KPMG - Securing the Cloud ERP
KPMG - Securing the Cloud ERP

KPMG - Securing the Cloud ERP

KPMG can help an organization better leverage Oracle Cloud ERP to transform business with simultaneously mitigating risk and complying with industry regulations.


Oracle's cloud ERP solutions can streamline your financial operations. With cloud-based technologies employees can support the organization from anywhere, at any time, on any device. But with easy access comes exposure to risk. The expanded number of access points makes it more difficult to keep data safe and comply with regulatory requirements.

That's where KPMG comes in. We can help you better leverage Oracle cloud ERP to transform your business, while simultaneously mitigating risk and complying with industry regulations.

Shouldn't you get on board now? Building in controls from the start is the only right answer.

Here's how you begin to take advantage of the securing the cloud ERP framework. To balance enablement with data and transaction protection.

When recruiting and hiring a new AP clerk, the Oracle cloud Human Capital Management (HCM) system allows the recruiter to post a job. Candidates apply online, are interviewed and someone is hired.

The candidate information is pulled in from his online application to complete the Employee New Hire Access Profile, using HCM, with the recruiter filling in any missing data. This way the employee's access can be provisioned using a process that validates segregation of duties. Then cloud security tools take over to set up the user's access to the cloud finance solution. To streamline the creation of the user account, the HCM attributes are transferred over using the security tools to the cloud user repository. Then the security tools automatically set up the user account, assigns the appropriate application role and routes a notification to the supervisor to request validation and selection of any additional roles.

At this time, access controls review processes are used to ensure the user's access does not violate segregation of duties and sensitive access requirements.

After the new employee attends training for his new position, his account is activated and he can now process transactions in Oracle cloud financials. No more waiting a week for someone to get to a ticket.

Later when the employee changes jobs or is promoted, his change in job role triggers an update to his permissions and finance, as well as a myriad of other applications and shared drives. The user's new roles are validated using the access controls processes, and the employee and supervisor are automatically notified that the old role was removed from the user account and the new job role has been assigned granting appropriate access.