Redwood: Manage Planning Data Security Using a New User Experience

You can now use the Redwood user experience to manage planning data security. Administrators can define role-based access to planning data by creating access sets and conditions for Plan Inputs. These rules are automatically applied across planning pages, ensuring that users see and work only with the data they’re entitled to.

Data Security allows administrators to restrict visibility of supply and demand planning data to authorized users by applying flexible filters and rules.

Data Security Scenario

Steps to Create Data Security for the Given Use Case
Consider a global plan covering four organizations: A, B, C, and D. The access requirements are as follows:

  • Planners 1 and 2 should have access to Organizations A and B
  • Planners 3 and 4 should have access to Organizations C and D

 Configuration Steps

  1. Create Job Role X and assign it to Planners 1 and 2.
  2. Create Job Role Y and assign it to Planners 3 and 4.
  3. Create Data Access Set DAS1 and assign it to Job Role X.
  4. Create Data Access Set DAS2 and assign it to Job Role Y.
  5. For DAS1, create a condition where Organization = A, B.
  6. For DAS2, create a condition where Organization = C, D.

This configuration ensures that planners can only access the supply and demand data relevant to their assigned organizations.

Accessing the Data Security Page

Click View More to open the Data Security page.. It can be accessed from the following functional areas:

  • Supply Planning
  • Replenishment Planning
  • Demand Management
  • Sales and Operations Planning
  • Backlog Management
  • Production Scheduling
  • Global Order Promising
  • Plan Inputs

To open the page, select Administer Planning Security from the UI Shell. The Data Security page will then be displayed.

Data Security

Data Security Toolbar

Data Security Toolbar

The Data Security toolbar provides the following actions:

  1. Add - Create a new Data Access Set.
  2. Edit - Modify attributes of an existing Data Access Set.
  3. Manage Options - Enable Data Security at a global level for entities where a Data Access Set is not defined.

Data Security GOlbal parameter

  1. More Actions - Run scheduled processes such as:
    1. Synchronize Selected Data Access Set
    2. Synchronize All Data Access Sets
  2. Delete - Remove the selected Data Access Set.
  3. Export - Export records to a spreadsheet. Only the columns in the current view are exported, in the same order as displayed.

Searching and Filtering Data Security

You can search for Data Access Set using the search bar and the suggested filters.

Data Security Search

Keyword search bar: Search across multiple columns by entering text in the keyword search field. For Data Access Sets, the search specifically applies to the Data Access Set and Description columns, using the contains operator. For example, type DAS and press Enter or click the search icon. The table displays all Data Access Set names containing DAS, such as DAS1.

Note: Keyword search isn’t case sensitive.

Suggested filters: Filter Data Access Sets using the column-specific filter suggestions. For example, select a Job Role or Data Access Set from the suggested filters, then press Enter or click outside the filter. The table updates to show only the rows that match your selection.

The following screenshot appears on creating the Name and Description of the data access set and assigning to specific roles.

Data Security DAS

After creating the data access set and assigning it to the appropriate role, configure conditions for the selected entity:

  • Define the Level and Hierarchy for the condition.
  • Grant Read or Write access by enabling or disabling the Enable Write flag.
  • Select between using an existing condition or creating a new condition using the available toggle options.

Data Security DAS Drawer

New Condition Drawer

In the New Condition drawer, follow these steps to define a condition for a data access set:

  1. Enter a Condition Name.
  2. Define the condition using the Advanced Create Expression option.
    For example, an Org M2 condition can be created where data security is applied only when the Organization equals BOSTON MFG or SEATTLE MFG.

Data Security Condition

Steps to enable and configure

You don't need to do anything to enable this feature.

Tips and considerations

  • Data security supported by Job Role (these Job roles have to be created prior to setting up the security)
  • Data security supports rules at the for the following entities:
    • Item
    • Organization
    • Customer
    • Supplier
    • Segment
    • Measure Group
    • Sales Organization
  • Data Security can be defined at one or more of the above entities. When defined at multiple entities, all the filters are applied to decide visibility.

Key resources

See Redwood: Analyze Supply Plans Using a Configurable Redwood Page feature.

Access requirements

Users who are assigned a configured job role that contains these privileges can access this feature:

  • Administer Planning Security (MSC_ADMINISTER_PLANNING_SECURITY_PRIV)

This privilege was available prior to this update.