Oracle Fusion Cloud Risk Management: Using Advanced Access Controls and Access Certifications

Oracle Risk Management Overview

• Course Objectives
• Course Schedule
• Lesson Objectives
• Oracle Fusion Cloud Enterprise Resource Planning
• Risk Management Overview
• Why Are Access Controls Needed?
• Access Certifications Overview
• Use Case: How Financial Reporting Compliance and Advanced Controls
• Work Together
• Use Case: Financial Reporting Compliance and Advanced HCM Controls
• Oracle Help Center
• Cloud Application Services Pages
• Product Family Home Page
• Oracle Help Center’s Friendly Search
• The Risk Management Home Page
• Summary

Advanced Access Controls Overview and Configurations

• Objectives
• Advanced Access Controls Overview
• Advanced Access Controls Objects
• Filter Model, Control, and Results Lists
• Creating and Saving Searches
• Viewing Object Details on Models and Controls Pages
• State and Status of Records in Advanced Controls
• What Does It Mean To Be Eligible vs Authorized?
• Securing Risk Management Records
• User Assignment Groups
• Mass Edit Security Assignment Tool
• Advanced Access Controls Configurations
• Risk Management’s Setup and Administration Area
• Data Sources for User-Access Data Analysis
• Import Models, Controls, or Conditions From a File
• Global User Configuration Overview
• The Global User Synchronization Job
• Practice Overview: Running the Global User Synchronization
• Access Performance Configuration
• Purging Advanced Controls Results
• Considerations for Purging Results
• Purge Advanced-Control Results
• Practice: Viewing Application Configurations
• Risk Management Common Elements Configurations
• Perspectives Overview
• Email Alert and Notifications Settings
• Worklists, Email Alerts and Notifications
• Notification Types: Worklist Entries
• Notification Types: Creation of a New Control
• Notification Types: Advanced Access Requests
• Notification Types: Error Conditions
• Descriptive Flexfields Overview
• Summary

Importing and Creating Access Models

• Objectives
• Access Models Overview
• Import Predefined Access Models
• Select From Multiple Searches During Model Import
• Resolving Duplicate-Name Violations
• Completing the Import
• Practice Overview: Importing a Predefined Access Model
• Key Steps for Creating Access Models
• Defining Model Logic
• Types of Filters
• Access Points Overview
• Access Points Example
• Access Entitlements
• Creating and Managing Access Entitlements
• Practice Overview: Creating Access Entitlements
• Adding Access Point and Access Entitlement Filters
• Using Entitlements Filters: SoD Access Model Example
• Using Entitlements Filters: Sensitive Access Model Example
• Access Condition Filters
• Adding Access Condition Filters
• Selecting Conditions for Access Condition Filters
• Data Sources for Access Conditions
• How Access Conditions Work Together
• How Access Conditions Work Together: Example 1
• How Access Conditions Work Together: Example 2
• Global Conditions
• User-Defined Access Points
• Creating or Editing a User-Defined Access Point
• Path Condition Filters
• Create a Path Condition Filter
• Exclusions Added for Procurement Agent Actions
• Arranging Filters in an Access Model
• Considerations for Arranging Filters in a Model
• Grouping Filters
• Practice Overview: Creating an Access Model
• Considerations for Using the EPM-ARCS Data Source
• Summary

Reviewing and Refining Access Models

• Objectives
• Testing and Refining Access Models
• Viewing Access Model Results
• Understanding the Model Results Grid
• Conflicts Within a Single Row Option
• Sample Access Model Results
• Practice Overview: Running a Model and Reviewing Results
• Fine-Tuning Models to Resolve Common Undesired Results
• Example: Tying It All Together
• Examples of False Positives
• Hierarchy of a role with “Stripes”
• Eliminating False Positives
• How to Identify Conditions That Eliminate False Positives
• What to Do if a Model Produces Too Many Undesired Results
• Modifying an Access Model
• Practice Overview: Modifying and Rerunning a Model
• Summary

