configuration grc & oracle configuration controls governor 5.5
DESCRIPTION
Configuration GRC & Oracle Configuration Controls Governor 5.5. March 2009 Oracle GRC Strategy – Barry Greenhut. Application GRC tells you…. Who’s using our apps? ACCESS CONTROLS What can they do? CONFIGURATION CONTROLS What have they done? TRANSACTION CONTROLS. - PowerPoint PPT PresentationTRANSCRIPT
Configuration GRC & Oracle Configuration Controls Governor 5.5March 2009Oracle GRC Strategy – Barry Greenhut
2
Application GRC tells you…
Who’s using our apps?ACCESS CONTROLS
What can they do?CONFIGURATION CONTROLS
What have they done?TRANSACTION CONTROLS
3
Application GRC controls reduce…
Financial Loss
Compliance Cost
Audit Effort
!!
4
Configuration examples
• Financial Loss• Tax mis-configuration causes under-collection of taxes, goes
undetected for months. Consequences: Pay taxes on behalf of customers, plus penalties.
• Clerk changes bank account info without cross-check, millions transferred before fraud discovered.Consequences: Money lost, or frozen pending litigation; public confidence shaken due to notoriety.
• Sales reps raise customers’ credit limits so they can buy more.Consequences: Customers default on payments, receivables aging forces write-downs.
5
Configuration examples
• Compliance Cost• Ledger Set mis-configuration allocates revenues amongst
divisions incorrectly. Consequences: Restate and refile quarterly results; public confidence shaken due to notoriety.
• Audit Effort• Production patch resets vendor tolerances, goes unnoticed
for months. Consequences: Internal audit team spends months proving there were no abuses; external auditors perform substantial transaction examination.
!!
6
How do I control costs/risks?
• Control setup changes that can have significant financial or regulatory impact
• Identify setup changes that violate financial or regulatory policy
• Accelerate documentation and analysis of setup values
7
Use CCG to control costs/risks
Use CCG to:Change Tracking
Snapshots & Comparisons
Reduce Financial LossControl setup changes that can have significant financial or regulatory impactReduce Compliance CostsIdentify setup changes that violate financial or regulatory policy
Alert users when key
setups change
Find differences
between production &
baseline
Reduce Audit EffortAccelerate documentation and analysis of setup values
Audit trail of changes
Document all setup values, as seen in the
original application
8
CCG has delivered GRC savings since 1998
• No substantial competitors• Just the configuration GRC you absolutely need:
• Full audit trails and alerts (Change Tracking)
• Comprehensive record keeping (Snapshots)
• Find discrepancies (Snapshot Comparisons)
9
CCG has delivered GRC savings since 1998
• Quick to implement – can be done in one day, thanks to shrink-wrap support for:• EBS R12 – 12 modules (550+ setups)
EBS 11i – 66 modules (3,000+ setups)• PSFT HCM 8.8 – 9 modules (400+ setups)
• Protects data from prying eyes – you control all access
• Centralizes all controls and data in a single source of truth
10
CCG 5.5 keeps all key GRC features
• Snapshots, Comparisons and Change Tracking• Quick implementation with shrink-wrap coverage for
EBS R12, EBS 11i, PSFT HCM 8.8• Use MetaBuilder to add coverage of any setup data that’s
stored in an Oracle database• Comprehensive Data Security• Single Install, Centralized Control Repository• Flexible – Reconfigure whenever needed• No price increase – Costs far less than custom or
manual solutions
11
Shrink-Wrap Coverage
EBS R12 550+ setups
EBS 11i 3,000+ setups
PSFT HCM 8.8 400+ setups
BASE ENGINEAlertsApplication Object LibraryCommon ModulesSystem Administration
FINANCIALS General LedgerSubledger AccountingPayableseBusiness TaxLegal Entity ConfiguratorReceivables / iReceivables
PROCUREMENT iProcurementPurchasing
BASE ENGINE
CONTRACTS
CRM
DISTRIBUTION
FINANCIALS
HR/PAYROLL
MANUFACTURING
PLANNING
PROCUREMENT
PROJECTS
PUBLIC SECTOR
BASE ENGINE
HCM Benefits Compensation HR Payroll Pension Recruiting Stock Administration Workflow
12
Use MetaBuilder to Add More Coverage
13
Use MetaBuilder to Add More Coverage
• Use MetaBuilder to add support for more setups • Anything that's stored in an Oracle database is fair game• Requires app developer expertise
• Make markets by: • Identifying a group of clients that need configuration GRC for
a specific vertical, line of business, or business process• Identifying a handful of key setups to govern• Building support just for those setups
