To help enterprises significantly improve compliance and reduce potential for fraud, Oracle has announced enhanced capabilities for its Identity Manager
The enhancements to Oracle Identity Manager, Oracle's user provisioning and identity administration solution, allow enterprises to enforce more granular Segregation of Duties (SoD) in enterprise applications, including the Oracle E-Business Suite , Oracle's PeopleSoft Enterprise and SAP ERP applications. Enterprises can automate user provisioning and centrally manage, monitor and report on SoD-compliant user access in real-time at a fine-grained entitlements level.
The program includes a new SoD integration architecture that provides complete, hot-pluggable support for all leading SoD engines including Oracle Applications Access Controls Governor and SAP Business Objects Access Controls.
Real-time monitoring and enforcement of SoD policies enables enterprises to significantly reduce security risk from fraudulent activities, comply with regulations such as Sarbanes-Oxley and reduce total cost of ownership (TCO).
With the enhanced capabilities of Oracle Identity Manager, SoD policy enforcement becomes an integral part of the provisioning and account request approval processes, enabling enterprises to:
- Significantly reduce security risks from error-prone manual
provisioning and apply consistent access policies across all
applications and systems to achieve a sustainable, cost-effective
- Leverage domain expertise, validation policies, workflows and
comprehensive SoD libraries within SoD engines to lower TCO,
shorten time-to-value and enforce preventive controls to
proactively identify potential fraudulent activity.
- Maintain a complete audit trail, including SoD conflicts, across
multiple applications and IT systems to support regulatory
Oracle is also shipping the new Oracle Identity Manager connector for SAP that is integrated with the enterprise process for user and role administration. Specifically:
- SoD conflict check is always performed, whether the privilege
was requested directly or indirectly through a role and can be
configured to be done before or after any approval workflow
- An SoD conflict is always recorded in the identity management
audit trail and can result in new exception workflow for
Additionally, Oracle is now shipping the new Oracle Identity Manager Connector for the Oracle E-Business Suite that:
- Comes pre-configured with Oracle Applications Access Controls
Governor, providing real-time SoD validations for granular,
responsibility level user provisioning in the Oracle E-Business Suite
- Makes Oracle Identity Manager the central source of identity
management data across all user directories and Oracle EBS user stores
eliminating the need for point to point integrations.