Has anyone developed a SoD matrix of best practice to help prevent risky role deployment
We have deployed a number of AACs in Risk Management to report SoD conflicts. But we would like to develop an offline 'SoD matrix' which we can use ahead of assigning roles, where we proactively show the Oracle Fusion roles that should not be assigned together.
We have heard there may be some Oracle provided best practice - or other customers have developed that - whereby standard controls are already documented in Oracle role terms, to avoid every customer having to develop their own verion.
Has anyone developed such a SoD matrix?
Risk Management, Segregation of Duties