IT Security Manager (Job Role)
Protects assets such as information technology systems, data, and networks.
Role Hierarchy
The IT Security Manager job role directly and indirectly inherits these roles.
- 
            IT Security Manager- 
                     Functional Setups 
 - 
                     Manage Users- 
                              Manage User Account- 
                                       Edit User Name 
 - 
                                       Manage User Roles 
 - 
                                       Use REST Service - Public Workers Read Only 
 
- 
                                       
 
- 
                              
 - 
                     Partner Account Administration 
 - 
                     Payments Data Security Administration 
 - 
                     Security Management- 
                              Separation of Duties Role Analysis 
 
- 
                              
 - 
                     Security Reporting- 
                              Separation of Duties Role Analysis 
 
- 
                              
 - 
                     Security Transaction Analysis 
 - 
                     Upload data for Access Groups Import 
 - 
                     Upload data for Assignment Rule Import 
 - 
                     View Portrait User Account Details Card 
 
- 
                     
Duties
This table lists the duties assigned directly and indirectly to the IT Security Manager job role.
| Duty Role | Description | 
|---|---|
| Functional Setups | Uses the functional user overview, and assigned tasks, and task lists. | 
| Manage User Account | Manages user roles. | 
| Manage Users | Creates and updates users and assigns roles to users. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | 
| Security Transaction Analysis | Analyzes applications security configurations, including role definitions and security policies. | 
| Separation of Duties Role Analysis | Allows user to analyze separation of duty violations on a new or existing role in security. | 
| Upload data for Access Groups Import | Allows to upload data file to import Access Groups. | 
| Upload data for Assignment Rule Import | Allows to upload data file to import Assignment Rule related data. | 
Aggregate Privileges
This table lists aggregate privileges assigned directly and indirectly to the IT Security Manager job role.
| Aggregate Privilege | Description | 
|---|---|
| Edit User Name | Updates the user name associated with a person. | 
| Manage User Roles | Allows management of user roles assignments. | 
| Use REST Service - Public Workers Read Only | Allows the user to call the GET method associated with the Public Workers REST Service. | 
| View Portrait User Account Details Card | Views the User Account Details card in the Person Gallery. | 
Privileges
This table lists privileges granted to duties of the IT Security Manager job role.
| Granted Role | Granted Role Description | Privilege | Privilege Description | 
|---|---|---|---|
| Functional Setups | Uses the functional user overview, and assigned tasks, and task lists. | Execute Setup Tasks | Allows setup task execution and searching of tasks and tasks lists. | 
| Functional Setups | Uses the functional user overview, and assigned tasks, and task lists. | Review Applications Offering | Provides access to the Getting Started page. | 
| Functional Setups | Uses the functional user overview, and assigned tasks, and task lists. | Review Setups Functional User Overview | Allows access to the Assigned Implementation Tasks page. | 
| Functional Setups | Uses the functional user overview, and assigned tasks, and task lists. | Setup and Maintain Applications | Allows access to the Setup and Maintenance work area. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Administer Student Group | Allows administration of managed student groups. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Apply HCM Role Provisioning Rules | Allows application of HCM role-provisioning rules. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Assign Oracle Fusion General Ledger Data Access Set Definition | Allows assignment of data access sets. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Configure Interface | Allows configuration of the interface for transaction and batch processing. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Configure Public Worker Access | Allows configuration of public worker access when using Oracle Search. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Define Oracle Fusion General Ledger Data Access Set | Allows definition of data access sets. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Delete Access Group | Allows the user to delete an access group. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Delete Scheduled Process Tracker | Allows deletion of scheduled process tracking information. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Enable and Disable Access Groups | Allows the user to enable and disable all access groups. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Grant Search Framework Manager Permissions | Allows granting permission to a user to manage search framework index metadata, using REST Service. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Import Workers | Allows import of multiple worker records. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Load Batch Data | Allows batch loading of data. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Active Directory Integration | Allows users to use functions and services that manage the Active Directory integration | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Application Pages Security | Allows management of application pages and page groups for controlling page access. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Candidate Security Profile | Allows to manage candidate security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Country Security Profile | Allows management of country security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Data Access for Users | Manage data access for user provisioned roles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Data Security Grants | Allows the assigning of security profiles and security conditions to users. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Data Security Profiles | Allows the mapping of business objects and fields for data security access. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Document Type Security Profile | Allows management of document type security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Group Access | Allows configuring Access Groups. