Oracle Risk Management is a module within Oracle ERP Cloud to manage risks and meet compliance and privacy mandates (SOD, SOX, GDPR, etc.). Risk Cloud subscribers can automate analysis, monitoring and control of ERP security, configurations and transactions.
Risk Management software helps you automation of risk and compliance processes
Secure Role Design
Oracle Advanced Access Controls helps design secured roles to jump-start security configuration for your ERP implementation. It automates privilege-level security analysis while configuring Job Roles avoiding expensive redesign, rework and delays in ERP implementation, associated with discovering SOD violations during testing, rollout or worse, as an audit finding. With a library of 100+ best practice security, access and privacy controls, it can be up and running in a few easy steps.
Deep SOD Analysis
Enforcing SOD compliance requires a detailed analysis of all functions and data that are accessible to each user. Oracle Risk Management Cloud is powered by an AI-driven analytical engine that scans thousands of access paths & access privileges for each user. It is the only solution that fully describes a user’s access at the most granular level.
Risk Cloud provides a library of ready-to-use controls for high-risk business processes, for example, AP, AR, GL, Payroll, Compensation, etc. and an intuitive workbench to visualize conflicts and simulate remediation.
After go-live, organizations can continuously monitor access policies throughout their ERP life cycle: while on-boarding new users, changing role assignments, or designing new roles. Using the graphical workbench, they can easily update access controls to keep up with changing processes & role definitions.
Sensitive Access Certification
Access Certification streamlines your organization’s periodic reviews to determine whether roles are assigned appropriately to users. Access Certification supports broad, organization-wide reviews such as quarterly audits, as well as, more narrowly focused sensitive-access scenarios.
A certification may involve a static set of user-role assignments, at any given moment or a continuous certification that includes only new user-role assignments, on an on-going basis. While the roles included in a continuous certification remain the same, their assignments to users are updated each day, for certification
Risk & Compliance Workflows
Oracle Risk Cloud serves to maintain a centralized repository of all corporate policies, and provides an end-to-end workflow solution to automate internal audit assessments, financial reporting certifications, and compliance with mandates such as SOX & GDPR
It provides an automated solution to complete Data Protection Impact Assessments, certify and monitor employee access to personal data, respond to SAR requests on personal data access and use. Employees can also, report data breach and other Users can perform workflow-based risk analysis, evaluations and implement treatment plans to mitigate risks. They can perform periodic or ad hoc control assessments, capture test results, and provide ready evidence for audits.