Access Management Insight

The Access Management Insight streamlines the security change management (User provisioning, User de-provisioning and Role change management) to prevent control and compliance issues.

Accounting Entity

Accounting entities are company codes as defined in an ERP.

Active Reviews

Reviews assigned to the signed-in user for taking appropriate action.

Application

The ERP application being monitored.

Application Instance

Application Instance represents the virtual data streamed from the Data Lake, for an Application that is being monitored. Application Instances are connections between the Infor GRC application and the Data lake. An Application Instance fetches the real time data from an ERP application to the Infor GRC application. This data is analyzed against the pre-defined rule conditions

Approval process

An Infor GRC process that ensures a provision is verified and approved by a defined set of authorized users, before any change is implemented in the ERP application.

Approval Process Templates

An Approval Process Template(APT) consolidates the stages and the approval process conditions to define an approval process. The APT helps us automate the process of User Provisioning.

Authorizations Insight

The Authorizations Insight classifies the security data.

Baseline Rule

Baseline rule compares the recent extracted data with a previously captured snapshot for identifying modifications in data.

Bulk Exclusion

The process of excluding the same set of violating objects from all the rules in a rule book or across multiple rule books.

Certification Manager Insight

Certification Manager automates the end-to-end process of reviewing users and roles across ERP systems. Certification Manager gathers data for each review from enterprise applications, routes the information to the appropriate reviewers, tracks actions taken, facilitates sign-off and maintains a complete record for auditors.

Commit

Reviews are committed after a stage reviewer approves or denies a process. The review process is forwarded to the next stage reviewer.

Compensating controls

Compensating controls are documents that contain the business justification, the processes or agreements that are used for mitigating rule violations.

Conditions

Conditions are a definition of a business process or a business activity.The conditions are the part of a rule. Data extracted from an ERP application are analyzed based on the rule conditions. Violations are generated when the analyses results comply with the rule conditions.

Conflict rule

A conflict rule identifies the users or the roles that have access to the conflicting activities in business transactions.

Control Mapping

The Controls Mapping functionality maps and filters business controls. This functionality can be used to filter data for one or more accounting entities when scheduling an analysis.

Control Type

Control type describes the type of controls used to create a rule. The Security control is used for creating Authorization Insight rules and the Transaction Monitoring control is used for monitoring Process Insight rules.

Custom role

The roles that are customized based on the user requirement. Permissions are added to the custom roles based on the requirement. Custom Roles are provided the page level access. The data displayed is controlled with Ownership privileges .

Data sources

Data source is a virtual entity that points to applications instances that helps users monitor one or more applications.

Duplicate rule

A duplicate rule identifies the duplicate records of an object by comparing one or more attributes of the object and the related objects.

Exclusion

The process of excluding the violating objects from a rule for a specified amount of time.

Favorites

The Favorites section on the Conditions tab of the Rule page displays the permissions or the roles added as favorites by the logged-on user.

To add the permissions or roles to the Favorites section, select the permission or the role and click . You can also drag and drop the permissions or roles from the Recent section to the Favorites section.

Functional areas

Functional Area helps to define a custom Approver for an Approval Process. The approval process is dynamically resolved for an User Provision approval process. The FA definition can be hierarchical. The leaf node of the hierarchy contains the Approvers for a process.

GDPR

General Data Protection Regulation (GDPR) is a regulation in the European Union(EU) law, on the data protection and privacy for all individual citizens of the European Union (EU) and the European Economic Area (EEA). The GDPR regulation also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

GDPR object anonymization

The Data Anonymization task anonymizes a user and all the information related to the user. This functionality helps to secure the user data.

GDPR Stop Monitoring

This functionality stops monitoring all the activities of a user by excluding the user from the application.

Infor GRC roles

Infor GRC roles have permissions that allow or deny a user to execute tasks in the Infor GRC application. Based on the roles assigned, you can review information in the application and perform action on the required pages. Permissions are predefined in the standard Infor GRC roles but can be configured in the custom roles.

Insights

Insights include the definition to classify the data to be monitored in an ERP application.

Job Position

Job positions are defined when an employee is hired and an account is created in the application. The job positions are place holders that can be used when creating users and assigning roles.

Limit Rule

Limit rule identifies whether certain roles or permissions are assigned to users.

Math rule

A math rule specifies the calculations to be performed for a defined object and fetch the data from the Datasource accordingly.

The calculations such as sum of, maximum of, Date difference between two date fields, variance of can be performed.

Mitigation

The Infor GRC functionality that enables you to act on the violations by excluding the violating object or by implementing the changes manually in the ERP application.

Notifications

The functionality of notifying the users by emails when events occur in the Infor GRC.

Objects

The Infor GRC business objects used in creating the rule conditions and monitoring certification processes. Possible values:
  • Permission
  • Roles
  • Users

Personal Data Protection

The Personal Data Protection functionality enables users, with the DPO (Data Protection Officer) role, to collect personal data pertaining to any specific object from all possible areas in the IRC application. The users assigned the DPO role can also use this functionality to anonymize objects based on the request received.

Preferences

The first page that is displayed when you first sign in. You can configure the various settings to personalize and customize your Infor GRC experience.

Primary violating objects

The objects based on which the Business Controls are defined are called the primary objects.

When violations are generated corresponding to the primary objects, the objects are termed as primary violating objects.

Process Insight for Infor

Process Insight enables business users to monitor the business transactions to identify any accounting errors or any fraudulent transactions such as duplicate suppliers, process supplier invoice without purchase order reference, duplicate payments to same suppliers, journal entries posted on weekends, modification in credit limits of customers.

Provisions

A Provision is a request raised for the User Provisioning. A provision can include a user creation or modifying the access for a user. A provision can be initiated only by an authorized Infor GRC user.

Recent

The Recent section on the Conditions tab of the Rule page, displays the permissions or the roles used most recently by the users for creating the rule condition.

To add the permissions or roles to the rule condition, you can drag and drop the permissions and roles from the Recent section.

Remediation

The action taken by a business owner to address a violation generated by Infor GRC.

Reports

Infor GRC reports are the formatted and the organized presentation of the data monitored and managed by the Infor GRC application.

Rule Books

Rule books are a collection or group of rules.

Rules

Rules include one or more conditions to identify risks in a business process. Data extracted from the ERP tables are analyzed against the rules.

Secondary violating objects

The objects based on which the Business Controls are defined are called the primary objects. For Process Insights, the primary objects control the next level of objects in the hierarchy. The hierarchical objects are called the secondary objects. When violations are generated corresponding to the secondary objects, the objects are termed as secondary violating objects.

Sensitive rule

A sensitive rule identifies the users or the roles that have access to the sensitive activities in business transactions.

Simple rule

A simple rule specifies the criteria to filter and fetch data from the Datasource accordingly.

Stage

A Stage is a component of the Approval Process. You can create a stage to define a set of Approvers for a specific stage, along with other approval conditions.

Task

A task is an execution of a process in the Infor GRC application.

User Activity Insight

The User Activity Insight monitors the transactions performed by a user.

Users

Users are an entity in the Infor GRC application. The Users can be directly created in IFS with their Role Assignments or they can also be created using Infor GRC.

Violation

Violations are risks related to a business process. Violations are generated when data from an ERP application is analyzed based on the predefined conditions in a rule.

What-if analysis

The What-if functionality determines the impact of any modifications in the ERP application, before modifying the data in the application. The What-If functionality is supported by the Authorizations Insight only.