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage HCM Data Role | Allows management of HCM data roles and assignment of security profiles to those roles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage HCM Exclusion Rules | Allows management of the rules for excluding specified data instances from a person security profile data instance set. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage HCM LDAP User Account Options | Allows management of HCM LDAP user account options. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage HCM Role Provisioning Rules | Allows management of HCM role-provisioning rules and creation of auto provisioned role requests for all users based on current role-provisioning rules. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Job Requisition Security Profile | Allows to managet the job requisition security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Legislative Data Group Security Profile | Allows management of legislative data group security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Oracle Search ACL Exclusion Rules for HCM | Allows management of the rules for excluding specified roles and users from the Oracle Search access control lists that are maintained by the HCM access control list computation process. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Organization Security Profile | Allows management of organization security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Page Permissions Security | Allows management of page permissions for functional security. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Payroll Element Security Profile | Allows users to manage payroll element security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Payroll Flow Security Profile | Manage Payroll Flow Security Profile | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Payroll Security Profile | Manage Payroll Security Profile | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Person Security Profile | Allows management of person security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Person and Assignment Security Profile | Allows management of person and assignment security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Position Security Profile | Allows management of position security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Profile Content Section Access | Manages view and update access to content sections for user roles or manages addition of user roles with view or update access to content sections. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Run Results | Allows management of run results. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Sales and Service Access | Allows configuring access for Sales and Service objects. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Security Roles | Allows management of security roles and role groups. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Student Group Configurations | Allows management of common managed student group configurations. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Student Management Home Page Setups | Allows management of Student Management home page setups. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Supplier User Roles | Allows managing the set of authorized job roles for supplier user provisioning. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Talent Pool Security Profile | Allows management of talent pool security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Transaction Security Profile | Allows management of transaction security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Manage Workforce Structures Work Area | Allows access to the Work Structures Management work area. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Monitor Batch Load Process | Allows monitoring of the batch load process. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Preview HCM Data Security | Allows access to preview and analyze user access to secured HCM data. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Request Enterprise Role | Allows request of a new enterprise role. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Reset Password | Allows reset password links to be emailed to users. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Run Batch Load Job Set | Allows running of the batch load job set. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Run Data Access Set Listing Report | Allows submission of the data access set listing report. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Run Regenerate HCM Data Security Grants Process | Allows the Regenerate HCM Data Security Grants process to be run. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Run Retrieve Latest LDAP Changes Process | Allows the Retrieve Latest LDAP Changes process to be run. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Run Send Pending LDAP Requests Process | Allows the Send Pending LDAP Requests process to be run. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Run Users by Service Report | Submit Users by Service Report | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Sync External Users To LDAP | Allows the running of the process that sends personal data for external users to LDAP | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Synchronize SCM Job Roles | Privilege to synchronize SCM jobs with other pillars such as HCM and CRM. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Use REST Service - Identity Integration | Allows users to call all methods associated with the Identity Integration REST Service | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Use REST Service - Users and Roles Lists of Values | Allows the user to call the GET method associated with the Users and Roles lists of values REST Services. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | Use Trading Community REST Services for HCM User Role Provisioning | Allows users to call Trading Community REST services for HCM user role provisioning. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Access Explorer | Allows to explore the access an user has for a named record of an object using the access explorer tool. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Application Pages Security | Allows viewing of application pages and page groups for controlling page access. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Business Objects | Allows the viewing of business objects that are used for security profiles. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Data Security Grants | Allows the viewing of the security conditions assigned to the users that govern data access by users. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Data Security Profiles | Allows the viewing of security profiles, which contain the business objects and fields that govern data access by users. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Oracle Fusion General Ledger Data Access Set Definition | Allows view access of data access set definitions and makes data access set selection. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Scheduled Process Tracker | Allows viewing of scheduled process tracking information. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View Student Management Home Page Setups | Allows viewing of Student Management home page setups. | 
