Oracle SCM Cloud Security Reference for Supply Chain Planning. Release 13 (update 19A)

Transcription

1 Oracle SCM Cloud Security Reference for Supply Chain Planning Release 13 (update 19A)

2 Title and Copyright Information Oracle SCM Cloud Security Reference for Supply Chain Planning Release 13 (update 19A) Part Number F Copyright , Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. 2

3 This software or hardware and documentation may provide access to or information about content, products and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle. The business names used in this documentation are fictitious, and are not intended to identify any real companies currently or previously in existence. 3

4 Contents Preface...5 Introduction...7 What's New...10 Abstract Role: Contingent Worker...11 Role Hierarchy...11 Duties...13 Aggregate Privileges...14 Privileges...17 Data Security Policies...25 Privacy...40 Job Role: Demand and Supply Planner...41 Privileges...41 Abstract Role: Employee...42 Role Hierarchy...42 Duties...44 Aggregate Privileges...46 Privileges...49 Data Security Policies...57 Privacy...80 Abstract Role:...81 Role Hierarchy...81 Duties...83 Aggregate Privileges...84 Privileges...87 Data Security Policies...92 Job Role: Materials Planner Role Hierarchy Duties Privileges Data Security Policies Job Role: Order Promising Manager Role Hierarchy Duties Privileges Data Security Policies Job Role: Supply Chain Planning Application Administrator 137 Role Hierarchy Duties Privileges Data Security Policies

5 Preface This preface introduces information sources that can help you use the application. Using Oracle Applications Using Applications Help Use Help icons to access help in the application. If you don't see any help icons on your page, click your user image or name in the global header and select Show Help Icons. Not all pages have help icons. You can also access Oracle Applications Help. Watch: This video tutorial shows you how to find help and use help features. You can also read Using Applications Help. Additional Resources Community: Use Oracle Cloud Customer Connect to get information from experts at Oracle, the partner community, and other users. Guides and Videos: Go to the Oracle Help Center to find guides and videos. Training: Take courses on Oracle Cloud from Oracle University. Conventions The following table explains the text conventions used in this guide. Convention boldface monospace Meaning Boldface type indicates user interface elements, navigation paths, or values you enter or select. Monospace type indicates file, folder, and directory names, code examples, commands, and URLs. > Greater than symbol separates elements in a navigation path. Documentation Accessibility For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website. Videos included in this guide are provided as a media alternative for text-based topics also available in this guide. Contacting Oracle Access to Oracle Support Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit My Oracle Support or visit Accessible Oracle Support if you are hearing impaired. Comments and Suggestions Please give us feedback about Oracle Applications Help and guides! You can send an e- 5

6 mail to: 6

7 Introduction Security Reference Guides describe the Oracle Fusion Applications security reference implementation. This guide includes descriptions of all the predefined data that is included in the security reference implementation for an offering. The reference implementation can be configured to fit divergent enterprise requirements. Security Reference Implementation The Oracle Fusion Applications security approach supports a reference implementation that addresses common business security needs and consists of roles and policies. Oracle Fusion Applications Security Reference Guides present the following information about the predefined security reference implementation. The abstract and job roles for an offering Duty roles and the role hierarchy for each job role and abstract role Privileges required to perform each duty defined by a duty role Data security policies for each job role, or abstract role Policies that protect personally identifiable information Data security policies on fact and dimension to ensure enforcement across tools and access methods For an overview and detailed information about the Oracle Fusion Applications security approach, including an explanation of role types, enforcement, and how to implement and administer security for your deployment, see your product security guide. How to Use this Security Reference Guide Enterprises address needs specific to their organization by changing or extending the role definitions, role hierarchies, and data security policies of the reference implementation. You may also be subject to specific legal, regulatory, and industry requirements. You are solely responsible for your adherence to these requirements when assigning roles, privileges and granting access for your enterprise. For each job or abstract role, review the duties, role hierarchy, and policies that it carries so you understand which users should be provisioned with the role, or which adjustments your enterprise requires before the role can be provisioned. Note: All information presented in this guide can be accessed in the various user interface pages of Oracle Fusion Applications provided for security setup, implementation changes, and administration. The advantage of reviewing the 7

