Oracle E-Business Suite 

SafePaaS offers the most complete risk management solution for Oracle E-Business Suite customers. With unmatched knowledge and experience with Oracle audit, risk and compliance solutions, SafePaaS is the solution chosen by enterprise EBS customers to propel their business and take them to the next-level. 

The complete SafePaaS platform is available to Oracle E-Business Suite customers making it easy for them to start their risk journey and grow with us, knowing that their most valuable asset is protected. Our cross-application capabilities ensure organizations can mitigate risk not just in EBS but beyond. 

Oracle E-Business Suite is the most comprehensive suite of integrated, global business applications that enable organizations to make better decisions, reduce costs, and increase performance.

With hundreds of cross-industry capabilities spanning enterprise resource planning, customer relationship management, and supply chain planning; Oracle E-Business Suite applications help customers manage the complexities of global business environments no matter if the organization is small, medium, or large in size.

Application configuration and security design, in this case for Oracle EBS, are essential for a successful enterprise application implementation, upgrade or deployment project. Project costs can overrun if application configurations are incorrectly documented or setup during key phase of the project such as analysis, design, configure, test and deploy. Risks, such as missed milestones and poor user adoption are increased if the ERP configurations fail the test of accuracy, validity and completeness. With the growing functionality of new releases, it is increasingly challenging to manage and secure thousands of complex configurations across multiple project environments without automated tools.

SafePaaS Risk Advisors and Solution Specialists with expertise in enterprise controls and business applications can provide independent assurance over application security design and configurations to control project costs and risks. SafePaaS DataProbeETL™ can automate application configuration reports to document setups, compare configurations across multiple environments and assess the impact of new releases on customizations such as database objects, concurrent programs, form extensions, value sets, workflows, alerts, etc.

Our application assurance services include a health check of access, transaction and configuration of your business applications. We work with control owners to remediate violations of organizational policies and control objectives. We can quickly remediate any application control deficiencies without burdening business process owners and IT staff by utilizing risk remediation tools such as Roles Manager to correct inherent risk in application security model.

Oracle E-Business Suite security model can be configured to grant users access based on Responsibilities as well as Roles. In this 17-page document, we provide an overview of the Oracle security model fundamentals, describe best practices for implementing access policies and share some key capabilities in SafePaaS to help you automate user access controls management process for users granted access to Oracle E-Business Suite applications through Roles as well as Responsibilities.

Oracle Responsibilities consist of navigation menus that include sub-menus, functions and programs called “concurrent requests”. Once a user is granted access to one or more Responsibilities, she/he can access all the functions and programs within all the available menus. There are additional security attributes that can limit user access to data and functions. A key drawback of the Responsibility based security model is that it does not support data level security.

Role-based access control (RBAC) fully introduced in Oracle E-Business Suite R12 offers significant security design improvement over the Responsibilities based option by normalizing access to functions and data through user roles rather than only users. RBAC security model improves access security by controlling what a user can do on each function or sets of data under specific condition, e.g. view and edit are actions, and task flows or rows in data tables are resources.

In this guide, you will learn:

• The fundamentals of Oracle E-Business Suite Security Model

• About each component of the EBS security model including:
  - Responsibility Based Access Management
  - Menus and Functions
  - Forms, HTML, Pages and personalisation
  - How to set user profile options
• Segregation of Duties Management with Role-based access controls
• User Management with Role-based access controls
• Role Inheritance
• Delegated User Management

Read the Guide