Oracle Fusion 25C · Risk & Compliance · Segregation of Duties

Oracle Segregation of Duties 25C Release Intelligence

8 feature changes for Oracle Segregation of Duties in 25C (July 2025) — historical reference baseline covering process logic, accounting rules, integration payloads, security policies and reporting outputs. 5 High/Critical items require prioritised regression validation; 3 Medium items should be sampled.

Analyze Segregation of Duties Impact See Segregation of Duties in 25D →
5 High/Critical
3 Medium
0 Low
14 pages
9 APIs
25C Segregation of Duties Command Center
JUL 2025
Total Features
8
High Severity
5
Affected Pages
14
Affected APIs
9
High/Critical5
Medium3
Low0
RELEASE OVERVIEW

What Changed in Oracle Segregation of Duties 25C

Oracle Fusion 25C (July 2025) delivered 8 feature changes for Oracle Segregation of Duties — covering process logic, accounting rules, integration payloads, security policies and reporting outputs. 5 are High or Critical severity. Below: every individual change with affected components, recommended test cases and business impact.

8
Total Changes
5
High / Critical
14
Pages Affected
9
APIs Affected
FEATURE-BY-FEATURE BREAKDOWN

All 8 Segregation of Duties 25C Changes

Each card shows the change type, severity, affected pages and APIs, recommended test cases and business impact rationale.

Enhanced SoD Policy Conflict Detection

High
Type: Security / Compliance / Analytics Opt-in: Opt-in

Oracle improved segregation-of-duties conflict identification across ERP security roles and duty-role inheritance to better detect conflicting privileges during role provisioning and access certification cycles.

Affected pages
Security Console, Access Certification, Role Comparison Pages
Affected APIs
Security Console REST APIs, Role Management APIs
ESS jobs
Import User and Role Application Security Data, Retrieve Latest LDAP Changes
Configuration
SoD Policies, Role Templates, Security Profiles
Business processes
User Provisioning, Access Governance, Compliance Audit
Data objects
User Role Assignments, Duty Role Hierarchies, Security Grants
RECOMMENDED TEST CASES

Validate conflicting role assignment detection, simulate user provisioning conflicts, verify inherited duty-role analysis

WHY IT MATTERS

Helps organizations reduce audit findings and improve compliance with internal control frameworks such as SOX.

Redwood Security Administration Experience

Medium
Type: UI / Process Opt-in: Delivered Enabled

Oracle introduced Redwood UX enhancements for security administrators managing segregation-of-duties analysis, role assignments, and conflict remediation activities.

Affected pages
Security Console, User Management, Role Assignment Work Area
Affected APIs
Security Administration REST APIs
ESS jobs
Synchronize User and Role Data Process
Configuration
Redwood Security UI Settings
Business processes
Role Administration, User Access Review
Data objects
Security Metadata, User Role Mapping
RECOMMENDED TEST CASES

Validate Redwood role assignment screens, verify conflict indicators, test search and filtering

WHY IT MATTERS

Improves administrator productivity and simplifies access-governance activities.

Expanded Role Audit Reporting

High
Type: Reporting / Compliance Opt-in: Delivered Enabled

Enhanced audit reporting capabilities now provide additional visibility into role changes, privilege inheritance, and SoD violations for compliance teams.

Affected pages
Audit Reports, Security Console Audit Dashboard
Affected APIs
Audit Reporting APIs
ESS jobs
Generate Audit Reports, Security Diagnostic Reports
Configuration
Audit Policies, Reporting Configurations
Business processes
Security Auditing, Quarterly Compliance Review
Data objects
Audit Logs, Privilege Mapping Tables
RECOMMENDED TEST CASES

Verify audit report generation, validate role-change tracking, test privilege audit history

WHY IT MATTERS

Strengthens governance and supports regulatory compliance reporting requirements.

AI-Assisted Access Risk Recommendations

High
Type: AI / Security Opt-in: Opt-in

Oracle introduced AI-assisted recommendations to identify potentially risky combinations of roles and suggest remediation actions during provisioning workflows.

Affected pages
Security Console, User Provisioning Pages
Affected APIs
AI Recommendation Services APIs
ESS jobs
Access Analysis Processing Job
Configuration
AI Security Recommendation Settings
Business processes
Access Approval, Risk Mitigation
Data objects
User Access History, Role Risk Matrix
RECOMMENDED TEST CASES

Test AI-generated risk alerts, validate approval routing, confirm remediation recommendations

WHY IT MATTERS

Reduces manual effort in identifying risky access combinations and accelerates governance decisions.