8 security reference implementation as it is presented in this guide is that you can more easily compare and plan your configurations. Tip: From the entitlement of a role as expressed by privileges, you can deduce the function security enforced by a role. If your enterprise needs certain functions removed from access by certain roles, a copy must be made to configure the data security policies or duties carried by the role. Review the data security policies conferred on job roles by their inherited duty roles. Review the privacy in effect for a job or abstract role based on its data security policies. Privacy is additionally protected by security components, as described in your product security guide. Caution: It's important that as you make changes to the security reference implementation for an Oracle Fusion Applications deployment, the predefined implementation as delivered remains available. Upgrade and maintenance patches to the security reference implementation preserve your changes to the implementation. 8

9 Offering: Value Chain Planning Configure your promising, sales and operations planning, and integrated demand and supply planning processes to plan and collaborate across your entire supply chain. This guide describes the security reference implementation for the Value Chain Planning offering. There is a set of common roles that are required to set up and administer an offering. For information about these common roles, see the Oracle Fusion Applications Common Security Reference Guide. 9

10 What's New This release of the offering includes new Job and Abstract roles, Duties, Aggregate Privileges and Privileges. 10

11 Abstract Role: Contingent Worker Identifies the person as a contingent worker. Role Hierarchy This table lists the roles inherited directly and indirectly by the abstract role Contingent Worker. Contingent Worker Access Family and Emergency Contacts by Worker Access Person Contact Information by Worker Access Person Extra Information by Worker Access Person Gallery Access Person Identification Information by Worker Access Personal Details by Worker Access Portrait Payslip Access Portrait Personal Payment Method Attachments User CRM Stage Write Business Intelligence Consumer Change Person Address Change Person Marital Status Compare HCM Information Edit Person Career Planning Edit Person Skills and Qualifications Employee Enrollment Expense Entry Business Intelligence Consumer Payee Bank Account FSCM Load Interface Administration Transaction Entry with Budgetary Control Business Intelligence Consumer Maintain Absence Records Manage Availability Patterns Manage Development Goal by Worker Manage My Account Manage Onboarding by Worker Manage Performance Goal by Worker Manage Person Citizenship Manage Person Contact Details Manage Person Disability by Worker Manage Person Documentation by Worker Manage Person Driver License Manage Person Ethnicity Manage Person Extra Information by Worker Manage Person Image 11

12 Manage Person Legislative Manage Person Name Manage Person National Identifier Manage Person Passport Manage Person Religion Manage Person Visa or Permit Manage Personal Compensation Manage Worker Information Sharing Performance Worker Create Anytime Performance Document Manage Check-In Document Request Feedback View Performance Summary View Requested Feedback Person Communication Methods Person Communication Methods View Portrait Benefits Portrait Current and Completed Tasks Print Worker Portrait Procurement Requester Business Intelligence Applications Worker Payables Invoice Inquiry Receiving Requester Item Inquiry Requisition Self Service User Requisition Viewing Payables Invoice Inquiry Transaction Entry with Budgetary Control Business Intelligence Consumer Project Time Entry Mobile Use REST Service - Time Record Events Use REST Service - Time Record Groups Read Only Use REST Service - Time Records Read Only Share Personal Data Access Share Personal Information Social Connection Worker Submit Resignation Time and Labor Worker Worker Time Card Entry Use REST Service - HCM Countries List of Values Use REST Service - HR Document Types List of Values Use User Details Service View Accrual Type Absence Plan Balance View Compensation Details for Worker View Development Goal by Worker View Eligible Jobs View Employment Information Summary View Person Address View Person Citizenship 12

13 View Person Disability by Worker View Person Driver License View Person Ethnicity View Person Legislative View Person Name View Person National Identifier View Person Passport View Person Religion View Person Visa or Permit View Portrait Availability Card View Portrait Contact Card View Portrait Personal Information Card View Portrait User Account Details Card View Secured Help Content View Total Compensation Statements View Worker Assignment History Details View Worker Contract Workers List of Values REST Service Data Security Policies Workforce Profile Worker Duties This table lists the duties assigned directly and indirectly to the abstract role Contingent Worker. Duty Role Attachments User Business Intelligence Authoring Business Intelligence Consumer CRM Stage Write Employee Enrollment Expense Entry FSCM Load Interface Administration Item Inquiry Payables Invoice Inquiry Payee Bank Account Performance Worker Description UCM application role for access to attachments using the integrated user interface or the standalone product. An author of Business Intellgence reports as presented in the web catalog. The role allows authoring within Business Intellgence Applications, Business Intelligence Publisher, Real Time Decisions, Enterprise Performance and Business Intelligence Office. A role required to allow reporting from Business Intellgence Applications, Business Intelligence Publisher, Real Time Decisions, Enterprise Performance and Business Intelligence Office. This role allow you to run reports from the web catalog but it will not allow a report to be authored from a subject area. Allows uploading CRM content to stage area on content server Manages employee enrollments. Creates and updates expense items and expense reports. Manages load interface file for import Queries and views items in the enterprise. Views Oracle Fusion Payables invoices. Manages supplier bank accounts and other payment details. Adds content to rate to performance document and evaluates self. 13

