EPM: Service Admin Role: Compliance risk associated with current usage & abilities of the role
User roles assignments can only be performed by a service admin role. However, the service admin role has additional privileges and will cause violation of segregation of duties.
Oracle will have to provide a solution, at a granular level, to allow user and access management. This role should not allow any other privileges like making changes to functionality or configuration.
We will need a method to customize / segregate this role into multiple areas so they can be assigned to teams and ensure SoD compliance.
Version (include the version you are using, if applicable):
Code Snippet (add any code snippets that support your topic, if applicable):