1. Securing Risk Management
  2. Roles Overview

Roles Overview

Oracle Fusion Cloud Risk Management provides seven predefined job roles:

  • Access Certification Administrator. This role provides features of Oracle Fusion Cloud Access Certifications, and supporting setup and administration features.

  • Access Request Security Administrator. This role provides features of Advanced Access Requests, which implements a workflow for requesting and assigning ERP roles. It's for assignment to request approvers, the only level of user who can approve or reject role requests.

    In addition, Access Provisioning Requests and Review is a duty role that enables users to request roles and review requests. It's not included in any assignable role, but you're expected to add it to one, for example a custom job role based on a widely assigned role such as Employee.

  • Advanced Access Controls Analyst. This role provides Oracle Fusion Cloud Advanced Access Controls features, and supporting setup and administration features.

  • Advanced Transaction Controls Analyst. This role provides Oracle Fusion Cloud Advanced Financial Controls features, and supporting setup and administration features.

  • External Auditor. This role organizes activities for users responsible for enterprise auditing of advanced access and transaction controls, and of financial-reporting controls.

  • Risk Activities Manager. This role provides Oracle Fusion Cloud Financial Reporting Compliance features, and supporting setup and administration features.

  • Risk Administrator. This role grants access to all features in the Setup and Administration, Perspective, and Risk Management Data Security work areas. It's used by administrators, but is also typically the starting point for implementation job roles.

You can assign predefined job roles to users. To limit the access they provide, owners select users only for data records appropriate for them.

You may instead create your own job roles, but even if you do, you may choose to use predefined duty roles in their hierarchies. A common strategy is to copy a predefined job role that applies to a product area. You'd then remove duty roles from the copy, or potentially add duty roles to it, until you're left with what you want users to have.

You may also create duty roles, or copy predefined duty roles and edit the copies. However, you should rarely have occasion to do so. In most cases, the predefined duty roles should meet your needs.

How to Work with Roles

The remaining topics in this chapter apply to you if you intend to create, edit, or review roles. You configure roles, and may assign them to users, within Oracle Applications Security. Its Security Console enables you to:

  • Create roles, either from scratch or by copying existing roles and editing the copies. As you create or edit job roles, you can also assign them to users.

  • Visualize hierarchical relationships among users, roles, and privileges.

  • Simulate Navigator menus available to roles or users.

  • Compare versions of roles.

To open the Security Console, select Tools in the home page. Among its options, select Security Console. You must have the IT Security Manager role to do so.