Glossary


A | B | C | D | E | F | H | I | J | K | L | P | Q | R | S | T | U | W | X

A

abstract role
A description of a person's function in the enterprise that's unrelated to the person's job (position), such as employee, contingent worker, or line manager.
action
The kind of access, such as view or edit, named in a security policy.
aggregate privilege
A predefined role that combines one function security privilege with related data security policies.
assignment
A set of information, including job, position, pay, compensation, managers, working hours, and work location, that defines a worker's or nonworker's role in a legal employer.

B

balances cube
A multidimensional database that holds accounting financial data. The cube allows different views of the balances to be quickly displayed.
business object
A resource in an enterprise database, such as an invoice or purchase order.
business unit
A unit of an enterprise that performs one or many business functions that can be rolled up in a management hierarchy.

C

condition
The part of a data security policy that specifies what portions of a database resource are secured.
contingent worker
A self-employed or agency-supplied worker. Contingent worker work relationships with legal employers are typically of a specified duration. Any person who has a contingent worker work relationship with a legal employer is a contingent worker.

D

dashboard
A collection of analyses and other content that gives in-depth insight to help with business decisions.
data dimension
A stripe of data accessible by a user. Sometimes referred to as data security context.
data instance set
The set of HCM data, such as one or more persons, organizations, or payrolls, identified by an HCM security profile.
data role
A role for a defined set of data describing the job a user does within that defined set of data. A data role inherits job or abstract roles and grants entitlement to access data within a specific dimension of data based on data security policies. A type of enterprise role.
data security
The control of access and action a user can take against which data.
data security policy
A grant of entitlement to a role on an object or attribute group for a given condition.
database resource
An applications data object at the instance, instance set, or global level, which is secured by data security policies.
department
A division of a business enterprise dealing with a particular area of activity.
duty role
A group of function and data privileges representing one duty of a job. Duty roles are specific to applications, stored in the policy store, and shared within an application instance.
duty role
A group of function and data privileges that represents one of the duties of a job.

E

effective start date
For a date-effective object, the start date of a physical record in the object's history. A physical record is available to transactions between its effective start and end dates.
enterprise
An organization having common control over one or more legal entities.
enterprise role
Enterprise roles provide users with access both to the application functions they need to perform their jobs as well as the permissions to access the data where they need to perform those functions. There are two types of enterprise roles: job roles and abstract roles. Job roles permit users to perform activities specific to their job. Abstract roles permit users to perform functions that span the different jobs in the enterprise.
entitlement
Grant of access to functions and data. Oracle Fusion Middleware term for privilege.

F

flexfield
A flexible data field that you can configure such that it contains one or more segments or stores additional information. Each segment has a value and a meaning.
flexfield segment
An extensible data field that represents an attribute and captures a value corresponding to a predefined, single extension column in the database. A segment appears globally or based on a context of other captured information.
function security
The control of access to a page or a specific use of a page. Function security controls what a user can do.

H

HCM data role
A job role, such as benefits administrator, associated with instances of HCM data, such as all employees in a department.

I

identity
A person representing a worker, supplier, or customer.

J

job
A generic role that's independent of any single department or location. For example, the jobs Manager and Consultant can occur in many departments.
job role
A role, such as an accounts payable manager or application implementation consultant, that usually identifies and aggregates the duties or responsibilities that make up the job.

K

keyword
A word or phrase, entered as free-form, unstructured text on a project resource request, that does not exist as a predefined qualification content item. Keywords are matched against the resource's qualifications and the results are included in the qualification score calculation.

L

LDAP
Abbreviation for Lightweight Directory Access Protocol.

P

party
A physical entity, such as a person, organization or group, that the deploying company has an interest in tracking.
person number
A person ID that is unique in the enterprise, allocated automatically or manually, and valid throughout the enterprise for all of a person's work and person-to-person relationships.
person type
A subcategory of a system person type, which the enterprise can define. Person type is specified for a person at the assignment level.
personally identifiable information
Any piece of information that can be used to uniquely identify, contact, or locate a single person. Within the context of an enterprise, some PII data, such as a person's name, can be considered public, while other PII data, such as national identifier or passport number is confidential.
privilege
A grant of access to functions and data; a single, real world action on a single business object.
project resource request
List of criteria used to find a qualified resource to fulfill an open resource demand on a project. Project resource requests include qualifications, keywords, requested date range, and other assignment information, such as project role and work location.

Q

qualification
Items in structured content types such as competencies, degrees, and language skills that have specific values and proficiency ratings.

R

resource
People designated as able to be assigned to work objects, for example, service agents, sales managers, or partner contacts. A sales manager and partner contact can be assigned to work on a lead or opportunity. A service agent can be assigned to a service request.
role
Controls access to application functions and data.
role hierarchy
Structure of roles to reflect an organization's lines of authority and responsibility. In a role hierarchy, a parent role inherits all the entitlement of one or more child roles.
role mapping
A relationship between one or more roles and one or more assignment conditions. Users with at least one assignment that matches the conditions qualify for the associated roles.
role provisioning
The automatic or manual allocation of a role to a user.

S

security profile
A set of criteria that identifies HCM objects of a single type for the purposes of securing access to those objects. The relevant HCM objects are persons, organizations, positions, countries, LDGs, document types, payrolls, and payroll flows.
security reference implementation
Predefined function and data security that includes role based access control, and policies that protect functions, and data. The reference implementation supports identity management, access provisioning, and security enforcement across the tools, data transformations, access methods, and the information life cycle of an enterprise.
SQL predicate
A type of condition using SQL to constrain the data secured by a data security policy.
subledger journal entry
A detailed journal entry generated for a transaction in a subledger application.
subledger journal entry line
An individual debit or credit line that is part of a subledger journal entry.

T

transaction
A logical unit of work such as a promotion or an assignment change. A transaction may consist of several components, such as changes to salary, locations, and grade, but all the components are handled as a unit to be either approved or rejected.

U

URL
Abbreviation for Uniform Resource Locator.

W

work area
A set of pages containing the tasks, searches, and other content you need to accomplish a business goal.
work relationship
An association between a person and a legal employer, where the worker type determines whether the relationship is a nonworker, contingent worker, or employee work relationship.
worker type
A classification selected on a person's work relationship, which can be employee, contingent worker, pending worker, or nonworker.
workflow
An automated process that passes a task from one user (or group of users) to another to view or act on. The task is routed in a logical sequence to achieve an end result.

X

XML filter
A type of condition using XML to constrain the data secured by a data security policy.