1. Administering Account Reconciliation
  2. Performing Common Actions in Account Reconciliation Cloud
  3. Understanding Security in Account Reconciliation
  4. About Security in Account Reconciliation

About Security in Account Reconciliation

Account Reconciliation provides different levels of security.

Elements of Security in Account Reconciliation

The following table describes the different levels of security in Account Reconciliation.

Table 24-1 Elements of Security

Name Who Performs and Description Link
Create users and assign them access to Account Reconciliation

The Identity Domain Administrator creates the users and assigns them access to the application.

Note: You cannot create a user with the same name as an existing group (including the default groups User, Viewer, Power User, and Service Administrator) or team.

See Creating Users in the Getting Started with Oracle Enterprise Performance Management Cloud for Administrators guide.
Assign users predefined role access to the application. The Identity Domain Administrator assigns users role access to the application: Service Administrators, Power Users, Users, Viewers. See Understanding Predefined Roles and Account Reconciliation in Getting Started with Oracle Enterprise Performance Management Cloud for Administrators.
Grant additional privileges to users in addition to their predefined roles by using Application Roles. In addition to their predefined roles, users or groups of users can be granted additional privileges by using application roles. You must be a Service Administrators or a user with the Access Control - Manage application role to assign predefined roles under Access Control and Assign Roles. See Account Reconciliation in Administering Access Control for Oracle Enterprise Performance Management Cloud .
Create and manage groups Service Administrators and users with the Access Control - Manage application role can define groups and populate them with users by using Manage Groups under Access Control.

For creation and management of groups, see Managing Groups in Administering Access Control for Oracle Enterprise Performance Management Cloud
Create and manage teams Service Administrators and users with the Access Control - Manage application role can create teams, populate them with users, and add predefined roles. Users may have user or viewer roles. The user role includes Preparer, Reviewer, or Viewer roles. A team must be assigned that role to perform that role.

Users with the Access Control - View role can only view the details about teams.

 For creation and management of teams, see Using Teams in this chapter.
Power User Security Administrators and users with Access Control - View role can use Power User Security under Access Control to view who has been assigned Power User security. To modify the contents of Power User Security, you must be a Service Administrator or have the Access Control - Manage application role.

For Power User Security, see Power User Security in Account Reconciliation.

User Reporting Using Manage Users under Access Control Service Administrators and users with the Access Control - Manage or Access Control - View role can use Manage Users under Access Control to see various information about users on the system.

For Manage Users, see Managing Users.

Assign security on artifacts such as Profiles, Organizations, and Reports from within Account Reconciliation
  • Profiles - Administrators can grant access to profiles during profile creation using an Access tab.
  • Organizations - Administrators can grant access to artifacts based on users or teams being in an organization.
  • Reports - Administrators can grant access to standard reports using an Access tab in the Edit Reports dialog. Custom report security is determined by the report author at the time the report is created.

For Profiles security, see Specifying Profile Access in the Setting Up and Configuring Account Reconciliation guide.

For Organization security, see Defining Organizations in the Setting Up and Configuring Account Reconciliation guide.

For Reports security, see Understanding Reports Security in Administering Account Reconciliation.

Access Control Options

In Account Reconciliation, you can use Access Control under Tools for the following security related options:

  • Assign roles to users in addition to their predefined roles by using Manage Application Roles
  • Create and manage groups of users
  • Create and manage teams of users
  • View and control who has Power User security
  • Gather information on who is using Account Reconciliation (User Login report) and see what roles they have been assigned (Role Assignment report).