1. One View Financial Statements
  2. Using OVFS Category Codes for Security

Using OVFS Category Codes for Security

Your security administrator can use existing system-wide security functionality to prevent unauthorized users from accessing, viewing, or performing actions in the OVFS programs. For example, the administrator can use existing security methods to prevent some users from opening the Statement Definitions program (P09330) and to enable another set of users to perform all actions in the program, such as add, delete, and modify.

You can also set up security in the OVFS feature to secure specific records in the OVFS programs and database tables by using the OVFS category codes. This enables the security administrator to allow access to the programs while restricting access to certain records. This type of security is useful when personnel need access to certain OVFS programs to perform their assigned tasks, but need to be restricted from specific records. The OVFS category codes are in UDCs 09/C1 - 09/C5.

To use the OVFS category codes for security, the person responsible for setting up the OVFS system will set up the OVFS category codes with values to use for security. The security administrator then sets up row security for records in the OVFS module using the values in the OVFS category codes to allow or disallow access to individual records within the OVFS programs and database tables. As you and others create or modify records within the OVFS modules, you associate the category code values to the individual records. Because the security administrator has set up security based on the category code values, users in the system have permissions or are denied permissions based on the category code value assigned to the record.

Using the OVFS category codes for security enables specified users access to the programs in the OVFS module without allowing access to every record in the programs. For example, suppose that you set up Financial Statement Category Code 1 (09/C1) with values for the user roles that your financial department uses. Such user roles might be include clerical, management, financial analysts, and so on. You would then assign the category codes to the records in the row, column, and statement definitions, and statement versions, based on which user role has access to the definition or version. For example, perhaps those with the clerical user role can access and view some row and column definitions, cannot view other row and column definitions, and cannot modify any row or column definitions. Likewise, perhaps the financial analysts can create, modify, and delete all row and column definitions, but can view and modify only specific statement definitions.

When you use category codes to restrict access to certain records, the restricted access applies whenever the user attempts to access the restricted records. As you determine how to set up and assign category code values, consider whether the user needs access to the records when performing certain actions. For example, suppose that you assign category code values to restrict access to specific row and column definitions. If a user who does not have access to the row and column definitions attempts to generate a statement that includes the definitions, the system will not generate the statement. Likewise, if users have access to row and column definitions but do not have access to statement definitions, then the user will not be able to view the statement definitions on the Row Where Used and Column Where Used forms.

Before you request that your security administrator completes the process for securing One View Financial Statement records, the personnel responsible for the One View Financial Statements module should perform the following tasks:

  • Decide which OVFS records you want to secure.

    You can use the OVFS Financial Statement Cat Codes (09/C1 - 09/C5) to add additional security to row definitions, column definitions, statement definitions, and statement versions.

  • Decide which category codes you want to use for security.

    Category codes 09/C1 - 09/C5 can be used for security and for purposes other than security. Oracle recommends that you not use the same category code for security and for other purposes. Instead, use different category codes for different purposes.

  • Set up the category codes (09/C1- 09/C5) that you will use for security purposes.

    Add values to the category codes to suit your needs. When the security administrator sets up security using the category code values, the administrator can use a range of values or specific values. You can use alpha and numeric characters as the category code values.

  • Decide which users and roles to exclude from access to the OVFS components.

    All programs, database tables, and other components of the OVFS module are accessible by all users unless the user or role to which the user belongs is excluded from access.

  • Inform your security administrator of the users and roles to exclude from OVFS functionality and which category codes and values are used for security purposes.

  • Assign category codes to the OVFS records for which you want to provide security.

    The administrator can specify whether the user or role has permission to view, edit, delete, add, or perform other actions using the component.

    As you add additional records to the OVFS programs, assign the appropriate category code values to the records so that they are secured.