Last week IT Convergence held its most recent OAUG Vender Product Awarness session and like several others before it, this one dealt with Oracle Financials. We are happy to provide a transcript of the Q&A section of “Ensuring Security in Oracle R12 Financials” here:
Is Role-Based-Access Control available in 11.5.10?
- Yes, RBAC is available in 11.5.10 with less seeded permissions provided by Oracle.
Our IT Dept controls set-ups etc… Is there a way to create an Admin Responsibility that will allow, let’s say for example, the Finance team to modify security on the users it currently manages but not be able to do something like add a new user? We’re trying to understand how we can have control and still have IT feel they are in control as well . Is this type of dual-control scenario possible or is it all or nothing?
- Yes, you can create a “delegate” administrator responsibility to handle Finance’s security requirements. For regions in a form you can use Form Personalization’s to restrict security.
Is Oracle User Management available in 11.5.10?
- Yes, Oracle User Management is available in 11.5.10, although Oracle provides fewer seeded permissions than it does in Release 12.
Within a GL Ledger Set, which C’s can we share? Is it only Chart of Accounts and Calendar or are there others we can share?
- Yes, you may only share the COA and the Calendar in Oracle General Ledger.
What is the reason that many of the users do not use User Management in 11.5.10?Is this because of ignorance or is it because User Management was not that effective in 11.5.10?
- Using Oracle User Management is a project on its own. You need to perform a detailed and extensive security analysis to adapt to Oracle User Management. Currently, most Oracle customers have configured Responsibilities and it meets their security needs, so for those users there is no compelling need to use Oracle User Management.
We are using a single Ledger set which has Ledgers in multiple currencies can we do period end processing ?
- Yes, a ledger set allows you to assign ledgers with different currencies, the requirements are ledgers in a ledger set must share the same COA and Calendar. Using a ledger set, you can perform period end processing. How is the Management segment different from, security rules in Oracle General Ledger?) Security rules (configured at the value set level) can be used across the E-Business Suite whereas the Management segment is only for GL where you can also specify whether you permit “Read Only” or “Read and Write” privilege for a ledger or ledger set against the management segment values.
Do we have to use Definition Access Set and Data Access Set together?
- No, because Definition Access Sets are independent of Data Access Sets, you can secure access to definitions independently of the data access.
With respect to security in Oracle R12, what is the difference between a role and a responsibility?
- Responsibilities can now be considered as a special type of role that represents the set of navigation menus contained within an application. Therefore, responsibilities loosely represent an application itself, whereas roles can be used to determine what parts of that application (and data therein) a user has access.
In the event you missed the presentation, you can download the Power Point by visiting our Oracle R12 Resources Page. You can also register to attend our October 4th Webcast on Oracle R12 Subledger Accounting.
If you need more detailed education on Oracle R12, you can attend one of the Oracle Applications Workshops that IT Convergence is sponsoring with the Oracle Applications Users group.
New Features in Oracle Financials R12 will be held in San Francisco, New York, Atlanta, Madison, and Anaheim. Preparing for an Oracle R12 Upgrade will be held in San Francisco, New York, Atlanta, Madison, Anaheim, Dallas, Denver, Miami, Houston, and Orlando.