The Oracle Fusion Cloud 25D release brings targeted enhancements to Risk Management and
Compliance, emphasizing automation, deeper integration with Oracle Cloud ERP, and
streamlined compliance workflows. These updates build on the module’s core strengths in
separation of duties (SoD) monitoring, access certifications, and transaction controls,
introducing AI-assisted insights and expanded reporting to help organizations proactively
manage risks in dynamic environments. The focus is on reducing manual efforts in audit
preparation and enhancing real-time violation detection, particularly for financial and
operational data.
Key Enhancements
Enhanced Permission Groups for Security and Access Controls
Building on the 24C introduction of permission groups, 25D updates predefined job roles to
fully leverage this new security technology. This ensures granular access to Risk Management
features like model configuration and control testing without over-provisioning. Custom roles
derived from these predefined ones must be reviewed and updated to avoid access gaps.
New in 25D: Automated role synchronization during quarterly updates, reducing setup time by
up to 40% for multi-tenant environments.
Benefit: Improves compliance with standards like SOX and GDPR by enforcing least-privilege
principles more dynamically.
AI-Powered Continuous Monitoring and Anomaly Detection
Risk Management now integrates embedded AI agents for real-time analysis of user access,
transaction patterns, and configuration changes. This expands on prior releases by
incorporating predictive risk scoring, flagging potential SoD violations or sensitive data
exposures before they escalate.
New in 25D: “Smart Alert” workflows that auto-prioritize incidents based on impact (e.g., high-
risk financial transactions) and suggest remediation steps, such as role revocations or control
adjustments. Supports integration with Oracle Analytics for visualized risk heatmaps.
Benefit: Reduces false positives in monitoring by 25%, enabling faster response times and
fewer audit findings in industries like finance and manufacturing.
Streamlined Incident and Audit Management
Updates to the incident management system include a redesigned Redwood-themed interface
for mobile-friendly audit planning and execution. Users can now automate control testing
schedules and generate certification worksheets with embedded AI recommendations for
certifiers.
New in 25D: Bulk incident resolution tools with workflow approvals via Oracle HCM
communication channels (e.g., integrated WhatsApp notifications from HCM Core). Enhanced
OTBI reporting with pre-built dashboards for “Top Risks by Business Unit” or “Compliance Trend
Analysis.”
Benefit: Cuts audit cycle times by 30% through automation, making it easier to document and
track resolutions for regulatory requirements like the EU Working Time Directive or PCI-DSS.
Expanded Data Migration and Integration Capabilities
The Data Migration Utility now supports XML exports for risk-control matrices directly from
Financial Reporting Compliance, with improved handling of multilingual text for global teams.
New in 25D: Non-default data source connections (e.g., to external ERP systems) for hybrid
environments, plus audit trail enhancements using the Oracle Cloud audit framework to log all
changes to risk records.
Benefit: Facilitates seamless migrations during pod refreshes and ensures audit-ready
traceability, minimizing data silos in multi-cloud setups.
Benefits and Implications
These 25D updates make Risk Management more proactive and integrated, driving cost savings
through automation (e.g., fewer manual audits) and boosting resilience against emerging
threats like insider risks or supply chain disruptions. Organizations in regulated sectors—such as
banking, healthcare, and retail—stand to gain the most, with improved audit readiness and
reduced compliance overhead.
EnchantApps Oracle Cloud experts can help you with your 25D Upgrade and testing. We are here to ensure that Oracle Cloud quarterly updates do not impact your business processes. Contact us for more details.