Professional Documents
Culture Documents
For Oracle employees and authorized partners only. Do not distribute to third parties.
1-1
3
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
1-4
Agenda
Job Roles and Duty Roles
HCM security management data stores
Regenerating data roles
5
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Learning Objectives
At the end of this lesson you should be able to:
Describe Job Roles and Duty Roles
Understand HCM security management data stores
Explain regenerating data roles
6
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Section 1:
7
For Oracle employees and authorized partners only. Do not distribute to third parties.
1-7
8
For Oracle employees and authorized partners only. Do not distribute to third parties.
1-8
What
Which Data
Line Managers
Can create
performance
document
Employees
For themselves
Payroll Managers
For specified
payrolls
Human Resource
Specialists
Can transfer
employees
For specified
countries
9
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Types of Roles
Abstract Role
Data Role
Job Role
Duty Role
Assigned directly
to the users
Assigned directly
to the users
Not assigned
directly to the
users
Not assigned
directly to the
users
e.g. Employee,
Line Manager
and Contingent
Worker
e.g.
HRSpecialist_View
All, Payroll
Administrator US
Dept1 etc
e.g. Payroll
Administrator ,
Compensation
Analyst etc
Security privileges
attached
functional
privileges and
data privileges
10
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Types of Roles
Abstract Role
Abstract roles define a worker's role in the enterprise
independently of the job that the worker is hired to do.
11
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Types of Roles
Data Role
Data role allows a user to access a set of workers/organizations
for a given task
12
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Types of Roles
Data Role (Security Profiles)
Security profiles are used to create data roles
13
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Types of Roles
Job Role
A job role provides the access to a set of tasks that a worker
is hired to perform
14
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Types of Roles
Duty Role
A duty role represent
the individual duties
that users with those
job or abstract roles
can perform. Duty
roles are inherited by
job and abstract roles;
they can also be
inherited by other duty
roles
15
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
16
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
17
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
18
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
19
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
20
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
21
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
22
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
23
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
24
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
25
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 25
26
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 26
27
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 27
28
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 28
29
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 29
30
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 30
31
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 31
32
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 32
33
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 33
34
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
4
35
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
1
36
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
37
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Section 2:
38
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 38
39
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Section 3:
40
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 40
41
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
42
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
Module Review
43
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 43
Key Points
Job roles represent the jobs into which users are hired
Users are directly assigned to abstract roles, but they
are not directly assigned to job roles
Abstract and job roles inherit many duty roles
Oracle Identity Manager (OIM) maintains user accounts
in the Oracle Fusion Applications Identity Store
Duty roles are created in Authorization Policy Manager
(APM) and stored in the Policy Store, along with
function security policies
Regenerating a role causes all its data security policies
to be updated based on changes to its role hierarchy
44
For Oracle employees and authorized partners only. Do not distribute to third parties.
2013 Oracle Corporation Proprietary and Confidential
45
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 45
46
For Oracle employees and authorized partners only. Do not distribute to third parties.
1 - 46