| IT Security Manager | Protects assets such as information technology systems, data, and networks. | View User Accounts | Allows the viewing of user accounts. | 
| Manage User Account | Manages user roles. | Copy Personal Data to LDAP | Allows copy of worker personal data to LDAP | 
| Manage User Account | Manages user roles. | Manage User Account | Allows access to Manage User Account. | 
| Manage User Account | Manages user roles. | Manage User Account and My Account | Allows access to the page components that are common to My Account and Manage User Account. | 
| Manage User Account | Manages user roles. | Reset Password | Allows reset password links to be emailed to users. | 
| Manage Users | Creates and updates users and assigns roles to users. | Manage User Details | Allows management of user account information. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Assign Partner Account | Privilege to assign partner accounts to channel manager territores. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Create Partner | Allows creating a partner. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Create Partner Member | Allows creating a partner member. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Create Partner User | Allows provisioning of partner members to sign into the vendor partner network. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Import Partner | Not Available | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Manage Enrollment Notes | Allows managing partner program enrollment notes | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Manage Partner Account Team | Allows managing of the partner account teams. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Manage Partner User Security Role | Allows managing of security roles for partner members | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Remove Partner Member | Allows removing a partner member from a partner organization. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Run Purge Batch Assignment Information Process | Allows scheduling and monitoring of the process to purge the batch assignment data. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Update Partner Member | Allows managing of partner members. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | Update Partner Profile | Allows managing of partner profiles. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | View Partner | Allows viewing a list of partners from the partner work area. | 
| Partner Account Administration | Maintains a partner account, including managing members and partner profile information. | View Partner Contract | Provides access to Partner Contracts in Partner Center. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Manage System Security Options | Allows configuration of masking, encryption, wallet, and other security options. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Manage Wallet | Allows configuration of encryption and decryption using the wallet. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Credit Card Decryption Process | Allows submission of the Credit Card Decryption process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Credit Card Detokenization Process | Not Available | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Credit Card Encryption Process | Allows submission of the Credit Card Encryption process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Credit Card Masking Process | Allows submission of the Credit Card Masking process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Credit Card Tokenization Process | Not Available | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Import Credential Process | Allows submission of the Import Credential process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Payments Sensitive Data Decryption | Allows submission of the Sensitive Data Decryption process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Payments Sensitive Data Encryption | Allows submission of the Sensitive Data Encryption process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Third Party Bank Account Decryption Process | Allows submission of the Third Party Bank Account Decryption process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Third Party Bank Account Encryption Process | Allows submission of the Third Party Bank Account Encryption process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Third Party Bank Account Masking Process | Allows submission of the Third Party Bank Account Masking process. | 
| Payments Data Security Administration | Manages security features, such as encryption and masking of sensitive data like credit card or bank account numbers. | Submit Transaction Encryption Process | Allows submission of the Transaction Encryption process. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Administer API Authentication | Allows users to configure and manage both inbound and outbound API Authentication. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Administer App Extensions | Manage App Extensions | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Administer SSO | Manage Single Sign-on Administration | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Administer Security | Manage security configuration and preferences. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Analyze Security | Analyze security including roles by category, and user role memberships. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Create Role | Create new role from scratch or by copying an existing role. Create role relationships. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Create User Account | Create new user account and provision roles to that user account. