Understanding Recruiting Security

This overview discusses:

Recruiting privileges granted through recruiting role types.
Job opening security.
Applicant security.

Recruiting Role Types enable you to group standard PeopleTools roles to control certain recruiting privileges. The Recruiter, Hiring Manager, and Recruitment Administrator recruiting role types each have specific privileges. Oracle delivers four additional predefined recruiting role types that do not convey any privileges other than the ability to clone job openings—a privilege that is given to users who have any recruiting role type.

See Assigning PeopleTools Roles to Recruiting Role Types.

Cloning Privileges

Users who are associated with any recruiting role type have access to the clone job opening function on the Job Opening page.

Hiring Team Association Privileges

The ability to add users to a job opening’s hiring team is limited based on whether the users are associated with certain recruiting role types.

The following table lists the five types of hiring team members and describes any associated recruiting role type requirements:

Hiring Team Group	Who Can Be Added to the Group
Recruiter	Only users who are associated with the Recruiter recruiting role type.
Hiring Manager	Only users who are associated with the Hiring Manager recruiting role type.
Interviewer Interested Party Screening Team	Association with a recruiting role type is not required for users to be added to the hiring team in these capacities. For example, any user can be added as an interviewer, even if that user is not associated with a recruiting role type.

Hiring Team Group

Who Can Be Added to the Group

Recruiter

Only users who are associated with the Recruiter recruiting role type.

Hiring Manager

Only users who are associated with the Hiring Manager recruiting role type.

Interviewer

Interested Party

Screening Team

Association with a recruiting role type is not required for users to be added to the hiring team in these capacities.

For example, any user can be added as an interviewer, even if that user is not associated with a recruiting role type.

Administrator Privileges

Users who are associated with the Recruitment Administrator recruiting role type are called recruiting administrators.

Recruiting administrators are the only users who can:

Access eligibility & identity information for applicants.
Change the status of draft applicants.
Access a comprehensive list of person profiles when creating a job opening.
Other users can only access their own profile or the profiles of their direct reports.
Change the recruitment template on a job opening.
Edit job opening details when the job opening status is Hold, Cancelled, or Closed.
Override the status of a job opening.
Non-administrators can close, cancel, or place job openings on hold by performing certain actions that are available on the Search Job Openings page, but they cannot directly edit the status field in the job opening.
Approve transactions that are waiting for approval from another user.
For example, administrators approve a job opening by directly editing the job opening status or by overriding the job opening’s approval status.
(AUS) Invoke the Create Salary Package Model and Copy Salary Package actions for applicants.

Recruiting administrators can access all recruiting actions, and they have standard access to other recruiting data. For example, they can:

Access all recruiting actions even if your flexible processing configuration limits which actions other users can perform.
Access all applicants.
Access job openings that they create, where they are on the hiring team, and where they have access to the job opening department by virtue of the department security tree.
Access all public applicant notes regardless of job opening or applicant security.
They cannot access private notes created by other users.

The following people have access to job openings:

The job opening creator and hiring team.
The hiring team consists of the people who are individually identified in the job opening as recruiters, hiring managers, interviewers, interested parties, or screening team members.
Approvers and their proxies, if job opening approvals are active.

An additional type of access to job openings depends on the type of applicant security you use. Standard and enhanced applicant security are described in more detail below, but in short:

Under standard applicant security, users can also access job openings if they have access to the job opening’s department through the department security tree.
Under enhanced applicant security, users cannot access job openings based on the department security tree. Users must have a direct association with a job opening (as creator, hiring team member, or approver) to access a job opening.

Setting Up Job Opening Access for Recruiting Team Members

Members of a job opening’s hiring team gain access to job openings through a permission list that is explicitly configured to provide this access. To configure this permission list:

Create or identify a permission list that you will use for this purpose.
Access that permission list in the Security by Permission List Page (Set Up HCM > Security > Core Row Level Security > Security by Permission List
In the Security Set field, select RSOPN.
In the Security Type grid, add a row for the security access type 031 (Recruiting Team).
The system displays EmplID for the Key 1 field. Leave this field empty. This security access type has fixed key values so you do not need to specify any EmplID values.
To associate the permission list with individual users, assign the permission list to one or more roles, and assign the roles to those users who need recruiting team access.

Access to applicant data depends on whether the user has standard applicant security or enhanced applicant security.

Standard Applicant Security

With Standard applicant security, the only restrictions on applicant data are based on which pages the user can access.

For example, users with access to the Search Applicants page can see all applicants. Users can select the “Search My Applicants” check box to filter the search results to include only applicants who are associated with the user’s own job openings. However, this is just an optional filter, as the user can simply deselect the check box to search for other applicants.

A user who does not have access to the Search Applicant page could still have access to the Manage Applicant page. The user can therefore access the applicant data using links on pages such as the Recruiting Home or the Manage Job Opening page. The user can therefore view only applicants who are associated with job openings to which the user has access. However, the Manage Applicant page shows all of the applicant’s jobs. The user therefore can see if the applicant has applied for jobs to which the user does not have access.

Enhanced Applicant Security

Enhanced applicant security is configured for recruiting role types—it is not a system-wide setting.

With enhanced applicant security, users cannot see applications for jobs to which they do not have access. They see only applicants who applied for the user’s own job openings and applicants who applied without a job opening.

(Remember that enhanced applicant security also has a narrower definition of the user’s own job openings. Department tree security is not applicable, so the user must be the creator or a hiring team member for the job opening. Approver access is not relevant to enhanced applicant security because there are no applicants for job openings that are pending approval.)

Enhanced applicant security ensures that pages throughout the recruiting system show only information related to the user’s own job openings. For example, on the Manage Applicant page, users sees only their own jobs. If an applicant applies for five jobs, and the user only has access to two of them, the user sees only those two jobs on the Manage Applicant page.

For a more details description of enhanced applicant security, see Understanding Enhanced Applicant Security.