Run SOD Analysis in the Security Console

As you create or edit roles in the Security Console, you work through a series of pages. One of them, Separation of Duties, evaluates provisioning rules to uncover separation-of-duties conflicts in the role you're working with.

In summary, as you create or edit a role you supply basic information, define function security policies and data security policies, define a role hierarchy (a set of subordinate roles from which the role you're creating inherits functional access), and assign the role to users. Once you've defined the role hierarchy, you use the Separation of Duties page to determine whether the hierarchy contains roles that violate your provisioning rules.

To use the Separation of Duties page, however, you must first enable it: In Oracle Fusion Functional Setup Manager, open the Manage Administrator Profile Values page. (You can use the Search option, available in the panel tab, to search for this page.) In the Profile Option Code field, enter ASE_SEGREGATION_OF_ DUTIES_SETTING, then click Search. Set the site-level value for this option to Yes.