Wednesday 25 January 2017

HCM Cloud Release 12

HCM Cloud Release 12

We've been waiting for this release for some time now.   At least the documentation is now available and we can see what's new and what's changing.   I've held off writing this post until we had our pod upgraded, but in the interests of sharing information to the wider HCM Cloud Community, I've decided to make some comments now before we've got our hands on it.  Consequently, I won't be sharing any screenshots.   However, example screens can be seen on the various Oracle Cloud information portals.   I particularly recommend Customer Connect  and the Cloud Readiness pages.

One big area of impact is around security.   There are many enhancements to the security console.  More of this later.

Many other changes tidy up some of the HCM processes.

I'm not going to cover all changes, but here are a few of the more interesting ones:

New Hire Process

It will now be possible to add multiple managers and manage subordinates during the hire process.   Up to now, the hire was one process and then a second process was needed to update the new hire via the Person Management workarea.

Duplicate Person Check

This has now been made more configurable.   For example, you can now configure the rules which determine which set of data is checked to determine for duplication.  Before R12, you could only switch the standard duplicate check on or off.

Manager Changing Hours

In R12, when a manager uses the change hours process, they can optionally also change the salary.   This is useful because the salary is often impacted by changing hours.  Now it doesn't need to be 2 transactions or handed off to HR.

Applications Security

Now this is where I think the biggest changes are going to occur.

We've had the Security Console for several releases now.   Up to this point, it's bee useful for visualising the role structures and hierarchy and for (limited) creation and copying of roles.

From R12, it's going to include many new features.

Reference Role Model

It's always been good practice to use the 'out of the box' roles as a reference and if you needed to tailor them to your own requirements, for example removing or adding some seeded duty roles to a job role then you should make a custom copy.  However, this wasn't enforced because the seeded reference roles were not protected.

In R12, the seeded roles are locked down and cannot be edited.   This will force implementors to make custom roles and therefore avoid any potential conflicts if Oracle ever change the seeded roles.   It also allows the seeded roles to be used as a reference against your 'custom' changes.

N.B.   There are some pre-upgrade checks you will need to do to prepare for this!

User Account Maintenance

This is now going to be part of the Security Console.  So, administrators can use the Security Console to manage users rather than navigate to OIM.

Userid and Password Policies

Because the users can now be managed via the Security Console, the policies for their formats and validation is also being made available for configuration.  Previously, this would require a request to Cloud Services.   The policies look as if they will be somewhat limited in choice and it remains to be seen what will happen if a customer says "I want this format which is  not available - how do I enforce it?".

If you had previously submitted an SR to request a 'custom' policy, you should review whether this policy is still valid.   There is a document on MoS (My Oracle Support) to help (Doc Id 2023523.1) 

Role Visualisation

Staying with the Security Console enhancements, the visualisation of roles will be simplified.   I have yet to see how this works, but I welcome any simplification.   The idea of visualising roles was great, but as soon as you start having roles with dozens of subordinate roles the whole visualisation loses its appeal and looks very messy.

you will also be able to search for roles within a hierarchy to quickly locate where they are.  Very useful in a complex structure.

You will also be able to define custom notification templates for messages assocaited with user management.   I'm not sure yet if this extends to other notifications.

Active Directory

Integration between AD and OIM is often a requirement we see in implementation projects.  In R12 there will be a built in synchronization job, controlled via the Security Console.

New Security Profiles

Previously, you could use an Area of Responsibility (AOR) in a person security profile by including custom SQL code.   From R12, this is simplified and there is a new security profile type for AOR.   However, be careful with it as it may conflict with other person related security rules such as 'show me people with surnames beginning A-K'.

One neat feature which stood out to me is the ability to see the impact of the security profile you have just configured.   You will be able to see how many people (and who they are) who will be returned by the security profile.

You will also be able to include areas of responsibility in the Role Provisioning Rules configuration.

HCM Spreadsheet Loaders

By popular demand, spreadsheet loaders are back!   But, they are implemented as add-ons to Excel.  They will have somre 'configurability'.  At the time of writing, I've not had enough time to investigate this fully, so maybe another post soon with some more details is in order.


Conclusion

All said, this looks like a release full of useful enhancements.  But, when will it hit the streets??