Audit Objects
You can use the Oracle Cloud audit framework to track changes to records your organization creates in Oracle Fusion Cloud Risk Management.
You're strongly encouraged to use this feature. In part, it supports tasks you may need to complete regularly. External auditors may require you, for instance, to justify changes to controls that have occurred over an audit period. Audit reports can identify those controls and help you to justify the changes.
Internally, auditing helps you to control edits that have very significant effects. For example, global user IDs differentiate users whose role assignments are analyzed by access models and controls. One implementation task is to select values that distinguish one global user from another. At any point after, a user may modify those values, but if so, all access model results and control incidents are purged. So are results and incidents for transaction models and controls that incorporate the User business object. The audit capability enables you to monitor significant changes such as this one.
The following are the objects, and the attributes of those objects, you can use the audit framework to track.
-
Advanced controls: Control name, description, status, priority, flexfields, result investigator, perspectives, result perspectives, and related records.
-
Entitlements: Entitlement name, description, status, and access point name.
-
Global conditions: Name, filter name, attribute, condition, and value.
-
Global users: First name, last name, middle name, user name, global user ID, email, hire date, status, and job.
-
User-defined access points: User-defined access point ID, name, and description.
-
User groups: New groups, deleted groups, and members who have been added to groups, removed from them, or are no longer eligible for them.
-
Business object security: User name, Access by product or business object.