About Security in Account Reconciliation

Account Reconciliation provides different levels of security.

Elements of Security in Account Reconciliation

The following table describes the different levels of security in Account Reconciliation.

Table 24-1 Elements of Security

Name Who Performs and Description Link
Create users and assign them access to Account Reconciliation

The Identity Domain Administrator creates the users and assigns them access to the application.

Note: You cannot create a user with the same name as an existing group (including the default groups User, Viewer, Power User, and Service Administrator) or team.

See Creating Users in the Getting Started with Oracle Enterprise Performance Management Cloud for Administrators guide.
Assign users predefined role access to the application. The Identity Domain Administrator assigns users role access to the application: Service Administrators, Power Users, Users, Viewers. See Understanding Predefined Roles and Account Reconciliation in the Getting Started with Oracle Enterprise Performance Management Cloud for Administrators guide.
Grant additional privileges to users in addition to their predefined roles by using Application Roles. The Service Administrator has the flexibility to grant additional privileges to different users or groups in addition to their predefined roles by using Application Roles. This can be done under Access Controlusing Assign Roles. See Account Reconciliation Application Roles in Administering Access Control for Oracle Enterprise Performance Management Cloud and Predefined Role Mapping for Account Reconciliation in Administering Access Control for Oracle Enterprise Performance Management Cloud
Create and manage groups Administrators can define groups and populate with users using Manage Groups under Access Control.

For creation and management of groups, see Managing Groups in Administering Access Control for Oracle Enterprise Performance Management Cloud

Create and manage teams Administrators can define teams and populate with users with various roles. Users may have user or viewer roles. The user role includes Preparer, Reviewer, or Viewer roles. A team must be assigned that role to perform that role. For creation and management of teams, see Using Teams in this chapter.
Power User Security Administrators can use Power User Security under Access Control to view and change who has been assigned Power User security.

For Power User Security, see .

User Reporting Using Manage Users under Access Control Administrators can use Manage Users under Access Control to see various information about users on the system.

For Manage Users, see Managing Users.

Assign security on artifacts such as Profiles, Organizations, and Reports from within Account Reconciliation
  • Profiles - Administrators can grant access to profiles during profile creation using an Access tab.
  • Organizations - Administrators can grant access to artifacts based on users or teams being in an organization.
  • Reports - Administrators can grant access to standard reports using an Access tab in the Edit Reports dialog. Custom report security is determined by the report author at the time the report is created.

For Profiles security, see Specifying Profile Access in the Setting Up and Configuring Account Reconciliation guide.

For Organization security, see Defining Organizations in the Setting Up and Configuring Account Reconciliation guide.

For Reports security, see Understanding Reports Security in Administering Account Reconciliation.

Access Control Options

In Account Reconciliation, you can use Access Control under Tools for the following security related options:

  • Assign roles to users in addition to their predefined roles by using Manage Application Roles
  • Create and manage groups of users
  • Create and manage teams of users
  • View and control who has Power User security
  • Gather information on who is using Account Reconciliation (User Login report) and see what roles they have been assigned (Role Assignment report).