Improved Role Comparison and Simulation

Medium
Type: Process / Security Opt-in: Opt-in

Administrators can now simulate role assignments and compare role privilege impacts before applying security changes in production.

Affected pages
Role Comparison, Security Simulation Pages
Affected APIs
Role Simulation APIs
ESS jobs
Evaluate User Permissions Process
Configuration
Role Simulation Configuration
Business processes
Security Change Management
Data objects
Role Comparison Data, Privilege Inheritance Tables
RECOMMENDED TEST CASES

Execute role simulation scenarios, compare privilege inheritance, validate approval workflow outcomes

WHY IT MATTERS

Minimizes security deployment risks and improves change management quality.

Enhanced Access Certification Workflow

High
Type: Workflow / Compliance Opt-in: Delivered Enabled

Oracle enhanced workflow routing and approval tracking for periodic user access certifications and SoD reviews.

Affected pages
Access Certification Work Area
Affected APIs
Workflow Notification APIs
ESS jobs
Access Certification ESS Jobs
Configuration
Approval Rules, Certification Schedules
Business processes
Quarterly User Access Review
Data objects
Access Certification Records, Approval History
RECOMMENDED TEST CASES

Validate certification routing, verify reminder notifications, confirm reviewer escalation logic

WHY IT MATTERS

Ensures timely compliance reviews and strengthens audit readiness.

Privilege Expansion Monitoring

High
Type: Security / Monitoring Opt-in: Delivered Enabled

New monitoring capabilities identify newly introduced privileges after quarterly updates and flag potential SoD conflicts automatically.

Affected pages
Security Console, Privilege Analysis Dashboard
Affected APIs
Privilege Management APIs
ESS jobs
Security Metadata Refresh Job
Configuration
Privilege Monitoring Policies
Business processes
Quarterly Patch Validation, Security Governance
Data objects
Privilege Catalog, Upgrade Security Metadata
RECOMMENDED TEST CASES

Validate new privilege detection after patching, verify conflict notifications, test remediation actions

WHY IT MATTERS

Critical for identifying hidden access risks introduced during quarterly Oracle updates.

Enhanced Role Provisioning Controls

Medium
Type: Security / Workflow Opt-in: Opt-in

Additional controls were added for delegated role provisioning approvals and conditional access assignment validation.

Affected pages
User Provisioning, Approval Notifications
Affected APIs
User Provisioning REST APIs
ESS jobs
User and Role Synchronization Jobs
Configuration
Delegated Administration Rules
Business processes
Employee Onboarding, Access Requests
Data objects
Delegated Administration Data, Provisioning Rules
RECOMMENDED TEST CASES

Test delegated provisioning approvals, verify conditional access restrictions, validate rejection workflows

WHY IT MATTERS

Improves governance over distributed security administration models.

AFFECTED COMPONENTS · DEDUPED

Components Touched by Segregation of Duties 25C

Unique pages, APIs, ESS jobs, configurations and business processes across all 8 25C changes.

Affected Pages

14
Access Certification Access Certification Work Area Approval Notifications Audit Reports Privilege Analysis Dashboard Role Assignment Work Area Role Comparison Role Comparison Pages Security Console Security Console Audit Dashboard Security Simulation Pages User Management User Provisioning User Provisioning Pages

Affected APIs

9
AI Recommendation Services APIs Audit Reporting APIs Privilege Management APIs Role Management APIs Role Simulation APIs Security Administration REST APIs Security Console REST APIs User Provisioning REST APIs Workflow Notification APIs

ESS Jobs

10
Access Analysis Processing Job Access Certification ESS Jobs Evaluate User Permissions Process Generate Audit Reports Import User and Role Application Security Data Retrieve Latest LDAP Changes Security Diagnostic Reports Security Metadata Refresh Job Synchronize User and Role Data Process User and Role Synchronization Jobs

Configuration Objects

12
AI Security Recommendation Settings Approval Rules Audit Policies Certification Schedules Delegated Administration Rules Privilege Monitoring Policies Redwood Security UI Settings Reporting Configurations Role Simulation Configuration Role Templates Security Profiles SoD Policies

Business Processes

15
Access Approval Access Governance Access Requests Compliance Audit Employee Onboarding Quarterly Compliance Review Quarterly Patch Validation Quarterly User Access Review Risk Mitigation Role Administration Security Auditing Security Change Management Security Governance User Access Review User Provisioning

Data Objects

17
Access Certification Records Approval History Audit Logs Delegated Administration Data Duty Role Hierarchies Privilege Catalog Privilege Inheritance Tables Privilege Mapping Tables Provisioning Rules Role Comparison Data Role Risk Matrix Security Grants Security Metadata Upgrade Security Metadata User Access History
+ 2 more
RELATED

More Oracle 25C & Release Intelligence

25C HUB

Back to Oracle 25C Release Hub

All 87 modules · 562 feature changes.