14 Duty Role Person Communication Methods Person Communication Methods View Portrait Current and Completed Tasks Project Time Entry Mobile Receiving Requester Requisition Self Service User Requisition Viewing Social Connection Worker Time and Labor Worker Transaction Entry with Budgetary Control Use REST Service - HR Document Types List of Values View Secured Help Content Worker Time Card Entry Workers List of Values REST Service Data Security Policies Workforce Profile Worker Aggregate Privileges Description Grants access to the employee, contingent worker and Human Resource Specialist to manage the phones, s and other communication methods in the portrait. Grants access to the employee, contingent worker and Human Resource Specialist to view the phones, s and other communication methods in the portrait. Grants access to the current and completed tasks card in the portrait, which includes HCM worklist tasks and user provisioning requests. Allows the user to report time and manage time cards on mobile device. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. View requisition and associated documents. Performs all Oracle Fusion Social Connection employee duties. Reports time as a worker. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Delivers data security policies for use with the HR Document Types list of values REST service. Views help content that was added or edited, containing the security lookup value Secured. Reports time by time card, as a worker. Delivers data security policies for use with the Workers list of values REST service. Performs workforce duties as an employee or contingent worker. This table lists aggregate privileges assigned directly and indirectly to the abstract role Contingent Worker. Aggregate Privilege Access Family and Emergency Contacts by Worker Access Person Contact Information by Worker Access Person Extra Information by Worker Access Person Gallery Access Person Identification Information by Worker Description Grants access to persons to view their own contacts. Allows access to Person contact information such as phones, s, other communication accounts, and addresses. Allows access to a person's extensible flexfields. Searches worker deferred data and views the portrait page. Allows access to Person documents such as citizenship, passport, visa and permits, and driver licenses. 14

15 Aggregate Privilege Access Personal Details by Worker Access Portrait Payslip Access Portrait Personal Payment Method Change Person Address Change Person Marital Status Compare HCM Information Create Anytime Performance Document Edit Person Career Planning Edit Person Skills and Qualifications Maintain Absence Records Manage Availability Patterns Manage Check-In Document Manage Development Goal by Worker Manage My Account Manage Onboarding by Worker Manage Performance Goal by Worker Manage Person Citizenship Manage Person Contact Details Manage Person Disability by Worker Manage Person Documentation by Worker Manage Person Driver License Manage Person Ethnicity Manage Person Extra Information by Worker Manage Person Image Manage Person Legislative Manage Person Name Manage Person National Identifier Manage Person Passport Manage Person Religion Manage Person Visa or Permit Description Allows access to Person Information such as such as name, national identifier, biographical, demographic, and disability information. Grants access to a person's own payslip in the portrait. Grants access to a person's payment methods in the portrait. Grants access to persons to manage their own address data. Grants access to a person to manage their own marital status and related data. Compares workers, jobs, positions, and any combinations of these objects. Allows creation of anytime performance documents Allows editing the Person Career Planning. Allows editing the Person Skills and Qualifications. Allows workers to enter, update and delete their absence records. Allows users to create, delete, and update availability patterns. Allows to create, view, edit and delete check-in document. Manages worker's own development goals. Manages worker roles. Allows worker to complete the onboarding tasks. Manages worker's own performance goals. Grants access to persons to manage their own citizenship. Allows management of a person's contacts. Allows worker to manage their own disability information. Grants access to persons to manage their own document data. Grants access to persons to manage their own driver licenses. Grants access to persons to manage their own ethnicity. Allows access to a person's extensible flexfields. Manages Person Image Grants access to persons to manage their own legislative information. Maintains persons' name related attributes. Grants access to persons to manage their own national identifier. Grants access to persons to manage their own passports. Grants access to persons to manage their own religion. Grants access to persons to manage their own 15

