Proactive security strategies for Oracle Fusion Cloud Applications: Part 2

March 5, 2024 | 3 minute read
Miranda Jimenez
Product Marketing Manager
Steve Enevold
Outbound Product Manager, Oracle SaaS Cloud Security
Text Size 100%:

In Part 1 of our blog series on proactive security strategies for Oracle Fusion Cloud applications, we explored essential security features, network options, and provided an overview of Oracle Fusion SaaS services. Now, let’s dive deeper into the security of Fusion enterprise resource planning (ERP), Fusion human capital management (HCM), and the role of Oracle Risk Management Cloud. 

Tightening controls in Fusion ERP

Each module within Fusion ERP comes with its security and access management capabilities:

  • General ledger security: Here, functions and data are shielded through job roles, data access sets, and segment value security rules. This layered defense strategy helps ensure that access to sensitive financial data is appropriately controlled.
  • Payables security: The payables module increases security by restricting access to invoices and payments based on business units, so that only authorized personnel can view or process financial transactions.
  • Safeguarding subledger accounting: Oracle Fusion provides security of subledger accounting by granting specific functional and data privileges. Users with these privileges can set accounting rules and manage subledger journal entries, which strengthens the reliability of financial reports.

ERP: Strengthening Fusion applications with Oracle Risk Management Cloud

In the quest to safeguard Fusion applications, Oracle Risk Management Cloud stands as a vigilant guard. This module is a cornerstone of Oracle Fusion Cloud ERP, designed to navigate the complexities of risk and compliance, such as segregation of duties (SOD), Sarbanes-Oxley Act (SOX), General Data Protection Regulation (GDPR), and more. It automates the oversight of ERP security and transactions using AI to detect and prevent fraud and inappropriate access rules, enhancing the security of your financial data.
The module enables quick deployment of best practice controls and continuous risk monitoring, making it a vital tool for any organization focused on securing their Oracle Fusion applications in a way that addresses regulatory compliance and expectations of auditors.

HCM: Fortifying human capital management with Fusion HCM Security

In the realm of Fusion applications, Fusion HCM stands out for its meticulous security measures. During the setup phase, a dedicated TechAdmin with an IT Security Manager role lays the groundwork for a secure system. They implement robust password policies that dictate complexity and expiration, forming the first line of defense against unauthorized access. Location-based access control adds another layer of protection, granting access only from registered IP addresses, so that users operate within a secure and controlled environment.

Security profiles in Fusion HCM act as gatekeepers, defining who can see and do what within the system. These profiles are predefined for various HCM objects, such as personnel and payroll, and are noneditable to maintain integrity. Data roles are also assigned to help ensure HR specialists access only the data that’s relevant to their specific business units. To maintain system performance and security, we recommend minimizing the number of data roles and profiles to those necessary, closely aligning them with user responsibilities.

Auditing features in Fusion HCM offer comprehensive monitoring, automatically tracking every user action for accountability and security. These functional audit logs can also be integrated with the customers’ SIEM systems through REST APIs for advanced monitoring.


Oracle Fusion SaaS Security provides you with the ability to configure and manage security to help meet company, regulatory, and policy requirements using fine-grained controls, entitlements, and configurations. Functional auditing capabilities provide the necessary views and alerts to monitor for suspicious behavior and unethical actions. With these tools and practices, your Oracle Fusion Cloud Applications aren’t just operational. They’re secured fortresses in the cloud. 

For a deeper dive into securing your Fusion applications, we invite you review the following resources:
•    Proactive security strategies for Oracle Fusion Cloud applications: Part 1
•    General ledger security
•    Payables security
•    Procurement agent security
•    Oracle Risk Management Cloud
•    Three steps to help automate Fusion SaaS security and auditing with Fusion Risk Management
•    Fusion HCM







Miranda Jimenez

Product Marketing Manager

Miranda Jimenez is a member of the Product Management team at Oracle SaaS Cloud Security where she focuses on the development of messaging strategy, content creation, product launches and other security marketing initiatives. 

Miranda is a technology enthusiast, which is why she has been attracted to pursue technology projects in her professional life in an effort to contribute to its democratization. 

Steve Enevold

Outbound Product Manager, Oracle SaaS Cloud Security

Steve Enevold is a member of the Product Management team at Oracle SaaS Cloud Security, where he focuses on delivering security awareness and technical details on Oracle SaaS Cloud Security services, practices, and controls.

Previous Post

The Oracle Cloud Infrastructure backbone

Jody Davis | 4 min read

Next Post

Enhance security with new Oracle Linux 8 STIG image in Oracle Cloud Marketplace

Julie Wong | 2 min read