Security in Oracle HRMS controls the list of Employees that are visible to a given user from “Employee/Person Screen”.
Security in HRMS controls the list of Employees that are visible to a given user from “Employee/Person Screen”.
Why do we need security?
In oracle HRMS, most of the data must be secured under data protection act. Your date of birth is one such example. Plus also, it is not nice for a system to make salary information etc visible to everyone [just because they have access to responsibility]
In this article, I will discuss the Standard HRMS security model and at the end of this article, I will explain the alternate Security Model in Oracle HRMS.
The alternate Security Model is required to overcome the limitation of standard[basic]security model design..
From a Responsibility, I wish to show people that work in just IT department: How do I do it?
Firstly you must have an Organization Hierarchy in place, let's say that will have structure similar to below:-
"XX Passi-Corp Hierarchy" --Lets say this is the name of the Org Hierarchy.
XX Passi-Corp --Top level organization
---XX Finance
--XX Credit control
--XX debt manager
--XX customer relationship
--XX IT
--XX IT Technical
--XX IT Technical Support
--XX IT Development
--XX IT Functional Support
--XX IT Business analysts
Now lets assume you have an IT Head(overall), and also "IT Technical Head of Department".
You want to create a Responsibility from which only those people that work in following Departments can be queried.
XX IT Technical
XX IT Technical Support
XX IT Development
We will do the below steps to accomplish this business requirement:-
1. Define a Organization Hierarchy
2. Define a security Profile that is attached to node “XX IT Technical” of the Hierarchy
3. Attach this security profile as a profile option to our responsibility named “XX HRMS IT Technical Resp”
4. Run the concurrent program “Security List Maintenance”.
Now, I am going to explain the above steps :-
Step 1. Define a Organization Hierarchy
Step 2. Define a security Profile that is attached to node “XX IT Technical” of the Hierarchy
Step 3. Attach this security profile as a profile option to our responsibility named “XX HRMS IT Technical Resp”
Step 4. Run the concurrent program “Security List Maintenance”.
No screenshot needed here.
Now some notes :-
1. This article discussed the "Standard Security Model" in Oracle HRMS. In this security model, you will need to create One Responsibility per Security Profile. This is the limitation of this Security Model.
2. You can also create a Security Profile that uses a Custom Security via "SQL Statements". Alternately create a security model on Positions, Payroll etc [see screenshot for details]
3. The difference between PER_PEOPLE_F and PER_ALL_PEOPLE_F is that former is a view that filters on Security Profile [on the basis of logged in user/ responsibility ]
Whereas PER_ALL_PEOPLE_F is a table[no security filtration on table].
4. If you do not wish to use “Standard Security Model”, then you can use “Security Groups” feature.
For this you can set Profile Option “Enable Security Groups” to Yes.
Next, you can assign different Security Profiles to specific users [though for same Responsibility].
Hence you will be able to reuse the responsibility, and hence overcoming the limitation discussed as above.
Comments
you say that the person should see in the HRMS Person Data the employees that Belog to XX Credit control department. How is this possible since you assign to this person the profile that allows him to see only the employees in the XX IT Technical ?
many thanks,
Florin
you have a very good blog and I think that a comment from your part on this subject could help.
I modified a SIT for a person and then (after no more the 1 minute) I queryed the database with the following :
appsPROD.US.ORACLE.COM> select last_update_log in from PER_PERSON_ANAL YSES where person_id = 7366 and id_flex_num =50240;
LAST _UPDATE_LOGIN
--------------- --
2649370
appsPROD.US.ORACLE.COM> select * from FND_LOGINS where login_id =2649370;
no rows selected
appsPROD.US.ORACLE.COM>
How is it possible ?
thanks,
F lorin
How do we transfer employees between business groups? Can i transfer UK bg employee to India bg? what are the impact on his past data including other modules like financ, projects and crm
All of your articles help beginners to boost up their confidence levels. Thanx a lot for your service to IT field.
The screenshots in this documents and many other documents are not visible.
- per_people_v
- per_people_f
I caný find it. :(
Thanks.
I want to create the security profile as below.
The user wants to restrict users based on organization hierarchy. but with the exception of one organization say XX finance.
That means users attached to all other organization and their children should have restricted access except for XX finance and it's children.
Plea se note that I can't use Secuirty Groups enabled feature as employees get transferred every now and then.
Kindly suggest
Thanks in advance.
Indira
i would like to create a security profile with access to specified payrolls. i created the hr security profile and need to know why i must restrict the profile using system>profile in sysadmin. doesn't the security profile created in hrms work at restricting users?
RSS feed for comments to this post