16 Aggregate Privilege Manage Personal Compensation Manage Worker Information Sharing Portrait Benefits Print Worker Portrait Request Feedback Share Personal Data Access Share Personal Information Submit Resignation Use REST Service - HCM Countries List of Values Use REST Service - Time Record Events Use REST Service - Time Record Groups Read Only Use REST Service - Time Records Read Only Use User Details Service View Accrual Type Absence Plan Balance View Compensation Details for Worker View Development Goal by Worker View Eligible Jobs View Employment Information Summary View Performance Summary View Person Address View Person Citizenship View Person Disability by Worker View Person Driver License View Person Ethnicity View Person Legislative View Person Name View Person National Identifier View Person Passport Description visas and permits. Manages contributions made toward savings and contribution type plans. Allows sharing of person information with internal and external recipients. Used in the non-responsive UI. Views benefits data for a worker in the portrait. Grants access to the portrait maintenance duties for the portrait cards. Allows to request feedback Allows sharing of access to personal data. Allows sharing of personal information. Allows worker to submit their own resignation. Allows the user to call the GET method associated with the HCM Countries list of values REST Service. Allows users to call all methods on time record events associated with the time records REST service. Allows users to call the GET method on time record groups associated with the time records REST service. Allows users to call the GET method on time records associated with the time records REST service. Creates or updates users during person synchronizations. Allows workers to view balances of the accrual type absence plans. Views compensation data for a worker. View worker's own development goals. Allows viewing of eligible jobs for relief in higher class. Grants access to view a worker's employment information summary. Allows viewing of workers performance summary information. Grants access to persons to view their own address data. Grants access to persons to view their own citizenship. Allows access to a person's disability information. Grants access to persons to view their own driver licenses. Grants access to persons to view their own ethnicity. Grants access to persons to view their own legislative information. Views persons' name related attributes. Grants access to persons to view national identifier. Grants access to persons to view their own 16

17 Aggregate Privilege View Person Religion View Person Visa or Permit View Portrait Availability Card View Portrait Contact Card View Portrait Personal Information Card View Portrait User Account Details Card View Requested Feedback View Total Compensation Statements View Worker Assignment History Details View Worker Contract Description passports. Grants access to persons to view their own religion. Grants access to persons to view their own visas and permits. Grants access to the availability card in the portrait, which includes schedule, absence, and accrual information. Grants access to view the contact card in the portrait, which includes phone number, , other communication methods, work location information, manager, directs and peers. Grants access to a person's own personal and employment information in the portrait. Views the User Account Details card in the Person Gallery. Allows workers and line managers to view requested feedback Views generated total compensation statements for individuals within their security. Allows viewing of worker's assignment history details. Allows viewing of worker contracts. Privileges This table lists privileges granted to duties of the abstract role Contingent Worker. Granted Role Granted Role Description Privilege Contingent Worker Identifies the person as a contingent worker. Absence Entry Using Calendar Contingent Worker Identifies the person as a contingent Access Competition Page worker. Contingent Worker Identifies the person as a contingent worker. Access FUSE Directory Page Contingent Worker Identifies the person as a contingent worker. Access FUSE Performance and Career Planning Page Contingent Worker Identifies the person as a contingent worker. Access FUSE Personal Information Page Contingent Worker Identifies the person as a contingent worker. Access HCM Common Components Contingent Worker Identifies the person as a contingent worker. Access Internal Candidate Experience Contingent Worker Identifies the person as a contingent worker. Access Knowledge from HCM Contingent Worker Identifies the person as a contingent worker. Access My Career and Performance Contingent Worker Identifies the person as a contingent Access My Pay worker. Contingent Worker Identifies the person as a contingent worker. Access Quick Actions 17

