Defining which records and information users can access is fundamental to HRMS security.
As part of your implementation plan, you identify who will use Oracle HRMS, what information they require, and how they use it. You can control a user's access to database elements such as records, fields, forms, and functions, and you can also control a user's access to other user records and data.
All Oracle Applications users access the system through a responsibility that is linked to a security group and a security profile. The responsibility is the primary means of defining security. The security group determines which business group the user can access. The security profile determines which records (related to organizations, positions and payrolls) the user can access within the business group. For example, you can restrict a manager's security permissions so that the manager can only access the person records for those employees and workers within a supervisor hierarchy. This restriction enables secure, reliable data access and ensures that only people with the correct permissions can access personal data.
See: Responsibilities
In general, a user can only view the records for one business group at a time. However, depending on the value of the HR:Cross Business Group Profile option, you can view specific information across business groups. See: User Profiles
See also: Single and Multiple Business Groups
Within a business group you can control:
Who the user can access, using security profiles. You can restrict access by:
organization hierarchy
position hierarchy
supervisor hierarchy
payroll
supervisor assignment
You can also restrict access to specific person types, for example, employees, applicants, contingent workers, and, if you are using iRecruitment, candidates.
You can also create your own custom restrictions and combine them with the standard restrictions.
Note: You can configure the above security restrictions to be user-based. The application evaluates the security permissions dynamically for the user currently logged on to the system. User-based security profiles can be used by multiple employees which reduces set-up and administration tasks.
What the user can access. You control user access to specific functions using function security. You attach functions to menus which you then attach to responsibilities. By linking the functions to responsibilities, you can restrict which users can access particular functions, and on which menus the functions appear. By modifying the function parameter information, you can define how the function operates and processes information.
See: Menus
For more detailed information on security concepts, see: