About Teams and Reconciliations

A team is provisioned with the User or Viewer role and can contain one or more users.

Then, instead of assigning the User or Viewer role to named users, the role is assigned to the team and all members in the team are assigned the role. A team with the User role will allow that team to be assigned as a preparer, reviewer, commentator, or viewer.

Because teams do not grant access to application roles or privileges, any user with the Teams - Manage or Access Control - Manage application role can create and manage teams. This allows for a more distributed management of teams. For example, one or more people in each local office of an organization can manage teams. Teams are more appropriate for larger organizations with a decentralized management and where there is no need to assign access to users. For example, a Power User in Japan can manage a team of Preparers based in that country without affecting Reconciliations in other parts of the world.

When a reconciliation is created, the team membership is saved with the reconciliation. This helps keep the history accurate and reflect who was working on the reconciliation. However, if changes are made to the team membership and you want to see the changes applied to the existing reconciliation, you can use the Refresh Teams option from the Actions drop down on the reconciliation in order to update the membership list stored with the reconciliation.

If you delete a member from a team, and that member has already completed work on a reconciliation as a preparer or reviewer, the system still displays that user as Preparer (Actual) or Reviewer (Actual). This is in addition to the current Preparer or Reviewer.

Teams and Groups

Both teams and groups allow you to create collections of users. The difference is that groups also allow application roles to be assigned. For example, a Group of users could be created with the Reports - Manage application role and this allows all the users in the group to create reports. Because a user's role can be changed by groups, only Service Administrators can manage them. This leads to a more centralized management of groups. In addition, Oracle Identity Cloud Service (IDCS) groups can also be configured so that user membership can be synchronized with the customer's Identity Management tool of choice. For more information about Cloud EPM groups and IDCS Groups, see Managing Groups in Administering Access Control .

Teams are simply a collection of users. Because they do not grant roles, Power Users (or any user granted permission by a Service Administrator) can administer them. This allows for a more distributed management of teams. For example, management of teams can be done by each client's organization leaders around the globe.

The following features of groups are not available for teams:

• Groups are allowed to be included (nested) within another group
• User assignment and unassignment to Groups is audited

  See Audit Reports, Login Reports, and Audit Logs in Getting Started Guide for Administrators.

Therefore, you should use groups when you need to assign roles or have a centralized management of your users which can be integrated with your Identity Management, if desired, or if you need the nesting or auditing features. You should use teams if you have a more decentralized management of your users and do not need to assign application roles.