14
EBS R12 Snapshots, Comparisons & Change Tracking
• Protect your Configuration GRC investment when upgrading to R12, and when using R12• Identify configuration changes with Snapshot Comparisons –
no other product can compare 11i10 to R12• Change-track R12 setups from Day 1• Dedicated presentation: “CCG for R12 Upgrades”
• The entire GRC Controls Suite now supports R12:AACG 8.2 • CCG 5.5 • PCG 7.3 • TCG 7.3
15
Field-Level Change Tracking
• #1 feature request from CCG users• Get just the Change Alerts you want:
• Before, CCG users were numbed by a flood of alerts about non-critical fields
• Now, users choose the fields they want to hear about• Users can also choose the fields seen in dashboards and
reports• CCG always captures the full audit trail for all fields, and can
alert/display/report them anytime
16
GRC Branding
• Makes the GRC suite feel more unified
• Adopts GRCC look and feel, in UI and reports
• Replaces “Integra” and “Apps” with “Oracle” and “CCG”
17
Performance & Reporting Improvements
• #2 request from CCG users• Faster and more reliable
• Faster lists of definitions, occurrences, jobs• Faster and more reliable reports
• OBIP is extensible• This release introduces Oracle Business Intelligence
Publisher for all reporting• Owners who want to develop new reports can use their own
OBIP server – OCS/partners can assist
18
Updated Certifications
CCG 5.5 CCG 5.1Business Application
EBS R12, 11i10 EBS 11i10, 11i9, 11i8, 11i7, 11.0.3PSFT HCM 8.8 PSFT HCM 8.8, 8.3
Operating System
RedHat Enterprise Linux 5 RedHat Enterprise Linux 4Future: Solaris 10 Solaris 10, 9Future: Windows Server 2003 Windows Server 2003Future: Oracle Enterprise Linux 5
Application Server
Tomcat 5.5 Tomcat 5.0Future: Oracle 11g Oracle 10g
WebLogic 8.1Database Oracle 10gR2 Oracle 10gR2, 9iR2, 8iWeb Browser
IE7 IE6, IE5.5Firefox 3
19
What’s not in CCG 5.5
• Does not offer Setup Migration• iSetup is Oracle’s tool for migrating setups
• No license fee• OCS now able to implement• iSetup team already working with key CCG Setup Migration
customers – e.g., Dell, Pfizer, Ingersoll Rand• For CCG owners using Setup Migration today:
• Premier Support for 5.1.3 continues through December 2010• No enhancements – only bug fixes
• For EBS owners upgrading to R12: No product can migrate 11i setups to R12; only CCG can compare 11i setups to R12 setups
20
CCG & iSetup
CCG iSetupCCG and iSetup complement each other
Reduce financial lossReduce compliance costReduce audit effort
Migrate setups during application rollouts
They do not compete with each other
Snapshots perfect for GRC• Cross-release• Controlled for data security• Display setups as seen in EBS• Fine-grain filtersChange Tracking
Snapshots perfect for verifying migrationSetup Migration
21
CCG & Configuration Management Packfor Enterprise Manager
CCG CMPCCG and CMP complement each other
Reduce financial lossReduce compliance costReduce audit effort
Troubleshoot failed servers and applications
They do not compete with each other
Change tracking perfect for GRC:• Shrink-wrap supportNo need for a developer to implement• Complete change dataNo need for a developer to translate into business termsSnapshots & Comparisons
Change tracking perfect for troubleshooting
22
CCG & PCG
CCG PCGCCG and PCG complement each other
Detect configuration change• Track changes to setups and compare snapshots• Rapid start with shrink-wrap support for 1000’s of setups
Restrict user activity• Hide or mask EBS fields• Require third-party approval of EBS data changes• Require reason codes for EBS data changes
They do not compete with each other
Quick implementation with shrink-wrap supportSetup data only
Track changes to any EBS data Configured manually
23
What 5.5 means for Customers
• CCG remains a priority at Oracle• On long-term roadmap
• CCG is a trusted solution that’s only getting better
24
CCG available today
• This information can be communicated to customers immediately
• CCG can be demo’d and sold today
25
Summary
• Configuration Controls Governor offers GRC value:• Reduce Financial Loss and Risk• Reduce Regulatory Compliance Cost and Risk• Reduce Audit Effort
• CCG is a mature product that provides a single place to manage all application configuration GRC
• CCG comes ready-to-use, with support for: • EBS R12 (12 modules, 550+ setups)
EBS 11i (66 modules, 3,000+ setups)• PSFT HCM 8.8 (9 modules, 400+ setups) • Add more support using MetaBuilder