It sounds too easy, what else is involved?

We believe it should be easy.  Installation, testing, and deployment are straightforward.  We have a document about the typical deployment project to which you may refer.

There are parts of the implementation project that will depend on the customer:

  1. Selection of which tables to audit.  Our SOX Pack of 90 seeded audits for EBS makes this task easy.  You simply select which of the 90 make sense for your environment, and review other tables you may additionally want to audit.  Estimate less than one hour to develop, test, and deploy an audit configuration.
  2. Our 1200 seeded conflicts simplify the task of selecting which function pairs cause an SOD conflict.   For any additional conflicts assume it takes a minute or so to add a new pair.
  3. Deciding who should be on any user watch lists, and whether a list should be a white list or black list.
  4. When you first report SOD conflicts, there may be a large number.  There are different remediation actions
    depending on your interpretation of the conflict and whether it is an Intra- or Inter-Responsibility conflict.