List Entry (PO_CHANGE_APPROVED_SUPPLIER_LIST_ENTRY_PRIV) and Generate Approved Supplier List Entry (PO_GENERATE_APPROVED_SUPPLIER_LIST_ENTRY_PRIV)
- Sensitive Purchasing Privileges - Include Manage Buyer Assignment Rules (PO_MANAGE_BUYER_ASSIGNMENT_RULES_PRIV)? and Manage Procurement Agent (PO_MANAGE_PRC_AGENT_PRIV)
Affected Models
- 9801: Sensitive Supplier Privileges
- 9804: Sensitive Purchasing Privileges
The changes were made to consolidate existing models and entitlements. There is nothing new introduced, the results will just be rendered by different controls than before.
ACCOUNTS PAYABLES
Removed Entitlement
-
Set Up Payables - This entitlement had only 1 privilege: Manage Payables Financials Option, and wasn't used in any models. The privilege Manage Payables Financials Option was added to an existing entitlement, Sensitive Payment Privileges.
Updated Entitlement
-
Sensitive Payment Privileges - Added the privilege Manage Payables Financials Option (AP_MANAGE_PAYABLES_FINANCIALS_OPTION_PRIV)
Affected Model
-
9802: Sensitive Payment Privileges
The changes were made to consolidate existing models and entitlements.
GENERAL LEDGER
Renamed Entitlement
-
Set Up Payments to Set Up Cash Management Banking
The Setup Payments entitlement has 1 privilege: Manage Bank Account (CE_MANAGE_BANK_ACCOUNT_PRIV), which deals with setting up cash management and therefore the entitlement has been updated to have a more descriptive name.
Renamed Models
- 6680: Set Up Payment and Create Payments renamed to 6680: Set Up Cash Management Banking and Create Payments
- 9342: Set Up Payment and Enter Customer Receipts renamed to 9342: Set Up Cash Management Banking and Enter Customer Receipts
The content library is continually reviewed by experts in relevant business areas to provide the most accurate and comprehensive SoD and sensitive access control definitions. Consider uptaking these new models and entitlement changes based on your business requirements.
Steps to Enable
You don't need to do anything to enable this feature.
Tips And Considerations
As a rule, when you import a model that uses entitlements, you import the entitlements automatically. But if an earlier version of an entitlement exists in your target environment, the content-import job cannot replace it with a newer version. So:
- If an entitlement has been revised, but you have not yet imported any of the models that use it, you can import one of these models now. The import operation includes the new entitlement along with the model.
- If an entitlement has been revised, and you imported a model that uses it during an earlier update, you also imported the earlier version of that entitlement. To use the new version, your only option is to edit your existing entitlement to incorporate its revisions.
Improvements for Advanced Control Analysis Jobs
Several updates have been added related to advanced control analysis jobs to make them more informative and resilient.
-
Completion of control analysis batch jobs when some controls fail: If multiple controls are included in a single analysis batch, analysis may be completed successfully for some controls, but not for others. In the past we would stop the entire batch at the first control that failed. We will now continue the analysis job to complete the entire batch of controls. In that event the control analysis job has some controls that failed, the job status will be Job completed with errors.
- Improved messaging when the control analysis fails: Continuing the previous use case, where a control analysis job contains some controls that failed, in the job details we will now identify which controls failed and why.
Control Analysis Job Details with Control Issue
- Ensuring proper data exists for transaction analysis: In the event that a transaction data sync job failed to finish successfully or business objects don't have the same sync date, there are three use cases we address to make sure the end user is aware:
-
Allow running of a specific transaction and/or audit model if the data synchronization date for the business objects in that model are not the same. Message: The business objects used in this analysis were not synchronized at the same time and may result in missing or stale data in the results.
-
Prevent running of a specific transaction and/or audit control if the data synchronization date for the business objects in that control are not the same. Message: The business objects used in this analysis were not synchronized at the same time. Perform a data synchronization prior to running the control again.
-
If multiple controls are in an analysis job and one or more of those have business objects that are not of the same data sync date. Message: The business objects used in this analysis were not synchronized at the same time, and some controls did not run. Perform a data synchronization to run these controls again.
-
These improvements are designed to provide more information related to control analysis to enable users to maintain consistent risk management.
Steps to Enable
You don't need to do anything to enable this feature.
Changes Are Made to Business Objects
This release includes changes and attribute additions to business objects, and one new object.
New Business Object
A new business object called Payroll Flows is available. It was created to support revisions to model 50001 to provide the Instance Name for payroll transactions.
Business Object Changes
Previously, the Employee Job Assignment object returned only active records during transaction synchronization jobs based on system date instead of the Transactions Created as Of date defined on the Advanced Controls Configuration page. Now the business object returns any record that was either active or last updated since the transaction synchronization date, even if inactive on the date job is run. The Effective End Date attribute is used to identify active records.
Business Object Relationship Changes
There are times when business object relationships are evaluated and could be removed, changed, or added. For this release, an additional relationship was added between Payment and External Bank Account objects. The Account Number value can come from either the Payment or Payment Process Request. The added relationship may now provide a previously missing value when it comes from Payment object.
NOTE: Delivered library content model 40008: External Bank Accounts and Payments Managed by the Same User, includes the Account Number attribute in the results from External Bank Account object. The change may cause some control incidents to be closed and recreated when the value is available from Payment object and is not blank.
