Database Reference
In-Depth Information
Oracle Application Access Controls Governor
Oracle Application Access Controls Governor (AACG) is a segregation of duties,
control authoring, and handling solution that works within and across ERP
systems, such as Oracle E-Business Suite and PeopleSoft—to detect and prevent
incidents of user access control violations. It can also be extended to monitor user
access incidents in other off-the-shelf, custom and legacy applications including
J D Edwards, SAP, and Salesforce. Each AACG control specifies "entitlements"
to a company's business-management applications that should not be assigned
simultaneously to individual users. AACG then finds users whose access grants
violate access controls.
The following figure shows the steps to set up and maintain application controls in
Oracle AACG:
Identify
Objectives
Model
Walkthrough
Select
Controls
Analyze
Control
Remediate
Implement
Corrections
Assign
Owner
Identifying objectives
Access Control Objectives
can be defined using an
Access Controls Matrix
,
which provides the framework to implement access controls consistently within
and across business applications. The Access controls matrix defines roles with
access points across the rows and columns with confliction access levels identified
in each cell. Application roles are designed to provide user access to application
data and functions based on the job descriptions and responsibilities. AACG tool
tests application roles to ensure that the application security model complies with
segregation of duty and access controls established by the organization. The security
model of each application may vary. However, AACG provides consistent results
based on the access points defined in the Access controls matrix. The following
screenshot gives an example of the Access Controls Matrix:
Search WWH ::
Custom Search