How are Application Auditor (AA) and SOD Violation Manager (SOD VM) related?
Use SOD VM to deploy your Segregation of Duties policies. The intent of SOD policies is to prevent individual users from having sufficient application access to enter two transactions that are incompatible from a financial controls standpoint. Where that might not be practical, use AA as a compensating control to review transactions after the fact.
SOD VM is the framework for implementing SOD policies and reporting policy compliance in an EBS environment. It reports user SOD access violations. AA captures a permanent record of selected transactions, so you can review them for compliance with SOD policies or other purposes.
SOD VM provides snapshot reporting of user SOD access violations. AA, when used with SOD VM, allows you to detect changes that would create SOD violations. You can configure AA to allow or prevent the changes, and report the fact or the attempt in real time, so you don’t need to wait until the next SOD VM snapshot to detect user SOD access violations.
It is possible to use SOD VM and AA individually or together, depending on the requirements.