SOD Segregation of duties JD Edwards

chiron.neo

Member
Any advice on how to implement a SOD solution in JDE without using external 3 party softwares?
If anyone has worked on similar solutions before and could give me some suggestions or direct me to some documentations on it, that would be great.
The solution, needs to check user and their roles to sees if there are any conflicts.. to keep it in line with SOX. I suppose about 6 tables would be needed with 2 applications. 1 Application to be used as an entry screen etc. The matrix is built for AP, which I'll use to check conflicts.
 
Hi,

It would be helpful to understand your setup, ie. do you have multiple roles per user, have you implemented the deny all strategy, is your matrix based on simply seperating JDE Roles from each other or a comparison of Programs and their Action Code security?

The answers will dictate how complex or simple the end result will be. If your just interested in seperating roles you could start with the user to role relationships (P95921).

I wouldn't recommend this way though as Auditors typically want to know more about what is going on in a role with regards to the security settings.

Thanks,
 
Hi,
I tried to do the same as you some months ago but JDE has a lot of limitations when trying to implement a SoD solution. On top of that it has not got any reporting application available in order to prove that you are in line with SOX. Personally I don’t see it feasible without using external 3rd party software – we went for ALLOut.
 
This isnt so easy but I have done it. Feel free to give me a call and i can chat to you for 15 minutes.
 
Apart from F00950, Security Workbench Table, you may want to consider, for application SODs, only users who have access to production environment. So you may want to consider the below files first. IT personnel usually fall under a different compliance requirement where they should not have access to anything in the production environment and should be restricted except for a designated few.

F0092 Library Lists - User
F0093 Library List Control
F0094 Library List Master File
F95921 Role Relationships Table

There are several other things you may to consider too.

From my experience, i think it will be worth your time to consider third party software that does SODs reporting very well and in fact much more. It will probably cost a lot less than in-house development. If you are interested, I will be happy to shed some insight on third party software I have used.
 
The Idea is to write an application as a entry screen which will caputure the roles with a link to the JDE F95921 Table and show if there is a conflict. Hopefully this will be able to show what conflicts exists and a description on why the role conflicts are there.
 
I would have prefered to get a 3rd party solution but the client insists on dev an inhouse solution.
frown.gif
 
Thank you. I looked through the Oracle pdf and it's helpful. I am bit lost on how to start building this solution. The client does not want to get 3rd party s/w for this. They have given me a matrix which I need to map back to F95921 to check for any conflict, based on an entry screen custom application.
 
Thank you.. Ur response has been very helpful. I would have prefered that the clients use a third party solution Like allout or aporva however they want to give inhouse dev a go before resorting to 3rd party.
The desired solution is not a comprehensive SoD solution but a monitoring tool to check for conflicts. An entry screen linked to a Custom Table will take in the roles of a new/old user and the application should link back to F95921 to see if there are any conflicts and a ddescription which explains why there is a conflict. If you have some experience on this area and could shed some light on it, it would really ease the stress for me. This project is shortening my life.
 
Back
Top