18 Granted Role Granted Role Description Privilege Contingent Worker Identifies the person as a contingent Approve Transactions worker. Contingent Worker Identifies the person as a contingent worker. Create Service Request from HCM Contingent Worker Identifies the person as a contingent worker. Launch Oracle Social Network Contingent Worker Identifies the person as a contingent worker. Manage Development Goal Contingent Worker Identifies the person as a contingent worker. Manage Favorite Colleagues Contingent Worker Identifies the person as a contingent worker. Manage Goal Notifications Contingent Worker Identifies the person as a contingent Manage Mentorship worker. Contingent Worker Identifies the person as a contingent worker. Manage My Portrait Work Area Contingent Worker Identifies the person as a contingent worker. Manage Performance Goal Contingent Worker Identifies the person as a contingent worker. Manage Person Allocated Checklist by Worker Contingent Worker Identifies the person as a contingent worker. Manage Reputation Overview Contingent Worker Identifies the person as a contingent worker. Manage Reputation Scores Contingent Worker Identifies the person as a contingent Manage Social Roles worker. Contingent Worker Identifies the person as a contingent worker. Report Time by Web Clock Contingent Worker Identifies the person as a contingent worker. Run Talent Profile Summary Report Contingent Worker Identifies the person as a contingent worker. Use REST Service - Content Items List of Contingent Worker Contingent Worker Contingent Worker Contingent Worker Identifies the person as a contingent worker. Identifies the person as a contingent worker. Identifies the person as a contingent worker. Identifies the person as a contingent worker. Values Use REST Service - Model Profiles List of Values Use REST Service - Shared Performance Goals List of Values Use REST Service - Time Card Lists of Values Use REST Service - Users and Roles Lists of Values Contingent Worker Identifies the person as a contingent worker. Use REST Service - Workers List of Values Contingent Worker Identifies the person as a contingent worker. Validate Project Time and Labor Time Card Contingent Worker Identifies the person as a contingent View Calendar by Worker worker. Contingent Worker Identifies the person as a contingent View Notification Details worker. Contingent Worker Identifies the person as a contingent View Performance Goal 18

19 Granted Role Granted Role Description Privilege worker. Contingent Worker Identifies the person as a contingent worker. View Team Schedule by Worker Contingent Worker Identifies the person as a contingent View Time by Calendar worker. Contingent Worker Identifies the person as a contingent worker. Workforce Reputation Subscription User Employee Enrollment Manages employee enrollments. Define Benefit Participant Enrollment Result Employee Enrollment Manages employee enrollments. Elect Benefits Employee Enrollment Manages employee enrollments. Maintain Plan Beneficiary Designation Employee Enrollment Manages employee enrollments. Maintain Primary Care Provider Employee Enrollment Manages employee enrollments. Review Benefit Participant Enrollment Result Expense Entry Creates and updates expense items and expense reports. Manage Bank Account for Expense Reimbursement Expense Entry Creates and updates expense items Manage Expense Report and expense reports. Expense Entry Creates and updates expense items and expense reports. Review Expense Reimbursement FSCM Load Interface Administration Manages load interface file for import Access FSCM Integration Rest Service FSCM Load Interface Manages load interface file for import Load File to Interface Administration FSCM Load Interface Administration Manages load interface file for import Load Interface File for Import FSCM Load Interface Administration Manages load interface file for import Manage File Import and Export FSCM Load Interface Manages load interface file for import Transfer File Administration Item Inquiry Queries and views items in the Create Trading Partner enterprise. Item Inquiry Queries and views items in the Manage Item Attachment enterprise. Item Inquiry Queries and views items in the Manage Item Catalog enterprise. Item Inquiry Queries and views items in the enterprise. Manage Item Global Search Item Inquiry Queries and views items in the enterprise. Manage Trading Partner Item Reference Item Inquiry Queries and views items in the View Item enterprise. Item Inquiry Queries and views items in the enterprise. View Item Organization Association Item Inquiry Queries and views items in the View Item Relationship enterprise. Payables Invoice Inquiry Views Oracle Fusion Payables invoices. Manage Payables Invoices Payables Invoice Inquiry Views Oracle Fusion Payables invoices. View Payables Invoice 19

20 Granted Role Granted Role Description Privilege Payee Bank Account Manages supplier bank accounts and other payment details. Import Supplier Bank Accounts Payee Bank Account Manages supplier bank accounts and other payment details. Manage External Payee Payment Details Payee Bank Account Manages supplier bank accounts and other payment details. Manage Payment Instrument Assignment Payee Bank Account Manages supplier bank accounts and other payment details. Manage Third Party Bank Account Payee Bank Account Manages supplier bank accounts and other payment details. View Third Party Bank Account Performance Worker Adds content to rate to performance document and evaluates self. Create Performance Document by Worker Performance Worker Adds content to rate to performance document and evaluates self. Print Performance Document Performance Worker Adds content to rate to performance document and evaluates self. Provide Performance Evaluation Feedback Performance Worker Adds content to rate to performance document and evaluates self. Select Feedback Participants Performance Worker Adds content to rate to performance document and evaluates self. Track Participant Feedback Status Performance Worker Adds content to rate to performance document and evaluates self. View Performance Information on Worker Person Communication Methods Person Communication Methods Person Communication Methods Person Communication Methods View Person Communication Methods View Grants access to the employee, contingent worker and Human Resource Specialist to manage the phones, s and other communication methods in the portrait. Grants access to the employee, contingent worker and Human Resource Specialist to manage the phones, s and other communication methods in the portrait. Grants access to the employee, contingent worker and Human Resource Specialist to manage the phones, s and other communication methods in the portrait. Grants access to the employee, contingent worker and Human Resource Specialist to view the phones, s and other communication methods in the portrait. Grants access to the employee, contingent worker and Human Resource Specialist to view the phones, s and other communication methods in the portrait. 20 Dashboard Manage Person Communication Method Manage Person Manage Person Phone Manage Person Communication Method Manage Person Person Communication Grants access to the employee, Manage Person Phone

