Certify Responsibility Assignments

Periodic Reviews of Oracle EBS User Access
Turn periodic Oracle responsibility reviews into a quick process that's easy for the approvers and satisfies the auditors.
Process Efficiency
Most Oracle E-Business Suite customers periodically audit user responsibility access.  This activity falls under governance, risk, and compliance (GRC), and segregation of duties (SOD) controls.  Due to the complexity of EBS User-Responsibility assignment data, Internal Audit often gives this task to the Information Technology organization.

 

Eliminate the need to redirect IT staff to manage or participate in this burdensome quarterly process.  CRA can organize the approvers - usually super users or business process owners - and present the relevant information to them.  The approvers can manage their work and make decisions right in the system.

CRA  generates the audit documentation you will need at the end of the year for SOD audits and user access reviews.

You get process efficiency, audit accuracy, and continuous visibility.

The entire process occurs within CRA using EBS user-responsibility assignment data. Audit progress and results are available online for participants and stakeholders to view at any time.

Auditor Independence
CRA allows internal auditors and responsibility assignment approvers to be more independent.  There is no need for IT to extract information from EBS for auditors and approvers to review. Or to collect the approvers’ decisions.  Or to end-date designated assignments.

 

CRA provides streamlined access to EBS user and responsibility records for the auditors and approvers. It carries out decisions to remove user responsibility assignments.

Usage - Audit Managers
  • Designate which E-Business Suite responsibilities are in scope.
  • Assign responsibilities to business process owners who will approve user assignments.
  • Notify approvers and launch periodic user responsibility audits.
Usage - Approvers
  • Approve groups of assignments.
  • Research all of a responsibility’s users.
  • Research all of a user’s assigned responsibilities.
  • Approve or remove a user’s responsibility assignment.
  • Request justification for responsibility assignment from the user or their manager.
  • Document decisions with reason codes and notes.
Features
  • Dashboard graphs to monitor audit progress.
  • Comprehensive interactive reporting for audit managers, approvers, and stakeholders.
  • Approvers can be employee managers or designated by responsibility.
  • Can be integrated with SOD Violations Manager to show user SOD violations.
  • Automatic end dating of user responsibility assignment based on approver decision.
  • Installation is fast and simple.
  • No additional hardware or Oracle software to purchase.
Results
  • Timely completion of user responsibility audits.
  • Minimize the disruptive, housekeeping workload on approvers and managers.
  • Permanent record of all certification decisions.
MENU