Takeaways From Oracle User Group’s Ascend Conference

Our team just returned from the OATUG / OHUG joint Ascend conference in Orlando.?My how things have changed…?Only a couple of years ago, there were just a few of us hammering the message that organizations using ERP / HCM Cloud should NOT be using seeded roles – period. This changed significantly this year as there were a record number of sessions at the Ascend 2023 Conference emphasizing this message.?

Oracle’s roles are overprovisioned both from a risk perspective and a licensing perspective.?One surprise from the conference was how many sessions included the risks related to Oracle licensing.?These sessions are indicative of the fact that Oracle has stepped up their license audits. We have long advocated for the customization of roles to reduce license risk and have been tracking the privileges that Oracle uses to identify who is consuming licenses as part of our ERP Armor: Rules subscription.?Because our ‘licensing risk’ ERP Armor rules has been overlooked at times, we have broken out this offering into a separate License Management datasheet which can be downloaded?here?if you would like to learn more.

The following are examples of commonly used roles that are significantly overprovisioned from a licensing perspective:

ERP Risk Advisors has a comprehensive library of pre-built fully customized roles to be leveraged during your implementation or for the remediation after go-live, if needed.?We also have several System Integrator partners who can deliver these roles as well. If you are interested in having a call to learn how our roles can reduce risk and reduce licensing costs, please email me, Jeff Hare CPA, CISA, CIA, at?[email protected].

Get Clean / Stay Clean

Another common theme from the conference was how to respond to auditors, especially considering quarterly patches introduce changes (and new risks) for everyone.?We can help you stay current per our quarterly updates. ERP Armor: Rules are analyzed by our experts each quarter keeping you current with the risks associated with Privileges, Duty Roles, and Data Security Policies. In our opinion, management cannot effectively manage risk without Access Control software.?The challenges most organizations face is due to the complexity of owning and managing Access Control software.?If this is your situation, we can help identify which solution(s) would best fit your needs and budget.?As part of our ERP Armor: Rules for ERP Cloud subscription we will help you ‘Get Clean and Stay Clean’ without the need for another consulting contract ever!