How to Use this Security Reference Guide

Enterprises address needs specific to their organization by changing or extending the role definitions, role hierarchies, and data security policies of the reference implementation. You may also be subject to specific legal, regulatory, and industry requirements. You are solely responsible for your adherence to these requirements when assigning roles, privileges and granting access for your enterprise.

For each job or abstract role, review the duties, role hierarchy, and policies that it carries so you understand which users should be provisioned with the role, or which adjustments your enterprise requires before the role can be provisioned.

Note: All information presented in this guide can be accessed in the various user interface pages of Oracle Fusion Applications provided for security setup, implementation changes, and administration. The advantage of reviewing the security reference implementation as it is presented in this guide is that you can more easily compare and plan your configurations.

Tip: From the entitlement of a role as expressed by privileges, you can deduce the function security enforced by a role. If your enterprise needs certain functions removed from access by certain roles, a copy must be made to configure the data security policies or duties carried by the role.

Review the data security policies conferred on job roles by their inherited duty roles.

Review the privacy in effect for a job or abstract role based on its data security policies. Privacy is additionally protected by security components, as described in your product security guide.

Caution: It's important that as you make changes to the security reference implementation for an Oracle Fusion Applications deployment, the predefined implementation as delivered remains available. Upgrade and maintenance patches to the security reference implementation preserve your changes to the implementation.