Overview of Securing Oracle HCM Cloud
Oracle Human Capital Management Cloud is secure as delivered. This guide explains how to enable user access to HCM functions and data. You perform many of the tasks in this guide during implementation. You can also perform most of them later as requirements change.
This topic summarizes the scope of this guide and identifies the contents of each chapter.
Guide Structure
This table describes the contents of each chapter in this guide.
Chapter |
Contents |
---|---|
An Introduction to HCM Security in the Cloud |
A brief overview of the concepts of role-based security and an introduction to the Oracle Fusion Applications Security Console |
Creating Implementation Users |
The role of implementation users and instructions for creating them |
Creating HCM Data Roles for Implementation Users |
How to provide the data access that enables implementation users to complete the functional implementation |
Enabling Basic Data Access for Abstract Roles |
How to provide basic data access for all employees, contingent workers, and line managers |
Assigning Roles to Implementation Users |
How to assign data and abstract roles to implementation users |
Setting Up Applications Security |
Setting enterprise options on the Security Console and maintaining the Oracle Fusion Applications Security tables. |
Working with the Bridge for Microsoft Active Directory |
How to install and configure the bridge for Microsoft Active Directory and synchronize user accounts |
Managing Location-Based Access |
How to enable location-based access, list authorized IP addresses, and make selected roles public |
Preparing for Application Users |
Enterprise-wide options and related decisions that affect application users |
Creating Application Users |
The ways in which you can create application users, with instructions for some methods |
Managing Application Users |
How to maintain user accounts throughout the workforce life cycle |
Provisioning Roles to Application Users |
The ways in which application users can acquire roles, with instructions for creating some standard role mappings |
Reporting on Application Users and Roles |
Reporting on user accounts, inactive users, roles provisioned to users, and password changes |
HCM Data Roles and Security Profiles |
How to create and manage HCM data roles and use HCM security profiles to identify the data that users can access |
Person Security Profiles |
How to secure access to person records |
Organization and Other Security Profiles |
How to secure access to organizations, positions, document types, legislative data groups, payrolls, and payroll flows |
Using the Security Console |
How to use the Security Console to review role hierarchies and role analytics |
Creating and Editing Job, Abstract, and Duty Roles |
How to copy predefined roles to create roles, how to create roles from scratch, and how to edit custom roles |
Regenerating Roles |
How to regenerate the data security policies of data and abstract roles when the role hierarchy changes |
Securing Access to Value Sets |
How value sets are secured, and how APPID users gain access to secured value sets |
Securing Content Sections in Person Profiles |
How to secure user access to content-type data in person profiles |
Securing Access to Succession Plans, Incumbents, and Candidates |
How to create a super user role to enable access to all succession plans, and how to configure restricted access to lists of incumbents and candidates |
Securing Access to Lists of Values in Responsive User Experience Pages |
How to enable custom roles to access lists of values in responsive user experience pages |
Security and Reporting |
How to enable users to run Oracle Transactional Business Intelligence and Oracle Business Intelligence Publisher reports |
Roles for Workflow Access |
The predefined roles that enable access to workflow functionality |
Auditing Oracle HCM Cloud Business Objects |
How to configure audit for HCM business objects and access audit reports |
Certificate Management |
How to generate, import, export, and delete PGP and X.509 certificates for data encryption and decryption |
Role Optimization |
How to use the optional Role Optimization Report to analyze the role hierarchy for redundancies and other inefficiencies |
Advanced Data Security |
An introduction to these optional cloud services:
|
During implementation, you perform security-related tasks from a functional area task list or implementation project. After the implementation is complete, you can perform most security-related tasks on the Security Console. Any exceptions are identified in relevant topics. For example, you hire workers in the New Person work area, not on the Security Console.