21 Granted Role Granted Role Description Privilege Methods View contingent worker and Human Resource Specialist to view the phones, s and other communication methods in the portrait. Procurement Requester Prepares requisitions for. Cancel Purchase Order as Procurement Requester Procurement Requester Prepares requisitions for. Change Purchase Order as Procurement Requester Project Time Entry Mobile Allows the user to report time and manage time cards on mobile device. Report Time for Project Tasks Project Time Entry Mobile Allows the user to report time and manage time cards on mobile device. View Project Expenditure Types Service Project Time Entry Mobile Allows the user to report time and View Project Financial Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Receiving Requester Requisition Self Service User manage time cards on mobile device. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Allows a requester in Oracle Fusion iprocurement to receive items, correct receipts, and return receipts. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with 21 Tasks Service Correct Self-Service Receiving Receipt Create Self-Service Receiving Receipt Manage Inventory Transfer Order Manage Self-Service Receiving Receipt Return Monitor Self-Service Receiving Receipt Work Area Review Inbound Shipment Details Review Receiving Receipt Summary Review Self-Service Receiving Receipt View Purchase Order View Receiving Receipt Notification View Requisition Create Requisition for Internal Material Transfers

22 Granted Role Granted Role Description Privilege one-time locations, and changing deliver-to locations on requisition lines. Requisition Self Service User Requisition Self Service User Requisition Self Service User Requisition Self Service User Requisition Self Service User Requisition Self Service User Requisition Self Service User Requisition Self Service User Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Manages requisitions including creating, searching, and viewing 22 Create Requisition with Changes to Deliver-to Location Create Requisition with Noncatalog Requests Create Requisition with One Time Location Get Internal Transfer Requesting Organization Price Manage Inventory Transfer Order Manage Requisition Submit Requisition with One Click View Requisition

23 Granted Role Granted Role Description Privilege requisitions, creating noncatalog requests, creating requisitions with one-time locations, and changing deliver-to locations on requisition lines. Requisition Viewing View requisition and associated documents. Review Inbound Shipment Details Requisition Viewing View requisition and associated documents. Review Receiving Transaction History Requisition Viewing View requisition and associated documents. View Purchase Order as Procurement Requester Requisition Viewing View requisition and associated View Requisition documents. Requisition Viewing View requisition and associated View Supplier Negotiation documents. Social Connection Worker Performs all Oracle Fusion Social Connection employee duties. Add Someone to Social Group Social Connection Worker Performs all Oracle Fusion Social Create Social Group Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Invite Social Connection Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Connection employee duties. Invite Someone to Social Group Social Connection Worker Performs all Oracle Fusion Social Link Social Group Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Manage Kudos Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Manage Message Board Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Connection employee duties. Manage Social Bookmarks Social Connection Worker Performs all Oracle Fusion Social Connection employee duties. Manage Social Connections Social Connection Worker Performs all Oracle Fusion Social Manage Social Group Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Connection employee duties. Manage Social Selfdescriptive Information Social Connection Worker Performs all Oracle Fusion Social Unlink Social Group Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social View Activity Stream Connection employee duties. Social Connection Worker Performs all Oracle Fusion Social Connection employee duties. View Related Social Groups Time and Labor Worker Reports time as a worker. Access Time Work Area Time and Labor Worker Reports time as a worker. Report Time by Calendar Time and Labor Worker Reports time as a worker. View Calendar by Worker Time and Labor Worker Reports time as a worker. View Team Schedule by Worker Time and Labor Worker Reports time as a worker. View Time by Calendar Transaction Entry with Budgetary Control Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Check Funds 23

