1. Security Guide
  2. Introduction

1 Introduction

Oracle Retail Supplier Evaluation Cloud Service is a collaborative cloud service for the on-boarding and evaluation of merchandising suppliers, enabling the assessment and governance of ethical, environmental, safety, and quality performance. It manages the selection of suppliers against Environmental, Social, and Governance (ESG), brand standards and governance policies, incorporating supplier self-certification survey and assessment, audit and action management, vendor performance, and incident alert notifications.

Oracle Retail Supplier Evaluation Cloud Service is composed of the following modules:

  • Library enables the issue, receipt, and acceptance of policies, guidelines, and key working documents.

  • Process supports the development of process briefs, plans, and workflow management.

  • Supplier enables the identification, selection, and approval of suppliers.

  • Reports provides a reporting tool for reporting across the system, using standard templates and custom reports.

This document is divided into six main sections:

  • Responsibilities - discusses the shared responsibility model of security.

  • Oracle Retail SaaS Security - outlines the policies and procedures Oracle Retail uses to meet its security responsibilities.

  • Supplier Evaluation Architecture - details the architecture of the Supplier Evaluation Cloud Service, particularly as it relates to security.

  • Supplier Evaluation Authentication and Authorization - describes how Supplier Evaluation Cloud Service performs authentication and authorization.

  • Supplier Evaluation Permissions - describes the Supplier Evaluation Cloud Service role-based security model of roles, authority profiles and permissions.

  • Frequently Asked Questions - a number of specific questions related to security that are frequently asked by prospects, customers, and implementers.

The goals of this document are to:

  • Explain the security responsibilities of Oracle and the retailer/portal owner in the SaaS model.

  • Educate retailers/portal owners about Oracle's cloud security policies and controls.

  • Describe Supplier Evaluation Cloud Services:

    • general architecture, particularly as it relates to security

    • security features

  • Define additional steps customer IT staff must perform to communicate securely with Supplier Evaluation Cloud Service.

  • Guide customer administrators in the actions they need to perform to:

    • create application users

    • assign roles to application users

  • Provide answers to frequently asked questions about Supplier Evaluation Cloud Service security.