Overview of General Ledger Security
General ledger functions and data are secured through job roles, data access sets, and segment value security rules.
Functional Security
Functional security, which is what you can do, is managed using job roles. The following job roles are predefined for Oracle General Ledger:
-
General Accounting Manager
-
General Accountant
-
Financial Analyst
Each job role includes direct privilege grants, as well as duty role assignments, to provide access to application functions that correspond to their responsibilities. For example, the General Accounting Manager role grants comprehensive access to all General Ledger functions to the general accounting manager, controller, and chief financial officer in your organization.
Data Security
Data security, which controls what action can be taken against which data, is managed using:
-
Data access sets
-
Segment value security rules
Data access sets can be defined to grant access to a ledger, ledger set, or specific primary balancing segment values associated with a ledger. You decide whether each data access set provides read-only access or read and write access to the ledger, ledger set, or specific primary balancing segment values, which typically represent your legal entities that belong to that ledger. Primary balancing segment values without a specific legal entity association can also be directly assigned to the ledger.
Segment value security rules control access to data that's tagged with the value set values associated with any segment in your chart of accounts.
Security Assignment
Use the Security Console to assign users roles (job roles, as well as roles created for segment value security rules or others). Use the Manage Data Access Set Data Access for Users task to assign users data access sets as the security context paired with their General Ledger job role assignments.
For more information about security assignments and managing data access for users, see the Oracle ERP Cloud Securing ERP guide.