NEXT · 25D

Oracle 25D Release Hub

Oct 2025 — 493 changes, 89 modules.

26A · FEB 2026

Oracle 26A Release Hub

918 changes, 70 modules.

PLATFORM

Oracle Release Intelligence

Tenant-specific impact reports for every Oracle release.

CALENDAR

Oracle Release Calendar 2026

26A · 26B · 26C · 26D + CPU + CSPU schedule.

PRODUCT

Oracle Fusion Testing Tool

AI test automation for Oracle 26A/B/C/D + Redwood UI.

Oracle Segregation of Duties 25C FAQ

What changed in Oracle Segregation of Duties 25C?

Oracle Fusion Segregation of Duties 25C delivered 8 feature changes — 5 High/Critical severity, 3 Medium, 0 Low. Changes spanned UI updates, AI/automation enhancements, integration improvements and compliance updates.

How many High-severity items are in Segregation of Duties 25C?

5 items in Oracle Fusion Segregation of Duties 25C are classified as High or Critical severity.

What pages and APIs are affected?

Affected components include 14 unique pages, 9 APIs, 10 ESS jobs, and 12 configuration objects across the 8 feature changes.

When was 25C released?

Oracle Fusion 25C was Oracle's Q3 2025 quarterly update, released in July 2025. Segregation of Duties is one of the impacted modules.

How does SyntraFlow automate Segregation of Duties 25C regression?

SyntraFlow Release Intelligence maps each 25C Segregation of Duties feature against your live tenant configuration, identifies the ones that actually apply, and auto-composes a regression test pack covering only the relevant pages, APIs and business processes.

Segregation of Duties (SoD) Across Oracle Releases

Module Change History

Track how Oracle Segregation of Duties (SoD) evolved across the last 5 quarterly releases — same module, different release scope.

Jul 2025 · current
25C
Segregation of Duties (SoD)
You are here
Oct 2025
25D
Segregation of Duties (SoD)
Explore →
Feb 2026
26A
Segregation of Duties (SoD)
Explore →
May 2026
26B
Not impacted
Jul 2026
26C
Segregation of Duties (SoD)
Explore →
How SyntraFlow Tests Segregation of Duties (SoD) Natively

Built-in for Oracle, not bolted on

SyntraFlow runs Segregation of Duties (SoD) testing through purpose-built native modules — DataVault auto-generates test data, AI heals Redwood selectors, Process Mining maps real flows, Release Intelligence narrows scope per Oracle release.

BUILT FOR THIS MODULE

SoD Testing

Pre-built SoD ruleset, violation detection and certification.

BUILT FOR THIS MODULE

Role-Based Testing

Tests role design and entitlement assignment.

NATIVE PLATFORM

Oracle Fusion Testing Tool

AI test automation built for every Oracle Fusion module — Redwood UI, AI agents, quarterly patches.

NATIVE PLATFORM

SyntraFlow DataVault

Auto-generates valid Oracle test data — supplier hierarchies, employee assignments, GL combinations.

NATIVE PLATFORM

Config Discovery

Scans your live tenant and maps every configuration, role, security policy and customisation.

NATIVE PLATFORM

AI-Powered Oracle Testing

Self-healing Redwood selectors, AI agent validation, generative test data.

NATIVE PLATFORM

Release Intelligence Platform

Tenant-specific impact reports for every Oracle quarterly release, CPU and CSPU.

More on Segregation of Duties (SoD) & Oracle Testing

From the Blog

FROM THE BLOG

CVE-2026-21992: Oracle IAM Emergency Patch

FROM THE BLOG

Oracle January 2026 CPU Patching Guide

FROM THE BLOG

What Is Regression Testing?

FROM THE BLOG

UAT Testing for Oracle Fusion Cloud

FROM THE BLOG

Oracle Fusion Patch Testing Checklist

Validate Oracle Segregation of Duties 25C Against Your Tenant

SyntraFlow Release Intelligence maps every 25C advisory against your live Segregation of Duties configuration and auto-composes a regression test pack with SOX / GDPR audit evidence. Used by US, UK and EU enterprise Oracle teams.

Request Assessment Analyze Segregation of Duties 25C Impact