New Business Object Attributes
The following business objects have been updated with new attributes.
| Business Object | New Attributes |
|---|---|
| Payroll Definition |
|
| Purchasing Approved Supplier |
|
| Audit - Contract |
|
| Audit - Customer Account |
|
| Audit - External Bank Account |
|
| Audit - Item |
|
| Audit - Job |
|
| Audit - Ledgers Setup |
|
| Audit - Person Allocated Checklist Tasks |
|
| Audit - Position |
|
| Audit - Sales Lead |
|
Attribute Data Type Size Changes
Each business object attribute supports a fixed character length. The following attributes had their character length increased.
- Payment object had Payment Number attribute increased to 18 characters.
- Audit - Person Address object had two attributes increased to 60 characters.
- Town or City New
- Town or City Old
- Audit - Supplier Sites object had two attributes increased to 240 characters.
- Site New
- Site Old
NOTE: If you use these attributes in your control results, your incidents may be impacted. The change may cause some to be closed and recreated for those attribute values previously truncated due to character length. Delivered library content models that use the Payment Number attribute include 40008: External Bank Accounts and Payments Managed by the Same User and 40013: Payable Invoices Approved and Payment Created or Updated by the Same User. Model 60004: Frequent Changes to Supplier Site uses Audit - Supplier Sites object attributes in the results.
Attribute Name Changes
Business object attributes correspond to various business areas. In an effort to align the attribute labels shown in the Advanced Financial Controls business objects to labels defined in the corresponding application pages, some are updated.
| Business Object Name | Old Attribute Name | New Attribute Name |
|---|---|---|
| Audit - RcvParametersAuditVO |
Over-Receipt Action New |
Overreceipt Action New |
| Audit - RcvParametersAuditVO |
Over-Receipt Action Old |
Overreceipt Action Old |
| Audit - RcvParametersAuditVO |
Over-Receipt Tolerance New |
Overreceipt Tolerance New |
| Audit - RcvParametersAuditVO |
Over-Receipt Tolerance Old |
Overreceipt Tolerance Old |
Updates to business objects provide additional attribute criteria for your controls, and those updated for audit maintain alignment to Manage Audit Policies data source.
Steps to Enable
When you use business objects that introduce new attributes or changes to character lengths, you must run the Transaction Data Source Synchronization job. Business objects with attribute or object changes require that the data synchronization job be run in order to return the related values. Depending upon the number of business objects you are using across models and controls, the data synchronization job may take a little longer than usual.
Tips And Considerations
For renamed attributes, you don't need to do anything to models or controls that reference these names. Just be aware they have changed.
Revised Models in Content Library
In the Advanced Financial Controls content library, three existing models have been revised.
Common Setup Audit Model
60019: Fusion Business Object Attributes Disabled
- The last filter in the model logic, which identifies attribute values as Disabled, was updated to remove a space. This corrects an error that caused zero records to be returned.
Human Capital Management Models
50001: Payroll Transactions and Personal Payment Method Managed by Same User
- Two new filters were added to analyze key payroll transaction action types, and only those transactions with a completed status.
- The filter on person types was replaced with one that identifies valid person assignment types. The Employee Job Assignment object was added to the model to support this change.
- Several changes were made to selected Result Display attributes to provide better contextual information about the control, including Instance Name. To support this Instance Name on payroll transaction, a new Payroll Flow business object was added to the model.
50003: Employee New Hire Created by Same User Managing Personal Payments
- One new date filter was added to the first position to identify person job assignments updated within the last three months.
- The existing filter on person types was replaced with one that identifies valid person assignment types.
- The existing filter that identifies Hire actions was updated to use a 'Contains' condition instead of Equals.
- Several changes were made to selected Result Display attributes to provide better contextual information about the control.
Updates to existing model content can be made periodically, based on changes, input, or recommendations by experts.
Steps to Enable
No advance setup is required for you to import models in Advanced Controls. However, a Risk Management administrator must set the Transaction and Audit Performance Configuration date options under the Advanced Controls Configuration tab under Risk Management > Setup and Administration. The two created-as-of-date options are required, one for transactions and the other for audit events. These settings improve performance by eliminating older data from data-synchronization jobs. When these created-as-of-date options already exist, you should periodically review and change them to return only current data.
Tips And Considerations
Before using new model content, evaluate available models that match requirements for your organization under the Import action for models. The Import from Content Library page is organized by product area and model types. Once you identify models appropriate for you, import, review, and modify them in your test environment. Importing all available models is not recommended. In some cases, you may have already imported the model in a previous update. Or, some may source data from products or audit configurations you have not enabled. Moreover, models may contain user-defined or imported business objects that create data set controls or objects, respectively.
NOTE: There is no way to revise an existing control with new business objects, filters, or the attributes displayed. Uptake of any delivered-model revisions starts by importing and reviewing them as a model.
IMPORTANT Actions and Considerations
ADVANCED FINANCIAL CONTROLS
Guidance for Journal Entry Objects
Quarterly update 22B introduced a new Journal Entry business object that provides faster synchronization and analysis than the original one. The new object was named Journal Entry, and the original object was renamed Journal Entry Expanded. The original object is being decommissioned because of its impact on users' experiences. We announced this in our What's New documents for 22B, 22C, 22D and 23A.
To transition to the new object, here are the immediate steps to take:
- Determine whether you have transaction models or controls that use our Journal Entry Extended object.
- If you do, replace them with models and controls that use our Journal Entry object. Here's how:
- Build and test models that use our Journal Entry object. (If your environments have quarterly update 23A, you can compare their results to the results of your original ones; 23B and later won't let you do that because it won't synchronize both objects.)
- If you have controls that use Journal Entry Expanded, deploy your new models as controls and inactivate your original controls. (You can also purge your inactivated controls' incidents and delete them.)
- Delete your original models.
NOTE: Be sure to complete the above actions by quarterly update 23C, because 23D won't synchronize the Journal Entry Expanded object.