New Risk Management Dashboards

To support the growing need for Risk Management analytics, Oracle has introduced four prebuilt dashboards. These dashboards provide insights into access and transaction analysis, access certifications, and internal controls. To access these dashboards directly, navigate to Risk Management > Risk Management Dashboards.

The Access Algorithms Summary dashboard includes:

• Five incident-count performance tiles: Assigned, In Remediation, Resolved, Accepted, and Closed.
• Two bar charts: Top 5 Users with Conflicts and Top 5 Roles with Conflicts.
• A detail report called Separation of Duties (SoD) and Sensitive Access (SA) Algorithms.
  • Click on an algorithm name to drill to the algorithm definition.
  • Click View to view the run history for a given algorithm.

Access Algorithms Summary Dashboard

The Transactional Algorithms Summary dashboard includes:

• Five incident-count performance tiles: Assigned, In Remediation, Resolved, Accepted, and Closed.
• A detail report called Audit, Configuration and Transactional Algorithms, which offers an analysis that lists your advanced controls. For each control, you can:
  • Click its name to drill down to its definition.
  • Click its Pending Incident count to review its pending incidents. 
  • Click a View prompt in the Run History column to view its run history. A secondary report displays the run history for the algorithm.

Transaction Algorithms Summary Dashboard

The Access Certification Summary dashboard provides two tabs that summarize access-certification campaigns and requests for role assignments to be removed.

Access Certification Summary Dashboard

The Access Certifications Summary tab includes:

• Five performance tiles: Completed, Pending, Investigate, Keep, and Remove. The Remove tile reports the number of user-role combinations to be removed.
• A report called User Access Certifications tracks pending and completed certification campaigns. In this report, click the name of a certification to drill down to its access-certification definitions, or click a role name to view an Access Certification Results by Role Name report. If you're a certifier, you can click your name in the Certifier Name column to complete your certifier worksheet.

The Requested Role Removals tab displays information about the user-role combinations that need to be removed, grouped by certification. You can filter on the Certification Close Data and Certification Name columns.

The Internal Controls dashboard displays views of your risk-control matrix and of control assessments. Click its Internal Controls tab to see:

• Three performance tiles that display internal-control counts: Active Controls, Active Risks, and Open Issues. Click the Open Issues tile to view a secondary report that lists the open issues.
• A detail report called Risk and Internal Controls Matrix, which offers a list of risk records and the mapped internal-control records.

Internal Controls Dashboard

Click the Internal Control Assessments tab to view:

• Four counts of internal-control assessments: Controls Assessed, Completed Assessments, In Progress, and Open Issues from Assessments
  • The Completed Assessments secondary report presents a list of completed assessments. Dashboard prompts are available to filter the data by Completion Date, Perspectives, Assessment Name, Internal Control Name, and Response.
  • The In Progress Assessments secondary report presents a list of those assessments that are in progress. This includes active assessments where the status is New, Awaiting Approval, In Review, Rejected; Rejected for Information in Approval, or Request for Information In Review.
  • The Open Issues from Assessments secondary report displays a list of issues were generated during an assessment.
• A detail report called Assessment Details, which provides information about assessments and the objects included in them. Dashboard prompts for perspectives provide a method to filter the list of records.

Internal Control Assessments Dashboard

Business Benefit

Oracle's Risk Management dashboards provide powerful tools to enhance your organization's oversight and control.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

The delivered dashboards provide a solid foundation to help meet your organization's business objectives. However, you may want to incorporate specific analyses to align with your corporate goals. To do this, simply create a copy of the provided dashboard and its associated analysis.

You can then append or modify the dashboards and analyses as needed.

• Locate your Custom Dashboard: Navigate to the OTBI catalog at: Shared Folders > Custom > {CUSTOM_FOLDER} > {CUSTOM_DASHBOARDS}.
• Copy the URL: Click "Open" under your custom dashboards and in your browser window, and copy the entire URL.
• Update Risk Management Environment: Go to Setup and Administration > Configuration Options > Risk Management Dashboard Configuration. Then select "Edit" and paste the copied URL into the designated field. In the event you want to revert to the default URL, click Revert to Default. The system will remove the URL and the Custom Dashboard URL will be empty.
• Access the Dashboards: After applying the URL, the delivered dashboards will be accessible from the Risk Management Dashboard springboard.

NOTE: If you previously applied a custom OTBI URL and don't want to use the delivered Risk Management dashboards, no action is needed.

Access Requirements

The Risk Management dashboard icon feature requires one privilege called View Risk Management Dashboard (GTG_VIEW_RISK_MANAGEMENT_DASHBOARD). This privilege was delivered in 23D and is inherited in these job roles:

• Advanced Access Controls Analyst
• Advanced Transaction Controls Analyst
• External Auditor
• Risk Activities Manager
• Risk Administrator
• Access Certification Administrator