A role is a construct that defines the authorizations granted to users and groups to use a feature of an EPM System application. It is different from an access control list, which generally specifies access permissions for a specific resource or object of the application.
Access to EPM System application resources is restricted; users can access them only after a role that provides access is assigned to the user or to the group to which the user belongs. Access restrictions based on roles enable administrators to control and manage application access. See EPM System Roles.