1. Securing ERP
  2. General Ledger-Specific Considerations for Segment Value Security

General Ledger-Specific Considerations for Segment Value Security

Segment value security by business function is generally enforced in General Ledger product features with a chart of accounts element and where a single data access set context selection can be clearly established for a user’s session.

In these cases, the secured account values available to the user, at the according access level, are based on those grants assigned to the user for the General Ledger business function and the user’s current selected data access set.

Here’s a summary of how segment value security by business function works for General Ledger features that have different types of access to data access set selection.

  • For features accessed directly in the core application, a user would select a data access set. The selection also sets the data security context when determining which of the user’s segment value security by business function grants apply when working with the secured chart of accounts.
    Note: The data access selection is also registered in a user’s General Ledger preferences for the Data Access Set General option.
  • For features accessed outside of the core application, where a user doesn’t explicitly select a data access set, such as with reporting tools Smart View, Financial Reporting, and Oracle Transactional Business Intelligence (OTBI), the application refers to a user’s last selected data access set in the core application when determining which of the user’s security grants apply.
    Note: If a user switches data access set selection in the core application, it’s important to refresh the view in the Smart View, Financial Reporting, and OTBI reports. This action registers the change in data access set selection so that the relevant set of security grants based on this new data access set selection is now applied to the report.
  • For features where multiple data access sets can apply, or where no data access set context can be established, some other considerations need to be considered regarding how segment value security by business function enforcement acts. Some examples in the Features Without a Data Security Context topic discuss some of these considerations.

Further details follow about other special considerations for data security and segment value security by business function enforcement in certain features in the General Ledger module. They elaborate on certain points discussed previously, as well as other specific aspects of security control in the General Ledger module.