1. Securing Risk Management
  2. Manage User Assignment Groups

Manage User Assignment Groups

As they edit records, owners may select user assignment groups, assigning data rights to all members of each group at once.

Each group specifies an authorization. While selecting a group for a record, an owner can view the authorization it provides, but can't change that authorization.

For each group you create, you can select only one authorization (and an object it applies to). You may select one of the application-specific authorizations, such as reviewer or approver in Oracle Fusion Cloud Financial Reporting Compliance, or manager or certifier in Oracle Fusion Cloud Access Certifications. But to have access to records, a user must be authorized as an owner, editor, or viewer. So if you select any authorization other than those three for a group, its members are also automatically assigned the viewer authorization.

To combine multiple authorizations, you can create multiple groups. For example, you may create a group of risk approvers, and assign it to a risk record. Its members would have only view access to the risk record itself, but would be able to approve or reject it. You might want some or all of these users to be able to edit the risk as well. You'd create a second group, assign it the editor authorization for the risk object, assign users to it, and select it for the risk record. Users who belong to both groups would be able both to edit the risk record and to approve or reject the risk.

To create a user assignment group:

  1. Use either of two methods to open a Create User Assignment Group page:

    • Select the Create User Assignment Group quick action from the Risk Management springboard. (Depending on the number of quick actions available to you, you may need to select a Show More option on the springboard.)

    • Navigate to Risk Management > Risk Management Data Security. User Assignment Groups is the landing page for this work area. Then select Add.

  2. In a Details panel:

    • Name the group.

    • Select an object. The group you're creating becomes available for selection by an owner working with a record of this object type.

    • Select an authorization. The authorizations available for selection are those appropriate for the object you've selected.

  3. An Eligible Users panel displays a list of users whose roles make them eligible for the object and authorization you chose. Select among those users:

    • Optionally, search for users to select. Enter text in the search field; a list displays user names that contain text matching what you've typed. Select one of them, or click the Search button to select all the matches for your text string.

    • To select members individually, click check boxes next to their names. Then click Add Selected Users. You may select any number of times; for example, you may create one filter, select among the users it returns, then create another filter and select among the users it returns.

    • Instead, you can click an Add All Eligible Users option. (If you've selected any user check boxes, clear them first.) This selects all users from the full list; if you've filtered the list of users, this option ignores the filter.

    The user names you select move from the Eligible Users panel to the Members panel. If you have second thoughts, you can click the delete icon in the row for any user in the Members panel to return that user to the Eligible Users panel.

  4. When you're satisfied with your Member selections, click Save and Close.

To edit an existing group:

  • Search for it in the User Assignment Groups page. To make the search easier, click Show Filters, then create one or more filters based on predefined attributes, and click Search. For filters based on user information (such as Department or Location), a search returns groups with at least one member who meets the criteria you specify.

  • Select the Edit icon in the record of the group you want to edit.

  • You can't modify the object and authorization selections. Otherwise, follow the creation procedure to edit the group name or to add or delete members.

If you're an owner of the group, you can also authorize other users to work with it. Click the Security Assignment button (which appears only after the group has been saved for the first time), and authorize individual users or add groups for which the User Assignment Groups object is selected.