Step 1: Create a security profile
Responsibility: Global HRMS Manager
Navigation: Security > Profile
By default Oracle provides a security profile named, Setup Business Group.
Note: Setup Business Group is also a business group given by Oracle to allow us to install business groups. This is because business groups are created in HRMS responsibilities and a HRMS responsibility cannot exist without being assigned to a business group. Therefore the default HR responsibility, Global HRMS Manager, is assigned a business group, Setup Business Group, and the same security profile until it is changed.
We shall create security profile as shown below
Save and close the form
Step 2: Assign the security profile to the responsibility
Responsibility: System Administrator
Navigation: Profile > System
Query for profile options,
HR: Security Profile
HR:User Type – This profile option is optional
HR:Business Group – Business group of the responsibility
Important:
- The business groups in the profile option, HR:Business Group, and the Security Profile should match else we shall get the following error.
- When Standard HRMS Security is used you will get the following error when trying to access the Assign Security Profiles form from the menu.
Important notes from Oracle:
Restricting Access to Records
You set up a security profile by identifying records of employees, applicants, contingent workers, and candidates in the system which you want users to be able to access. You identify the records by selecting work structures or other criteria in the application to which employees, applicants, contingent workers, or candidates are attached. For example, you could give users access only to the records of employees, applicants, contingent workers, or candidates in a single organization.
You can also create restrictions on records with a person type of “Other“. This includes contacts for employees or applicants, and any other people with a person type in the category of “Other“. You do this using the “View Contacts” option.
You can combine different types of restriction to create a set of rules giving exactly the security access permissions you require.
When you create a business group a view-all security profile is automatically created. This has the same name as the business group. The security profile provides access to all employee, contingent worker, and
applicant records in the business group. The system administrator links this view-all profile to users who are setting up the system. They in turn can set up security for other users.
applicant records in the business group. The system administrator links this view-all profile to users who are setting up the system. They in turn can set up security for other users.
The criteria you can use to identify records are:
- Internal organizations and organization hierarchies
- Positions and position hierarchies
- Payrolls
- Supervisors and supervisor hierarchies
- Custom restrictions
- Assignments
0 comments