Siebel Security Guide > Configuring Access Control > Access Control Mechanisms >

About Suborganization Access Control

Suborganization access control, based on hierarchical organizations, is analogous to manager access control, which is based on hierarchical positions.

For any organization in the organizational hierarchy, you can grant access to data associated with subordinate organizations. This access control mechanism is designed to provide rollup views of data.

For example, a director of a continental sales organization can see the data rolled up from subordinate regional sales organizations. A vice-president in the corporate sales organization can then see rollups of the continental sales organizations and the regional sales organizations.

Subordinate relationships are determined from the organizational hierarchy, as an administrator can view by navigating to the Administration - Group screen, and then the Organizations view.

The organizational hierarchy is included as seed data when you install Siebel Business Applications. Within the organizational hierarchy, you can create branches for both internal and partner organizational structures.

You can specify one parent organization for an organization.

In a view using suborganization access control, the user has access to the following data:

• If the business component on which the view is based uses single-organization access control, the user sees data associated directly with the user's active organization or with a descendant organization.
• If the business component on which the view is based uses multiple-organization access control, then the user sees data for which the user's active organization or a descendant organization is the primary organization.

The titles of default views applying suborganization access control are structured as All business component name across My Organizations, such as All Opportunities across My Organizations.

There are no business component view modes specific to suborganization access control. Suborganization access control is set at the view level. It requires that the business component on which the view is based has a view mode with owner type Organization.

For information about business component view modes, see Business Component View Modes. For information about implementing access control in a view, see Listing View Access Control Properties.