24 Granted Role Granted Role Description Privilege Transaction Entry with Budgetary Control Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, Reserve Funds Transaction Entry with Budgetary Control Transaction Entry with Budgetary Control Transaction Entry with Budgetary Control Transaction Entry with Budgetary Control Transaction Entry with Budgetary Control Transaction Entry with Budgetary Control Use REST Service - HR Document Types List of Values Worker Time Card Entry Worker Time Card Entry Worker Time Card Entry Workforce Profile Worker Workforce Profile Worker Workforce Profile Worker Workforce Profile Worker Workforce Profile Worker Workforce Profile Worker Workforce Profile Worker such as accounts payable manager. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Manages the budgetary control tasks by job roles who perform transactions that are subject to budgetary control, such as accounts payable manager. Delivers data security policies for use with the HR Document Types list of values REST service. Reports time by time card, as a worker. Reports time by time card, as a worker. Reports time by time card, as a worker. Performs workforce duties as an employee or contingent worker. Performs workforce duties as an employee or contingent worker. Performs workforce duties as an employee or contingent worker. Performs workforce duties as an employee or contingent worker. Performs workforce duties as an employee or contingent worker. Performs workforce duties as an employee or contingent worker. Performs workforce duties as an employee or contingent worker. Review Budget Impact Review Budget Period Statuses Review Budgetary Control Balances Review Budgetary Control Transactions Transfer Budget Balances to Budget Cubes Continuously View Funds Available Balances Use REST Service - HR Document Types List of Values Create Time Card Manage Time Cards by Worker Search Time Cards Define Talent Profile Define Talent Profile Item Manage Person Talent Profile Manage Talent Profile Interest List Match Talent Profile Update Talent Profile Item View Talent Profile 24

25 Data Security Policies This table lists data security policies and their enforcement across analytics application for the abstract role Contingent Worker. Business Object Policy Description Policy Store Implementation Application Attachment delete application attachment for the purchase order categories including miscellaneous, to supplier, to buyer, to receiver, to approver, and to payables Application Attachment Application Attachment Application Attachment Application Reference Territory Application Reference Territory Beneficiary Organization Benefit Covered Dependent read application attachment for the negotiation categories including miscellaneous, to approver, to buyer, to payables, to receiver, and to supplier read application attachment for the purchase order categories including document, miscellaneous, to supplier, to buyer, to receiver, to approver, and to payables update application attachment for the purchase order categories including miscellaneous, to supplier, to buyer, to receiver, to approver, and to payables choose application reference territory for countries in their country choose application reference territory for countries in their country view worker benefits portrait card for view worker benefits portrait card for 25 Role: Procurement Requester Privilege: Delete Application Attachment Resource: Application Attachment Role: Procurement Requester Privilege: Read Application Attachment Resource: Application Attachment Role: Procurement Requester Privilege: Read Application Attachment Resource: Application Attachment Role: Procurement Requester Privilege: Update Application Attachment Resource: Application Attachment Role: Change Person Marital Status Privilege: Choose Application Reference Territory Resource: Application Reference Territory Role: Use REST Service - HCM Countries List of Values Privilege: Choose Application Reference Territory Resource: Application Reference Territory Role: Portrait Benefits Privilege: View Worker Benefits Portrait Card Resource: Beneficiary Organization Role: Portrait Benefits Privilege: View Worker Benefits Portrait Card Resource: Benefit Covered Dependent

