OracleAppsBlog
A day in the life of an Oracle Applications Consultant

Friday, June 25, 2004

Is your pricing data secure?

This post contains information about the new pricing security feature available in Release 11.5.9

For a long time, the pricing user community had been waiting for this functionality. Unlike all the financials modules, it was not possible to partition pricing data by operating unit. This was a serious issue in a multi-org environment. A sales order supported multi-org functionality but a price list or modifiers did not. This meant that pricing data was wide open to all the responsibilities that access price lists. There was also no function security available to make the price list ‘read only’ for a specific group of users.

A new HTML form has been introduced in Release 11.5.9 that can be configured using the Pricing Administrator responsibility (also a new responsibility in 11.5.9) to partition pricing data by responsibility, user or operating unit. It is also now possible to grant ‘read only’ access to a pricing user group (responsibility or operating unit) on a specific pricing object. This is really a powerful feature. The good news is that this security feature is available both in advanced pricing and in basic pricing. The bad news is that the new pricing security only works for the HTML interface. Moreover, the HTML interface does not show any of the descriptive flexfields defined in the pricing form. We hope that this gap will soon be taken care of by Oracle.

Conversions, Interfaces and Oracle Applications

This post contains information about data conversion and interfaces throughout the life cycle of an Oracle Implementation project.

Not available

Oracle Apps Implementation Documentation for a University

This post contains details of implementation documentation for an Oracle Applications Implementation at the Queensland University of Technology. In particular, I will discuss the Chart of Accounts documentation available at the Universities web site.

The Queensland University of Technology has some very useful Business Forms, Procedure Manuals and Training Documentation at the Division of Finance and Resource Plannings site. In particular the Chart of Accounts documentation clearly illustrates the accounting flexfield structure and associated values that should be used in such types of organization as a University.

Another sample Chart of Accounts can also be downloaded from my personal site.

Thursday, June 24, 2004

Oracle Applications Documentation - Business Forms, Procedures and Training Manuals

This post contains information on some Oracle Documentation I came across at the Rochester Institute of Technology.

According to their site, “the Rochester Institute of Technology (RIT) implemented Oracle Financials in October 1998. Over 350 users campus wide access the on-line system to prepare journal entries, inquire about account transactions and run custom and standard reports”.

I found some useful documentation on their site and thought I should mention it to readers of the blog. The Finance and Administration  section of the Institutes site has some very useful Business Forms, Procedures and Training Manuals which they used in their implementation and which I believe would be useful to other Apps implementors. Make sure you look under the Training Material section where you will find the Accounting Practices, Procedures and Protocol Manual.

Wednesday, June 23, 2004

Threat and Risk Assessment Working Guide

This post contains information on where to find a sample Threat and Risk Assessment document layout.

In a previous post I introduced readers to the Oracle Applications Implementors Journal at ITtoolbox. I talked about the first post on this blog which related to performing a Threat and Risk Assessment for Oracle Applications (TRA). I subsequently spoke to author of this post and asked if there was anywhere on the Internet where I could find a document layout/template that would assist in the preparation of such an assessment. I was provided with a link to a Threat and Risk Assessment Working Guide where you can download a fairly comprehensive 132 page document. According to the site: -

"This document entitled Threat and Risk Assessment Working Guide
provides guidance to an individual (or a departmental team) carrying out a
Threat and Risk Assessment (TRA) for an existing or proposed IT system. This
document will help determine which critical assets are most at risk within that
system, and leads to recommendations for safeguards that will reduce any risks
to acceptable levels.

By following the guidance given therein, a TRA can be carried out such
that it results in a concise report that:

  • defines the IT system under assessment;

  • states the aim of the assessment, along with the desired security level to be attained;

  • identifies potentially vulnerable parts of the system;

  • states the potential impacts of successful threat events on: the IT system; the business functions that the IT system supports; and the applications used carry out the business functions, in terms of confidentiality, integrity and availability; and

  • provides recommendations that would lower the risks to acceptable levels".
  • I am sure the TRA working guide will be useful to any organisation who wants to perform some type of security evaluation on their systems. You will also find other useful IT Security documentation at the Government of Canada’s knowledge centre

    Page 2 of 7 pages  < 1 2 3 4 >  Last ›