1. Securing SCM
  2. Role-based Security in Oracle Fusion Cloud SCM

Role-based Security in Oracle Fusion Cloud SCM

Role-based security in Oracle Fusion Cloud SCM is defined for users as shown here:

Role Name

Description

Data Access

Cost Accountant

Can manage cost transactions

To the cost organizations for which they're authorized

Warehouse Manager

Can manage inventory transactions

To the inventory organizations in which they operate

Many job and abstract roles are predefined in Oracle Fusion Cloud SCM.

  • Product Manager

  • Cost Accountant

  • Warehouse Manager

  • Supply Chain Controller

  • Receiving Agent

  • Shipping Manager

  • Inventory Manager

  • Order Manager

  • Product Design Manager

  • Product Portfolio Manager

These predefined roles are part of the Oracle Applications Cloud Security Reference Implementation. The Security Reference Implementation is a predefined set of security definitions that you can use as supplied. Also included in the Security Reference Implementation are roles that are common to all Oracle Applications Cloud, such as:

  • Application Implementation Consultant

  • IT Security Manager

Examples of Role Types

This example shows different types of roles.

Abstract Role

Job Roles

Duty Role

Procurement Requester

Cost Accountant (with data scope of US Operations)

Warehouse Manager

Inventory Balances Management Duty

Duty roles are associated with function security privileges and data security policies. For example, the Inventory Balances Management Duty is associated with six function security privileges and two data security policies, as illustrated in the following list.

  • These function security privileges secure the respective pages:

    • Manage On-Hand Quantity

    • Request Item Issue

    • Request Subinventory Transfer

    • Request Cycle Count

    • Manage Material Status

    • Edit Lot Grade

  • The data security policy On-Hand Quantity Data determines the inventory organizations in which the users with this duty role can manage On Hand Quantity.

    The data security policy Expected Supply Data determines the inventory organizations in which the users with this duty role can manage the expected Supply.

    For example, an Inventory Manager who's assigned the Inventory Balances Management Duty role for On Hand Quantity and has the data security privilege Manage On-Hand Quantity Data can manage on-hand quantity for the inventory organization in which the set of users operate.

Example of Role Inheritance

One of the duties that a Product Manager performs is managing items. So, the Product Manager job role inherits the Item Management Duty, which is granted the Manage Item privilege. In reality, the Product Manager job role inherits many duty roles, each of which is typically granted multiple security privileges.