Revised Models in Content Library

Updates are made to three transaction models in Advanced Financial Controls. These models are found under the Enterprise Resource Planning Library.

Accounts Payable Models

30007: Payables Invoices for Debarred Suppliers

Two new filters are added to the end of the model logic to reduce the number of false-positive results. This was done by using equal condition filters for business unit and supplier ID attributes. These filters are labeled:

Invoice business unit equal to debarred supplier Procurement BU ID
Invoice supplier equal to debarred Supplier ID

40012: Payable Invoices Approved and Created by the Same User

When invoices are approved, the last user to update the transaction can be the same person who approved it. Therefore, model logic was revised to take this into consideration to prevent false-positive results.

The model’s name and description are updated to reflect the changes. The model no longer analyzes users who last updated the invoice and approved it.

Two filters were removed that use the Last Updated By attribute at the end of logic region:
- Same user updated a payables invoice and completed its approval
- Same user updated a payables invoice and acquired and performed the approval action for it

A third filter was updated to use Task Assignee User Name attribute instead of Completed By.

Result Display no longer includes the Last Updated By attribute.

40013: Payable Invoices Approved and Payment Created by the Same User

The model’s name and description are updated to reflect the changes. The model no longer analyzes users who last updated the payment and approved the invoice.

Two filters were removed that use the Last Updated By attribute at the end of logic:
- Same user updated a payment and completed the approval action on its invoice
- Same user updated a payment and acquired and performed the approval action on its invoice

A third filter was updated to use Task Assignee User Name attribute instead of Completed By.

Result Display no longer includes the Last Updated By attribute.

Updates to existing content are made periodically, based on changes, input, or recommendations by experts.

Steps to Enable

A Risk Management administrator should review the following before users import models in Advanced Controls.

An individual importing models must be granted security access to business objects to view and use the models. Check this security under Risk Management Data Security > Business Object Security.

On the Advanced Controls Configuration tab, the Transaction and Audit Performance Configuration date options are required. Navigate to Risk Management > Setup and Administration to review and define the two created-as-of-date options. These settings improve performance by eliminating older data from data-synchronization jobs. When these created-as-of-date options already exist, you should periodically review and change them to return only current data.

Tips And Considerations

Before using new model content, evaluate available models that match requirements for your organization under the Import action for models. The Import from Content Library page is organized by product area and model types. Once you identify models appropriate for you, import, review, and modify them in your test environment. Importing all available models is not recommended. In some cases, you may have already imported the model in a previous update. Or, some may source data from products or audit configurations you have not enabled. Moreover, models may contain user-defined or imported business objects that create data set controls or objects, respectively.

NOTE: There is no way to revise an existing control with new business objects, filters, or the attributes displayed. Uptake of any delivered-model revisions starts by importing and reviewing them as a model.