Oracle E-Business Suite does not include built-in GRC controls.  Customers need to develop their own controls or use software from Oracle or independent software vendors.

You might find Oracle’s offering provides more capabilities than your requirements, at a price that can’t be justified, and take too long to implement.

Oracle’s GRC Controls Suite is licensed separately from the E-Business Suite.  The four components are:

• Oracle Applications Access Controls Governor
• Oracle Configuration Controls Governor
• Oracle Transaction Controls Governor
• Oracle Preventive Controls Governor

SOD Violations Manager and Application Auditor provide the automation capabilities to support the above functions in your E-Business Suite environment: User access controls; setup and configuration controls; business transaction controls.  AA also gives you the ability to prevent any kind of user access, configuration, master data or business transaction.

AA provides additional capabilities:

• It can be used to audit what DBAs and System Administrators do with the EBS database (DDL auditing).
• You can use the table auditing features on any Oracle Database, not just E-Business Suite.
• AA automates audit configuration migration and revision control, so you don’t have to re-key your business rules and you’ll always be able to fall back or review historical configurations.