6Security

This chapter contains the following:

Overview of Security

Oracle Enterprise Resource Planning Cloud (Oracle ERP Cloud) and Oracle Supply Chain Management Cloud (Oracle SCM Cloud) are secure as delivered; they limit access to one initial setup user. To enable application users to access application functions and data, you perform security-related tasks in these areas, as appropriate:

  • Define Security for Financials

  • Define Security for Procurement

  • Define Users and Security for Product Management

  • Define Security for Project Execution Management

  • Manage Data Access for Users

  • Define Security for Supply Chain Management

For more information on ERP and SCM security setup and task instructions, see these guides:

  • Oracle Enterprise Resource Planning Cloud: Securing Oracle ERP Cloud.

  • Oracle Supply Chain Management Cloud: Securing Oracle SCM Cloud.

Note: You can perform these tasks both during implementation, and later as requirements come up.

Manage Job Roles

The Oracle ERP Cloud and Oracle SCM Cloud security reference implementations provide many predefined job roles. Use the Manage Job Roles task to do the following:

  • Review the role hierarchy and other properties of a job or abstract role.

  • Create custom job and abstract roles.

  • View the roles assigned to a user.

  • View the users who have a specific role.

To do these tasks, a user must have the IT Security Manager or Application Implementation Consultant job role.

Manage Duties

The Oracle ERP Cloud and Oracle SCM Cloud security reference implementations provide many predefined duty roles. Use the Manage Duties task to do the following:

  • Review the duties of a job or abstract role.

  • Manage the duties of a custom job or abstract role.

  • Create custom duty roles.

To do these tasks, a user must have the IT Security Manager job role.

Define Data Security

You can manage Oracle ERP Cloud and Oracle SCM Cloud application data using tasks related to the following areas:

  • Define Data Security for Financials

  • Define Data Security for Procurement

  • Define Data Security for Product Management

  • Define Data Security for Project Financial Management

  • Define Data Security for Supply Chain Management

For instance, you can manage the following information:

  • Data access sets that secure ledgers.

  • Human Capital Management (HCM) security profiles that facilitate data role assignment for application users.

  • Data security policies that determine grants of entitlement to a user or role on an object or attribute group.

For such tasks, a user must have the IT Security Manager job role.

Manage Role Provisioning Rules

You create role mappings to control the provisioning of all types of roles to application users by performing this task. For example, you can create a role mapping to provision the Accounts Payable Specialist role automatically to users that meet criteria specific to accounts payable users.

A user with the IT Security Manager job role performs the Manage Role Provisioning Rules task.

Manage Oracle Social Network Objects

You can determine which business objects in Oracle ERP Cloud are available for social collaboration by performing this task. For example, use this task to enable discussion among Oracle Social Network users about requisitions, purchase orders, invoices, payments, receipts, and other transactions.

A user with the IT Security Manager or Application Implementation Consultant job role performs the Manage Oracle Social Network Objects task.

Note: You can perform this task after you set up and configure Oracle Social Network. If you don't use Oracle Social Network, you can skip this task.