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Delete User Account | Delete an existing user account and its role memberships. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Edit Role | Edit an existing role and its relationships. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Edit User Account | Edit an existing user account and its role memberships including password reset and locking actions. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Enable Database Resource Management | Enable management of database resource including attributes, conditions and policies. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Enable Two-Factor Authentication for User Account | Allows Two-Factor authentication for user accounts to be enabled and disabled using the security console. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Export Certificate | Export an existing digital certificate. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Generate Certificate | Generate a new self-signed digital certificate or Regenerate a self-signed or trusted digital certificate. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Import Certificate | Import a new or existing digital certificate. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Import Users and Roles | Imports Users and Roles from identity store and policy store. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Lock and Unlock User Account | Allows user accounts to be locked and unlocked using the security console. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Manage All Application Profile Values | Allows management of all application profile option settings and values at various levels to control application behavior. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Manage Scheduled Processes | Allows managment of Scheduled Processes | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Run Password Expiry Job | Submit Password Expiry | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | Update Password for User Account | Allows user account passwords to be updated using the security console. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | View App Extensions | Allows users to view app extensions. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | View Certificate | Search and view an existing digital certificate. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | View Role | Search and view an existing role and its relationships. | 
| Security Management | Manages the creation and maintenance of user accounts, roles and digital certificates. Manage role hierarchy, function security policies, data security policies and provisioning. | View User Account | Search and view an existing user account. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Analyze Security | Analyze security including roles by category, and user role memberships. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Import User Login History | Imports last login timestamp for users. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Manage All Application Profile Values | Allows management of all application profile option settings and values at various levels to control application behavior. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Manage Reports and Analytics | Allows access to the Reports and Analytics from Navigator Menu. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Manage Scheduled Processes | Allows managment of Scheduled Processes | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Run Inactive Users Report | Submit inactive users report. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Run Privilege Discoverer Report | Submit Privilege Discoverer report. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Run Role Hierarchy Optimization Report | Submit role hierarchy optimization report. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Run User Access Audit Report | Submit user and role access audit report. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Run User Password Changes Audit Report | Submit User Password Changes Audit Report | 
| Security Reporting | Reviews and reports security information, including user access and role design. | Run User Role Membership Report | Submit User Role Membership report. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | View Role | Search and view an existing role and its relationships. | 
| Security Reporting | Reviews and reports security information, including user access and role design. | View User Account | Search and view an existing user account. | 
| Separation of Duties Role Analysis | Allows user to analyze separation of duty violations on a new or existing role in security. | Use REST Service for Advanced Access Control Role Analysis | Allows users to call all methods associated with the advanced access control role analysis REST resource | 
| Separation of Duties Role Analysis | Allows user to analyze separation of duty violations on a new or existing role in security. | View Access Provisioning Rules | Allows user to view provisioning rules. | 
Data Security Policies
This table lists data security policies and their enforcement across analytics application for the IT Security Manager job role.
| Business Object | Policy Description | Policy Store Implementation | 
|---|---|---|
| Application Objects | A It Security Manager can manage application objects for all applications common objects | Role: IT Security Manager Privilege: Manage Application Objects (Data) Resource: Application Objects | 
| Application Objects | A It Security Manager can manage application objects for all customer relationship management application objects | Role: IT Security Manager Privilege: Manage Application Objects (Data) Resource: Application Objects | 
| Application Objects | A It Security Manager can manage application objects for all financial supply chain manufacturing application objects | Role: IT Security Manager Privilege: Manage Application Objects (Data) Resource: Application Objects | 
| Application Objects | A It Security Manager can manage application objects for all human capital management application objects | Role: IT Security Manager Privilege: Manage Application Objects (Data) Resource: Application Objects | 
| Application Objects | A It Security Manager can manage application objects for all objects | Role: IT Security Manager Privilege: Manage Application Objects (Data) Resource: Application Objects | 
| Application Objects | An IT Security Manager can manage application objects for all objects | Role: Security Management Privilege: Manage Application Objects (Data) Resource: Application Objects | 