26 Business Object Policy Description Policy Store Implementation Benefit Participant Enrollment Action Benefit Participant Enrollment Result Benefit Participant Enrollment Result Benefit Participant Enrollment Result Benefit Participant Rate Benefit Relation Cash Advance Approval Note Corporate Card Transaction Dispute Note Employment Contract Expense Expense Report Expense Report Approval Note HR Job Help Topic view worker benefits portrait card for report person for review benefit participant enrollment result for view worker benefits portrait card for view worker benefits portrait card for manage benefit relation for manage expense report approval note for manage expense for view worker contract for manage expense for manage expense report for manage expense report approval note for choose hr job for all jobs in the enterprise view secured help content 26 Role: Portrait Benefits Privilege: View Worker Benefits Portrait Card Resource: Benefit Participant Enrollment Action Role: Employee Enrollment Privilege: Report Person Resource: Benefit Participant Enrollment Result Role: Employee Enrollment Privilege: Review Benefit Participant Enrollment Result Resource: Benefit Participant Enrollment Result Role: Portrait Benefits Privilege: View Worker Benefits Portrait Card Resource: Benefit Participant Enrollment Result Role: Portrait Benefits Privilege: View Worker Benefits Portrait Card Resource: Benefit Participant Rate Role: Employee Enrollment Privilege: Manage Benefit Relation Resource: Benefit Relation Role: Expense Entry Privilege: Manage Expense Report Approval Note Resource: Cash Advance Approval Note Role: Expense Entry Privilege: Manage Expense Resource: Corporate Card Transaction Dispute Note Role: View Worker Contract Privilege: View Worker Contract Resource: Employment Contract Role: Expense Entry Privilege: Manage Expense Resource: Expense Role: Expense Entry Privilege: Manage Expense Report Resource: Expense Report Role: Expense Entry Privilege: Manage Expense Report Approval Note Resource: Expense Report Approval Note Role: Contingent Worker Privilege: Choose HR Job Resource: HR Job Role: View Secured Help Content Privilege: View Secured Help Content

27 Business Object Policy Description Policy Store Implementation for all secured help content Resource: Help Topic they are authorized Idea manage idea where they are a member of the idea team Role: Contingent Worker Privilege: Manage Product Idea Resource: Idea Idea Payment Card Performance Document Performance Feedback Request Performance Feedback Request Performance Goal Performance Goal Person Person Person Person Person review idea where they are a member of the idea team view employee credit card for any employee corporate cards in the enterprise view performance summary for request feedback for view requested feedback for people for whom feedback was requested by you or was shared with you manage performance goal by worker for view development goal by worker for change person address for change person marital status for compare person for manage worker public portrait for print worker portrait for 27 Role: Contingent Worker Privilege: Review Product Idea Resource: Idea Role: Payee Bank Account Privilege: View Employee Credit Card Resource: Payment Card Role: View Performance Summary Privilege: View Performance Summary Resource: Performance Document Role: Request Feedback Privilege: Request Feedback Resource: Performance Feedback Request Role: View Requested Feedback Privilege: View Requested Feedback Resource: Performance Feedback Request Role: Manage Performance Goal by Worker Privilege: Manage Performance Goal by Worker Resource: Performance Goal Role: View Development Goal by Worker Privilege: View Development Goal by Worker Resource: Performance Goal Role: Change Person Address Privilege: Change Person Address Resource: Person Role: Change Person Marital Status Privilege: Change Person Marital Status Resource: Person Role: Compare HCM Information Privilege: Compare Person Resource: Person Role: View Portrait Personal Information Card Privilege: Manage Worker Public Portrait Resource: Person Role: Print Worker Portrait Privilege: Print Worker Portrait Resource: Person Person Role: Contingent Worker

28 Business Object Policy Description Policy Store Implementation report person for Privilege: Report Person Resource: Person Person share worker information for Role: Manage Worker Information Sharing Privilege: Share Worker Information Person Person Person Person Person Absence Entry Person Absence Entry Person Address Person Address Person Address Person Assignment view worker availability portrait card for view worker current and completed tasks portrait card for persons and assignments in their person and assignment view worker current and completed tasks portrait card for view worker personal and employment portrait card for maintain self service absence record for people and assignments in their person and assignment maintain self service absence record for manage person private address details for view person address for view person address for choose person assignment for persons and assignments in their person and 28 Resource: Person Role: View Portrait Availability Card Privilege: View Worker Availability Portrait Card Resource: Person Role: Portrait Current and Completed Tasks Privilege: View Worker Current and Completed Tasks Portrait Card Resource: Person Role: Portrait Current and Completed Tasks Privilege: View Worker Current and Completed Tasks Portrait Card Resource: Person Role: View Portrait Personal Information Card Privilege: View Worker Personal and Employment Portrait Card Resource: Person Role: Maintain Absence Records Privilege: Maintain Self Service Absence Record Resource: Person Absence Entry Role: Maintain Absence Records Privilege: Maintain Self Service Absence Record Resource: Person Absence Entry Role: View Portrait Personal Information Card Privilege: Manage Person Private Address Details Resource: Person Address Role: View Person Address Privilege: View Person Address Resource: Person Address Role: View Portrait Personal Information Card Privilege: View Person Address Resource: Person Address Role: Contingent Worker Privilege: View Person Assignment Resource: Person Assignment