Free Trial

Oracle® E-Business Suite & Cloud Applications
Configuration Automation and Control

Reduce Time - Reduce Errors - Reduce Cost - Reduce Risk

The Challenge:

Governance, risk and control (GRC) is key for all organisations; achieving an effective solution can prove challenging as many of the necessary requirements cannot be met by the E-Business Suite or Cloud Applications themselves and additional solutions can be costly and difficult to implement.

For example, security is a complex area within both the E-Business Suite and Cloud Applications with many setups affecting what functions, programs and data users are able to access, including:

  • Users, Responsibilities and Roles
  • Menus
  • Report and Request Groups
  • Profile Options

As well as changes made to security setups during normal system management these areas can be directly affected when patches are applied or where the environment is upgraded. New forms, form functions and concurrent programs may be introduced by these processes and may automatically become available to some users. It can be a significant challenge to identify what these new components are and an even greater challenge to understand what has been the effect on users’ access to them.

As well as considering access to individual forms, functions and concurrent programs organisations must consider which combinations of access users should not be permitted concurrently; e.g. the ability to enter and post a General Ledger journal within the same ledger. Controlling segregation of duties is a requirement when complying with legislation such as Sarbanes Oxley but is also good practice that should be considered in any organisation.

Comprehensive segregation of duties analysis

Analyse user access at multiple levels

Determine exactly which functions responsibilties have access to including comparison

How ConfigSnapshot Helps:

ConfigSnapshot provides flexible reporting to review all key security setup areas to enable system administrators to keep a vigilant watch over access controls and any changes that might be made.

ConfigSnapshot simplifies managing changes to security settings as a result of applying patches or upgrades, quickly identifying any new items introduced and also which users and responsibilities have inherited access to these items, allowing you to determine any additional access controls that should be defined.

ConfigSnapshot provides a simple and cost effective segregation of duties capability, including:

  • Defining constraints for functions, concurrent programs, menus, roles, responsibilities etc.
  • Allowing complex scenarios to be modelled where access depends on combinations of functions rather than a single function
  • Ability to include functions external to the E-Business Suite, including manual actions
  • Defining violation rules based on individual constraints or groups of constraints
  • Classifying rules to enable specific types of violation rules to be run as well as full violation analysis
  • Defining conditions, both globally and for specific rules, to target violations; e.g. only reporting where a user can perform two functions within the same operating unit
  • Applying different conditions dependent on the E-Business Suite environment against which the violation analysis is carried; e.g. to eliminate false positives that would exist on a development environment due to particular users having been given elevated access privileges to simplify the setup of the applications.
  • Recording mitigations explaining why a particular identified violation is acceptable.
  • What If reporting to understand the consequence of allowing users specific access via roles and responsibilities.
  • Violation remediation via ConfigSnapshot planning and migration

Through our key partners ConfigSnapshot can provide a comprehensive set of pre-defined segregation of duties rules designed by industry experts.

Demonstration & Free Trial

Request a web demo and then download a trial version of ConfigSnapshot absolutely FREE
Register now by providing your details below:

"We used ConfigSnapshot as part of the integration of two R12 instances as part of a merger and it proved to be a valuable tool throughout the project. The ability to quickly document and compare between multiples instances was central to ensuring the project progressed on schedule through to Go-Live - despite the substantial levels of new configuration required. On completion of the project, we were also able to very quickly produce the required documentation for auditors of all configuration changes made - saving significant amounts of time. We would definitely recommend the product."

Finance Project Manager, International Sports Betting and Gaming Operator