We are currently in the process of implementing EGRCC as part of our upgrade to R12, we previously had LogicalApps/Active Governance and Oracle 11i. We are testing the seeded form rule in PCG which automatically end dates a user responsbility when added and initiates a conflict analysis based on the access controls that we have set up in AACG. In our old system with LogicalApps/ActiveGovernance, when the System Administrator added a new responsibility and clicked on the "Initiate Conflict Analysis" button, a form would pop up showing which any SOD conflicts that the responsibility assignment would create, and then the System Administrator had the option to Submit or Cancel. Now, with PCG/AACG, when we click on the Initiate Conflict Analysis button when removing the end date from a responsibility, there is no form to preview the conflicts and the analysis is submitted directly to AACG. The "preview" screen was a functionality that was very helpful because the System Administrator could see conflicts before submitting the analysis, and sometimes identified instances where they added the wrong responsibility. Are we missing this functionality because of a configuration issue on our end, or is this just not available any more with the new software?
Also, with Logical Apps, our SOD approvals went through the normal Oracle workflow and could approve the conflict in the body of the notification email. Now with GRC/AACG, it appears the SOD approvers must login to GRC in order to approve SOD conflicts. Is there any way with in GRC/AACG to allow for the approval of SOD conflicts through email, or is logging into GRC (AACG) required?
We are running GRC version 188.8.131.5201 and PCG 7.3.2.
I believe the functionality you're alluding too can be done through Visualization in AACG. There is now way to bypass AACG for Preventive mode. The benefit you'll find is that AACG will keep a history of who approved the access, etc. to allow for better transparency in the audit.
On another note you should also look into the latest patches for both AACG and PCG, I believe there is a patch for PCG. I hope that helps.
We do not want to bypass AACG, we simply want to be able to see what conflicts will occur before we submit the Conflict Analysis. We do not want for our user administrator to have to log in to AACG prior to each time she wants to add a responsibility and use Visualization to see what conflicts might occur when adding a responsibility. That is a very inefficient process. This functionality was available in LogicalApps in Oracle 11i, I do not understand why it is not possible now.
Most Segregation of Duties (SOD) functionality has been moved to AACG. From my understanding AACG's job is to handle SOD across platforms (EBS, PeopleSoft, HFM, etc.), the visualization was probably moved to the AACG product and that's why it's no longer in the PCG product. Out of the box AACG can connect to EBS and Peoplesoft, you can build connectors for other platforms to manage SOD controls across these different systems. Because AACG is no longer an "EBS only" product, I believe the need to use AACG for all approvals/SOD functionality is required.
Think of AACG as your SOD workbench, where you can simulate SOD access, model controls, create controls, remediate incidents, etc. Between LogicalApps (5+ years old) and the new Oracle GRC products, there has been some migration of features to newer products.
Don't forget, If you feel you need a feature in a certain product (even if it has moved), you always have the ability to request it via My Oracle Support. I hope that has helped in understanding what direction the products have taken.
Thank you for the information. I was worried that we may have missed something during the configuration, but it appears that the functionality has migrated to AACG. Thanks for taking the time to reply!