| Application Reference Territory | A It Security Manager can choose application reference territory for all application reference territories in the enterprise | Role: IT Security Manager Privilege: Choose Application Reference Territory (Data) Resource: Application Reference Territory | 
| Assignment Grade | A It Security Manager can choose assignment grade for all grades in the enterprise | Role: IT Security Manager Privilege: Choose Assignment Grade (Data) Resource: Assignment Grade | 
| Business Unit | A It Security Manager can choose business unit for all business units in the enterprise | Role: IT Security Manager Privilege: Choose Business Unit Organization (Data) Resource: Business Unit | 
| Business Unit | A It Security Manager can choose business unit for business units in their organization security profile | Role: IT Security Manager Privilege: Choose Business Unit Organization (Data) Resource: Business Unit | 
| Department | A It Security Manager can choose department for all departments in the enterprise | Role: IT Security Manager Privilege: Choose Department (Data) Resource: Department | 
| File Import Activity | An IT Security Manager can view standard file import activity object type for all standard file import activities that are accessible for partner account administration duty | Role: Partner Account Administration Privilege: View Standard File Import Activity Object Type Resource: File Import Activity | 
| File Import Mapping | An IT Security Manager can view standard file import mapping object type for all standard file import maps that are accessible for partner account administration duty | Role: Partner Account Administration Privilege: View Standard File Import Mapping Object Type Resource: File Import Mapping | 
| HR Job | A It Security Manager can choose hr job for all jobs in the enterprise | Role: IT Security Manager Privilege: Choose HR Job (Data) Resource: HR Job | 
| Legal Employer | A It Security Manager can choose legal employer for all legal employers in the enterprise | Role: IT Security Manager Privilege: Choose Legal Employer (Data) Resource: Legal Employer | 
| Legal Employer | A It Security Manager can choose legal employer for legal employers in their organization security profile | Role: IT Security Manager Privilege: Choose Legal Employer (Data) Resource: Legal Employer | 
| Legislative Data Group | A It Security Manager can choose legislative data group for all legislative data groups in the enterprise | Role: IT Security Manager Privilege: Choose Legislative Data Group (Data) Resource: Legislative Data Group | 
| Location | A It Security Manager can choose location for all locations in the enterprise | Role: IT Security Manager Privilege: Choose Location (Data) Resource: Location | 
| Managed Student Group | A It Security Manager can manage managed student group for all managed student groups | Role: IT Security Manager Privilege: Manage Student Group (Data) Resource: Managed Student Group | 
| Person Assignment | An IT Security Manager can search worker for persons and assignments in their person and assignment security profile | Role: Manage Users Privilege: Search Worker (Data) Resource: Person Assignment | 
| Person Assignment | An IT Security Manager can view person assignment for persons and assignments in their person and assignment security profile | Role: Manage Users Privilege: View Person Assignment (Data) Resource: Person Assignment | 
| Person Type | A It Security Manager can choose person type for any person type | Role: IT Security Manager Privilege: Choose Person Type (Data) Resource: Person Type | 
| Person Type | An IT Security Manager can choose person type for person types in their person type security profile | Role: Manage Users Privilege: Choose Person Type (Data) Resource: Person Type | 
| Position | A It Security Manager can choose position for all positions in the enterprise | Role: IT Security Manager Privilege: Choose Position (Data) Resource: Position | 
| Public Assignment | An IT Security Manager can search person deferred for persons and assignments in their public person security profile | Role: Use REST Service - Public Workers Read Only Privilege: Search Person Deferred (Data) Resource: Public Assignment | 
| Public Assignment | An IT Security Manager can view person deferred for persons and assignments in their public person security profile | Role: Use REST Service - Public Workers Read Only Privilege: View Person Deferred (Data) Resource: Public Assignment | 
| Public Person | A It Security Manager can choose public person for all people in the enterprise | Role: IT Security Manager Privilege: Choose Public Person (Data) Resource: Public Person | 
| Public Person | A It Security Manager can search public person for all people in the enterprise | Role: IT Security Manager Privilege: Search Person Deferred (Data) Resource: Public Person | 
| Public Person | An IT Security Manager can search person deferred for persons and assignments in their public person security profile | Role: Use REST Service - Public Workers Read Only Privilege: Search Person Deferred (Data) Resource: Public Person | 
| Public Person | An IT Security Manager can view person deferred for persons and assignments in their public person security profile | Role: Use REST Service - Public Workers Read Only Privilege: View Person Deferred (Data) Resource: Public Person | 
| Sales Objects | An IT Security Manager can view standard file import export object type for all standard file import export objects that are accessible for partner account administration duty | Role: Partner Account Administration Privilege: View Standard File Import Export Object Type Resource: Sales Objects | 
| User | An IT Security Manager can edit user name for persons in their person security profile. | Role: Edit User Name Privilege: Edit User Name (Data) Resource: User | 
| User | An IT Security Manager can link user account for persons and assignments in their person and assignment security profile | Role: Manage User Account Privilege: Link User Account (Data) Resource: User | 
| User | An IT Security Manager can manage user accounts for persons and assignments in their person and assignment security profile | Role: Manage User Account Privilege: Manage User Accounts (Data) Resource: User | 
| User | An IT Security Manager can view user accounts for persons and assignments in their person and assignment security profile | Role: Manage User Account Privilege: View User Accounts (Data) Resource: User |