Receivables-Specific Considerations for Segment Value Security
Chart of accounts segment value security controls user access to chart of accounts-based accounting information in Receivables.
Use segment value security to define user access to Accounting Flexfield segment values in Receivables. A given user can only work with account values in the secured chart of accounts value set to which they have been granted access and at the level of their rule assignments.
Segment value security doesn't affect Receivables setup or transaction creation.
Enable Receivables for Segment Value Security by Business Function
Use the Manage Segment Value Security by Business Function action in the Manage Chart of Accounts Configuration page to enable Receivables for segment value security.
To enable Receivables for segment value security:
- 1. Navigate to the Manage Chart of Accounts Configurations task.
- 2. In the Manage Chart of Accounts Configurations page, click the Manage Segment Value Security by Business Function button.
- 3. In the Manage Segment Value Security by Business Function window, enable the Receivables option.
- Save your work.
When you enable segment value security for Receivables, by default all Receivables users are granted access to all segment values. You must set up rules to restrict user access to Accounting Flexfield segment values by business function. In the context of Receivables, the business function is the business unit.
Set Up Segment Value Security Rules in Receivables
Use the Segment Value Security by Business Function spreadsheet to assign segment value security rules to the users who require some form of restricted access to Accounting Flexfield segment values.
As a general rule, create dedicated segment value security roles for each designated group of Receivables users and the related data security policies that govern their access to secured segment account values.
The dedicated segment value security roles you create, with their accompanying secured segment values, can be assigned to and even shared among the corresponding users based on their particular segment value access requirements.
You can enable security enforcement for all business functions or for one or more specific business functions. This table provides an example of how to designate segment value access rule assignments to Receivables users:
Access Type | Business Function | Security Context | Security Context Value |
---|---|---|---|
Global access | All business functions | All security contexts | All security context values |
Access to business unit business-function-only | Business unit | Business unit | All security context values |
Access to a specific business unit | Business unit | Business unit | Name of business unit |
Global access: Assign global access to users with responsibilities across multiple business functions, for example, Assets, Receivables and General Ledger. Global access users would then require access to the same specified segment account values across all of their assigned asset books (FA), business units (AR), and ledgers (GL).
Access for business unit business-function-only: Assign business-function-only access to users with the Receivables responsibility who require access to the same specified segment account values for all of their assigned business units.
Access for a specific business unit: Assign specific business unit access to users with the Receivables responsibility who require access to the specified segment account values for one business unit only.
Read-Write and Read-Only Access
You can further restrict user access to accounting flexfield segment values by assigning users Read-Write and Read-Only privileges.
- Read-Write: Users can create and update transactions, view accounting, and report on Receivables transactions that reference the account values granted.
- Read-Only: Users can view, query, and report on Receivables transactions that reference the account values granted. For example, users who don’t have Read-Write access to segment values belonging to transaction distributions can still search for and review these distributions.
Summary of Segment Value Security Enforcement in Receivables
Users with Read-Write access to specified account values can take these actions on the transactions that reference these account values:
- Create, save and complete a transaction.
- Credit a transaction.
- Update account values in the distributions belonging to a transaction.
- Post transactions to General Ledger.
- Apply a receipt or credit memo to a transaction.
- Unapply a receipt or credit memo from a transaction.
- Manage adjustments to transactions.
- Create draft subledger accounting.
- Use these web service components: Get, Create, Update, Delete, Reverse.
Users with Read-Only access to specified account values can take these actions on the transactions that reference these account values:
- Create and save a transaction.
- View transaction distributions.
- Run reports.
Segment value security is not enforced on these activities:
- Receivables implementation tasks in Functional Setup Manager.
- These reports in Scheduled Processes:
- Receivables Aging by GL Account Report
- MFAR Aging and Reconciliation Report
- General Ledger Reconciliation Report
Example of Segment Value Security Enforcement in Receivables
The following example illustrates segment value security enforcement by business function in Receivables.
User James has access to two business units: Vision ASC605 BU001 and Vision ASC605 BU002. He has Read-Only access to Vision ASC605 BU001 and Read-Write access to Vision ASC605 BU002.
User | Role | Business Function | Business Unit | Security Context Value (Cost Center) | Access Level |
---|---|---|---|---|---|
James | Accounts Receivable Manager | Business Unit | Vision ASC605 BU001 | 00000000, 20000220 | Read-Only |
James | Accounts Receivable Manager | Business Unit | Vision ASC605 BU002 | 00000000, 20000220 | Read-Write |
This table describes the results of the various actions that James attempts on the Create Transaction: Invoice page in each business unit, as determined by his segment value security assignments.
User | Business Unit | Cost Center Value | Access Level | Action | Result |
---|---|---|---|---|---|
James | Vision ASC605 BU001 | 00000000, 20000220 | Read-Only | Save Transaction | James can save the transaction. |
James | Vision ASC605 BU001 | 00000000, 20000220 | Read-Only | Review Distributions | James can review all distributions. |
James | Vision ASC605 BU001 | 00000000, 20000220 | Read-Only | Edit Distributions | James can't edit or even see the distribution segment values. |
James | Vision ASC605 BU001 | 00000000, 20000220 | Read-Only | Complete Transaction | James can't complete the transaction. |
James | Vision ASC605 BU001 | 00000000, 20000220 | Read-Only | Post to Ledger | James can't post the transaction. |
James | Vision ASC605 BU002 | 00000000, 20000220 | Read-Write | Save Transaction | James can save the transaction. |
James | Vision ASC605 BU002 | 00000000, 20000220 | Read-Write | Review Distributions | James can review all distributions. |
James | Vision ASC605 BU002 | 00000000, 20000220 | Read-Write | Edit Distributions | James can edit distributions and change the cost center. |
James | Vision ASC605 BU002 | 00000000, 20000220 | Read-Write | Complete Transaction | James can complete the transaction after changing the cost center. |
James | Vision ASC605 BU002 | 00000000, 20000220 | Read-Write | Post to Ledger | James can post the transaction. |