Oracle AACG Alternative – Oracle GRC

Oracle discontinued selling on premise GRC software on June 1st, 2015. Now, the GRC Advanced Controls products including Application Access Controls Governor (AACG), Configuration Controls Governor (CCG), Preventive Controls Governor (PCG) and Transaction Controls (TCG) are under sustaining support which will expire in 2021* according to the de-support notice. (updated)

The lack of support and enhancements to control emerging cyber security risks can cause ERP control defects, increase audit costs and result in regulatory penalties. Oracle Risk Management Cloud, the next generation of GRC products does not support on premise ERP systems such as e-Business Suite, PeopleSoft or JD Edwards. It only supports Oracle ERP Cloud so for those customers with multiple ERP systems and business-critical applications it isn't the best option.  

SafePaaS is the only enterprise end-to-end controls platform for an AACG, PCG, TCG, and CCG alternative. Many Oracle GRC customers have already made the move. Here's why:

SafePaaS can not only detect ERP control defects like AACG, CCG and TCG and prevent risks with workflows rules like PCG in Oracle EBS, but it also offers significant enhancements to protect critical business information in your cloud applications too. SafePaaS, available in the cloud, includes advanced features such as automated false positive management, closed-loop workflows which enable remediation and user defined reporting on a single integrated platform.

We go well beyond product support by drilling down into toxic access privileges resulting from the combination of possible access points and security hierarchy. We eliminate irrelevant Segregation of Duties violations using global and local exception filters to remove “false positives” or violations that pose no real SoD risks. Once you have the true SoD violations, remediation actions can be performed more efficiently.

SafePaaS platform includes executive-level dashboards for proactive, timely and accurate decisions resulting in lower external audit costs as the number of audit findings are significantly reduced.

You can continuously monitor business activities within your enterprise applications with instant access to the largest catalog of automated application monitors covering 1,000+ business controls for all major processes such as Procure-to-Pay, Order-to-Cash, Hire-to- Retire, Design-to-Ship, and Financial Record-to-Report.

You can get access to all user-friendly GRC features and start using SafePaaS to control cyber security and risks in Oracle EBS within 24 hours after your order is approved. No need for costly IT infrastructure or time-consuming implementation activities. Just connect SafePaaS Secure DataProbeETL™ to your Oracle E-Business Suite and take a snapshot of the selected rules.

You can get ERP control test results in just one day by utilizing our comprehensive risk repository, which is one of the largest collection of SoD Rules used by major audit firms including the Big4.

Upgrade to SafePaaS risk management services at a fraction of the cost of Oracle GRC, improve your Oracle E-Business Suite controls and protect all your business information on-premise and any cloud applications.

Replace legacy AACG Oracle GRC Reports with modern graphical dashboards with drill-down details.

Import Access controls from Oracle Access Controls (AACG) to SafePaaS Access Rules

Easy-to-use and reliable export/import utility to help clients migrate and add controls from any other source using excel templates. Each imported control is validated against the ERP snapshot to ensure that all controls provide valid coverage.

Map Oracle change controls (CCG) Snapshots and Change Trackers to SafePaaS Configuration Monitors

The “snapshot” based advanced analytics ensures that a complete audit history of the ERP controls is readily available as evidence for the application objects selected for continuous monitoring within a data source. Snapshots can also be compared over time and across data sources to automate SDLC management.

Transfer Oracle Transaction Controls (TCG) to SafePaaS Transaction Monitors

Fully configurable transaction monitors can be assigned to one or more approvers and reviewers as the business owner of the controls. The transaction incidents are assigned to the assigned owners using a closed-loop workflow to ensure that the incident response is captured and available for independent review by audit as evidence of effective control management.

Replace Oracle Preventive Controls (PCG) with SafePaaS Process Workflows

Process control monitors provide Flow Rules like capability by capturing an object event (e.g. change in supplier bank account) that is transferred as an event “snapshot” to SafePaaS from EBS and assigned to the control owner using the control monitor workflow.

Our platform extends well beyond the capabilities of legacy GRC to take your enterprise to the next level.