3.1 Managing User Administration

This section allows you to create, map, and authorize users defining a security framework which has the ability to restrict access to the respective BD applications.

Managing Identity and Authorization

This section explains how to create a user and provide access to BD applications. The following figure shows the process flow of identity management and authorization:

Figure 3-1 Managing Identity and Authorization Process Flow


Description of Figure 3-1 follows
Description of "Figure 3-1 Managing Identity and Authorization Process Flow"

The following table lists the various actions and associated descriptions of the user administration process flow:

Table 3-3 Administration Process Flow

Action Description
Creating and Authorizing Users and User Groups Create a user. This involves providing a user name, user designation, and the dates between which the user is active in the system.
Mapping Users with User Groups Map a user to a user group. This enables the user to have certain privileges that the mapped user group has.

Creating and Authorizing Users and User Groups

The SYSADMN and SYSAUTH roles can be provided to users in the BD application. User and role associations are established using Security Management System (SMS) and are stored in the config schema. User security attribute associations are defined using Security Attribute Administration.

For more information on creating and authorizing a user, see the Oracle Financial Services Analytical Applications Infrastructure User Guide.

Mapping Users with User Groups

This section explains how to map Users and User Groups. With this, the user will have access to the privileges as per the role. The SYSADMN user maps a user to a user group in the BD application. The following table describes the predefined Alert Viewer User Roles and corresponding User Groups.

Table 3-4 Alert Viewer (AM) Roles and User Groups

Role Group Name User Group Code
Alert Viewer Alert Viewer User Group ALERTVIEWERGRP
AM Scenario Group AM Scenario Group User Group AMDATAMNRGRP
Alert Viewer Administrator Mantas Administrator User Group AMMANADMNGR
The following table describes the KYC and FATCA Case Management User Roles and corresponding User Groups.

Table 3-5 FATCA Case Management Roles and User Groups

Role Group Name User Group Code
KYC Relationship Manager KYC Relationship Manager User Group CMKYCRMUG
KYC Supervisor KYC Investigator User Group CMKYCINVSTGTRUG
KYC Analyst KYC Analyst User Group CMKYCANALYSTUG
KYC Administrator KYC Administrator User Group KYCADMNGRP
FATCA Supervisor FATCA Supervisor User Group FTCASUPERVISRUG
FATCA Analyst FATCA Analyst User Group FTCAANALYSTUG
FATCA Auditor FATCA Auditor User Group FTCAAUDITORUG
FATCA Administrator FATCA Admin User Group FTCAADMINUG
The following table describes the Watch List User Roles and corresponding User Groups.

Table 3-6 Watch List Roles and User Groups

Role Group Name User Group Code
Watch List Supervisor Watchlist Supervisor Group WLSUPERVISORUG

If you want to change the user group mapping for users who are already mapped to one or more groups, you must deselect the preferences for the Home page if it has been set. To change the preferences, follow these steps:

  1. In the Home page, click the user name. A drop-down list appears.
  2. Click Preferences. The Preferences page appears.
  3. Select the appropriate Property Value.
  4. ClickSave.

Users should not be mapped to both the CR Supervisor/Analyst role and IP Manager/Manager Supervisor role. The only acceptable role combinations for a user are the Employee role and one of the following four roles:

  • CR Supervisor
  • CR Analyst
  • IP Manager
  • Manager Supervisor

The maximum role combinations should be limited to two. For more information on mapping User with User Groups, see Oracle Financial Services Analytical Applications Infrastructure User Guide.

For any customized user group creation and user group-role mapping, see Appendix C, User Administration.