Transparency and fairness must prevail for electronic records and signatures to be considered valid which is where CFR Part 11 of the Code of Federal Regulations finds its relevance. While it gives companies the guidelines to do this successfully and succinctly, Oracle EnterpriseOne gives companies the platform and controls to implement it in just 15 steps. To learn more about 11CFR 21 please check out our blog article.
With that said, ERP systems have had to build this functionality into their software products to stay competivite. Oracle’s “JD Edwards Enterprise One: Governance, Risk, and Compliance” solution document lists the modalities of building an effective control system.
- Systems-Based Internal Controls
- Automated Processes
- Consistent Documentation
- Ongoing Control & Monitoring
How to get effective Government, Risk and Compliance in Oracle E1
Oracle has provided businesses with tools to manage their auditing and electronic signatures. It takes us 15 steps to get a company CFR11 compliant if they are on the latest release.
Required Steps to Configure Table Auditing (Overview)
- Configure the database for JDE Table Auditing
- Create a Non-Julian System Data Source for the Clients/Servers
- Generate Specific Audit Related Tables
- Setup the OCM mappings required for the clients
- Setup the OCM mappings required for the servers
- Populate the F986112 Table with the trigger templates
- Enable Auditing for the Path Code
- Configure the needed tables for auditing
- Check-in the specifications for the needed tables for auditing
- Transfer the “A” tables from the default project to another project
- Promote the Project with The “A” table to status 26 or higher
- Copy the needed table(s) audit configurations to the J Environment
- Enable Auditing on the needed tables for auditing
- Test needed tables for auditing on the Web Client
- Build and Deploy an Update client/server package with the “A” tables from needed tables being audited
While the implementation is relatively easy, the behind the scenes is very complex and database intensive. There are some items that require planning. For example, turning on GRC will dramatically increase your database usage. Oracle recommends using the following formula to size your database post GRC activation.
“Database size increase per audited table = audit table record size x2 (before and after image) x number of transactions.”
Whoa, that will be a massive increase. It’s time to call the SAN vendor. Is this justifiable? Yeah, it sure is, because E1’s auditing functionality is largely based on table triggers passing before and after data, time and date of the transaction and the name of the user who made the change.
A few general rules must be understood:
- For every record being audited, a record is added to the auditing table.
- For every record changed, 2 records are added. One is to capture the data before and one for after the record was changed.
In addition, E1 will allow you to require an electronic signature approval when a user tries to alter the data in an application. The functionality can also be setup to require a signature before allowing a report to be submitted to the job queue.
There are 3 applications which help to control this functionality.
- P9500001 – Configuration Application
- P9500002 – Reasons Codes Application
- P9500005 – View Audit/Signature Information Application
And, there are 3 reports which produce a printable report of the audit and signature information.
- R9500004 – Print Signature and Audit Information
- R9500005 – Print Audit Information
- R9500006 – Print Signature information
Schedule Ad Hoc
The schedule of this task greatly depends upon your timetable. Contact us to check our availability.
Estimated Time 30 Hours
We’ve implemented this recently for a multi billion dollar company. Including planning, meeting & training sessions, it took us 30 hours.
Estimated Cost $2,310