Deploying Access Controls

• Objectives
• Access Controls Overview
• Guided Process for Deploying Controls
• Select Models to Deploy as Controls
• Set Control Details
• Assign Perspective Values to Controls and Incidents
• Secure Controls
• Secure Incident Results
• Select Worklist Recipients
• Relate Controls to Financial Reporting Compliance Objects
• Why Associate Advanced Controls with Financial Reporting
• Compliance Objects?
• Review and Submit the Control Deployment
• Practice Overview: Deploying an Access Control
• Running Access Controls
• Run Global User Synchronization
• Running and Scheduling Control Analysis
• Practice Overview: Running Global User Synchronization and Control Analysis
• Viewing and Editing Access Controls
• Mass-Edit Access Controls
• Using the Mass Edit Feature
• Deleting an Access Control
• Summary

Reviewing and Remediating Incident Results

• Objectives
• Reviewing Incident Results and Remediation
• Reviewing Incidents in the Results Page
• Incident Status
• Incident States
• Working with the Results by Control Summary Page
• Working with the Results by Control and User Page
• Working with the Results by Control, User and Role Page
• Mass Edit Feature for Incident Results
• Mass-Editing Incident Results
• Remediation Process
• Editing Individual Incidents
• Using Access Visualizations
• Elements of an Access Visualization
• Visualizations Control Panel and Navigation Tools
• Simplify the Result Display for Visualizations
• Practice Overview: Viewing Incidents for Your Control Analysis
• Access Simulations
• Creating Access Simulations
• Creating Remediation Steps from a Simulation
• Alternate Method for Identifying Remediation Steps
• Running Access Simulations and Reviewing Results
• Editing or Deleting Access Simulations
• Creating a Remediation Plan from an Access Simulation
• Practice Overview: Creating an Access Simulation from a Visualization
• Summary

Advanced Controls Reporting

• Objectives
• Predefined Incident Result Reports for Advanced Controls
• Generating Incident Result Reports On-Demand
• Setting and Saving Result Report Parameters
• Viewing and Deleting Generated Reports
• Sample Reports: Results by Control Summary Extract Report
• Sample Reports: Access Violations by User Report
• Sample Reports: Access Violations within a Single Role (Intra-Role) Report
• Scheduling Incident Result Reports to Run Automatically
• Modifying or Canceling a Report’s Schedule
• Practice Overview: Running Advanced Controls Reports
• Running Contextual Reports
• Summary

Using Access Certifications

• Objectives
• Access Certifications Overview
• Access Certification Participants
• Initiating Access Certifications
• Predefined Access Certification Jobs
• Access Entitlements in Certifications
• Practice Overview: Creating an Access Entitlement for a Certification
• The Access Certifications Home Page
• Initiating a Certification
• Which Certification Type Should I Use?
• Adding Attachments
• Adding Security Assignments
• Adding Security Assignments: Individual Users
• Adding Security Assignments: Groups
• Scoping an Access Certification
• Three Types of Scoping Filters
• Using Filters with the Top-Down Scoping Method
• Using Filters with the Bottom-Up Scoping Method
• Using Access Point and Entitlement Filters
• Examples of Using Filters in Bottom-up Scoping
• Statuses of Access Certifications
• What Can an Access Certification Editor or Viewer Do?
• Finalizing Roles
• Finalize Roles: Select Roles
• Finalize Roles: Select Managers and Certifiers
• Finalize Roles: Initiate the Certification
• Practice Overview: Initiating an Access Certification
• Standard Certification Manager and Certifier Workflow
• Direct Manager Review
• The Direct Manager’s My Team Worksheet
• Making Direct Manager Certification Recommendations
• The Certifier Worksheet
• Using the Certifier Worksheet
• The Enhanced Access Certifier Worksheet
• Enabling the Enhanced Access Certifier Worksheet
• Customizing the Enhanced Certifier Worksheet Display
• Taking Action in the Enhanced Access Certifier Worksheet
• Using Follow-Ups in the Enhanced Certifier Worksheet
• Practice Overview: Using the Enhanced Certifier Worksheet
• Manager and Owner Overview Pages
• Using the Manager Overview Page
• Editing an Access Certification
• Using the Owner Overview Page
• Reassigning Managers and Certifiers
• Sending Email Reminders
• Practice Overview: Using the Manager Overview and Owner Overview Pages
• Summary