Candidate Pool Security Details

Candidate pool security is based on ownership. When you create a candidate pool, the pool is set to Private by default. But the pool owner can grant other users access to the pool content.

To support data security for candidate pools and allow some roles to view, report, or select all pools, an aggregate privilege is available: Manage Candidate Pool (IRC_MANAGE_CANDIDATE_POOL). This aggregate privilege contains both the functional privilege and the data privilege. 

You organization might need to give some specific people a super-user access to candidate pools so that they can perform any action related to any candidate pools, though the person isn’t an owner of the candidate pool.

As an IT Security Manager, you can grant access to all pools through data security using the Security Console for managing, selecting, or reporting candidate pools.

• Security business object: Candidate Pool
• Aggregate privilege: Manage Candidate Pool (ORA_IRC_MANAGE_CANDIDATE_POOL)
• Data privilege: Manage Candidate Pool Data (IRC_MANAGE_CANDIDATE_POOL_DATA)
• Data privilege: Choose Candidate Pool Data (IRC_CHOOSE_CANDIDATE_POOL_DATA)
• Data privilege: Report Candidate Pool Data (IRC_REPORT_CANDIDATE_POOL_DATA)

Using the Security Console, edit the data role to which you want to grant full access to candidate pools and create a new data security policy. In the Create Data Security Policy, configure the fields as follows:

• Data Resource: Select Candidate Pool as the business object.
• Data Set: Select All values for the data set.
• Actions: Select the actions you want: Choose Candidate Pool, Manage Candidate Pool, Report Candidate Pool.