Ability to report on "Core" Audit Policies" through OTBI - Page 3 — Oracle Analytics

Oracle Transactional Business Intelligence Idea Lab

Home Oracle Analytics Oracle Analytics Idea Labs More Solutions Idea Labs Oracle Transactional Business Intelligence Idea Lab

Categories

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

Ability to report on "Core" Audit Policies" through OTBI

Submitted
1367
Views
82
Comments
1356789

Comments

  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Good point Iffat - thanks for your support of this idea.

    Jeff

  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Thanks for your support of this idea Sunil!  This would help fill the gap until Oracle produces a full audit trail on changes to these configurations.

    These are the two that would produce a full audit trail of changes to audit policies - in case you haven't voted for them yet:

    Audit Policies-Need full change tracking of functional audit policies
     
    Audit Policies-Need full change tracking of Oracle Fusion Applications audit policies
  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Yep.  This is very necessary.  Can't have an effective control environment without it.

    Regards,

    Jeff Hare, CPA CIA CISA

    https://www.linkedin.com/in/jeffreythare/

  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Jeff,

    You really can't have an effective control environment without it.  Hopefully Oracle gets this one done this year before year end audits hit.

    Jeff Hare, CPA CIA CISA

  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Thanks for your support on this one Youssouf.

    AFC doesn't 'define' the Audit Policies, but does provide better reporting of Audit Policies.  I think you know that though... Sounds like you've had quite a bit of experience with AFC.

    We offer a comprehensive set of SoD conflicts and Sensitive Access rules for AAC in case or your clients are interested.  ERP Armor: Rules comes with unlimited support for new rules needed and provides you with quarterly updates to help you keep current on the risks in the applications.  It is a cost-effective alternative to having to pay for consulting every year to refresh your SoD conflicts and Sensitive Access risks.  See more at: https://www.erpra.net/erp-armor/

    Regards,

    Jeff

  • User_9O596
    User_9O596 Rank 1 - Community Starter

    Good to have this from Audit Perspective

  • Dan Thibeault
    Dan Thibeault Rank 1 - Community Starter

    The ability to access this through OTBI subject areas would be very useful. The ability to access all audit tables through OTBI subject areas would be optimal.

  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Thanks for your vote Dan.  Please pass this on to others in your organization to vote for it as well.  You won't want to go live without this functionality in place.  

  • Jeff Hare CPA CISA CIA
    Jeff Hare CPA CISA CIA Rank 5 - Community Champion

    Thanks for your vote Sadik!

  • Youssouf
    Youssouf Rank 3 - Community Apprentice

    Hi Jeff,

    I completly agree with you.

    We can't rely on Audit Controls unless this limitation get fixed by Oracle.

    This limitation impact also another module "Oracle Risk Management Cloud / Advanced Financial Control". As you know, AFC allows to define Audit Controls, but it is completely based on audit policies setup and result.

    So, if a SuperUser turn off the audit tracking in the ERP side for a while, all the result returned by both Audit Report and AFC controls will not reflect the reality.

    This point is very critical.

    Regards