Delivered dashboard analytics and reporting. ⢠Integration with ... Deploy Integrated Compensating Oracle GRC Advanced
Compliant ERP User Provisioning Fully Automate End-to-End User Provisioning with Oracle’s Delivered, Integrated Application Access Controls Governor (AACG) and Oracle Identity Management (OIM) Solution UNIQUE AACG FEATURES
Provisioning the workforce is a significant challenge while trying to stay ahead of the compliance curve. Accelerated employee lifecycles, meeting financial reporting
•
Continuously monitors application users access from high-level ERP roles and permissions to detailed access points
•
1,000 + Delivered, ready-to-deploy access controls
•
370 + Delivered access entitlements, that logically group similar access points
•
28,000 + Delivered ERP access points: responsibilities, menus, submenus, concurrent programs and functions
•
Pre-built connectors to E-Business Suite and PeopleSoft
•
Role-based remediation of user access incidents supported by application worklists, notifications and workflow
•
Simulated remediation plans before deploying to operational environment
•
Delivered dashboard analytics and reporting
•
Integration with Enterprise Governance, Rick and Controls Manager and Intelligence
•
User-friendly design for business users to author and configure controls
•
Extensible to third-party, in-house and legacy systems
obligations and industry regulations all increase staffing costs and are often handled via inefficient manual processes. While provisioning ERP users at the role-level with Oracle Identity Management (OIM) is a good start, only Oracle’s pre-built integration between OIM and AACG provides the capability to perform fine-grained SOD analysis on your sensitive ERP system to ensure complete security, compliance, and assurance.
Automating the Last Mile of ERP User Provisioning OIM provides a common identity platform with integrated services to target systems and invokes AACG SOD controls analyzer, designed to manage user access privileges across all of a firm's resources and applications, throughout the entire identity management lifecycle. One of the most sensitive business applications that OIM grants users’ access and entitlements is the organization’s ERP system. An ERP system’s many thousands of access points distributed across thousands of users enable employees and contractors to perform in many cases multiple job roles. The potential of any user, including privileged users, having inappropriate, overly broad access is a serious business risk and a significant SOD control weakness. Only by integrating OIM with AACG’s fined-grained SOD control’s analysis can security administrators validate user entitlements with the complete assurance that they are managing a compliant user provisioning process.
OIM Workflows and AACG SOD Controls Validation OIM allows management and validation of requests for user entitlements. With AACG integrated into the OIM workflows, the requests can be checked by AACG for potential access violations based on corporate policies. Provisioning users with entitlements that have access violations will either be prevented or accepted via OIM workflows, depending on the AACG control’s enforcement type. Multiple checks ensure that requests are vetted appropriately before being enacted. The resource approval OIM workflow performs real-time validation of entitlement assignment requests using AACG’s pre-defined preventive controls and returns results to OIM.
Global Semiconductor Manufacturer • •
$5+ billion revenue Uses integrated OIM and AACG to govern access provisioning in both EBS and PeopleSoft
Solution & Result: Figure 1. Integrated ERP User Provisioning with OIM and AACG.
Prevents inappropriate user access •
Full enforcement of user access policies in both EBS and PeopleSoft
•
Streamlined access request approval with improved decision support
Save Time and Reduce Costs OIM and AACG integration replaces manual processes with automated SOD analysis and workflows with a solution that is repeatable, sustainable and auditable. AACG natively supports SOD control’s evidence for internal or external audit purposes and assessments.
MEETING NEW AUDIT ST ANDARDS
Additionally, AACG provides tool to quickly resolve SOD conflicts with its incident
•
The PCAOB adopted a new Auditing Standard 18 to strengthen auditor performance requirements in 3 critical areas that have represented increased risks of material misstatement in financial statements: related party transactions, significant unusual transactions, and a company's financial relationships and transactions with its executive officers.
•
Subject to SEC approval, the standard and amendments will become effective for audits of financial statements for fiscal years beginning on or after December 15, 2014
management, simulation and what-if analysis capabilities. Combined Capabilities
OIM
Authentication & SSO for all systems
√
Coarse & fine grained authorization for heterogeneous IT systems
√
Account provisioning and de-provisioning
√
Attestation of access
√
Enterprise role management and role based automation
√
AACG
Author fine grain access controls in business terms
√
Define single SOD control to span multiple business applications
√
Conduct simulations & what-if analysis
√
Pre-built Access, Risk and Compliance Dashboards
√
Automated worklists, notifications and e-mail configuration options
√
Deploy Integrated Compensating Oracle GRC Advanced Controls
√
@OracleAdvCntrls
Deploy Integrated Documentation, Assessments and Issue Tracking
√
oracle.com/grc
Figure 2. Oracle’s AACG and OIM Capabilities Summary
CONNECT W ITH US
Oracle GRC Advanced Controls
FOR MORE INFORMATION
Contact: 1.800.ORACLE1
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. 1014