You are on page 1of 3

Multi Org R12 (why Multi Org Access Control ???

)
You all know by now that Multi Org model in Oracle Release 12 will be changing !hey
call it Multi Org Access Control "hat is the reasons behind this change# and how this
will im$act you %t will also e&$lain to you how this will not im$act you at all 'i( you
don)t wish to use MOAC* Multi Org Access Control+
,or those that are not (amiliar with $re*Release12 multiorg model# you must read
-asics O( Multi Org !hat e&$lains how the current multi*org model (eature works# ie
$rior to Release 12
Business Reason for this change
*****************************************
,our years ago# a s.w consulting /rm was tasked to design a 0ayables %n1oice
scanning $rocess that had (ollowing re2uirements (or a client3*
1. !he client had 144s o( legal entities and organi5ation units
2. !hey wanted to recei1e all $a$er $ayables in1oices at a central location
67ecti1ely# they would ha1e a single Address where in1oices (or all the 8egal
6ntities.O$erating 9nits were recei1ed
3. All the in1oices would be scanned at that central location
4. !he scanned images were then $laced in a 2ueue that were then keyed(ty$ed)
into the system by -angalore !eam(their shared ser1ice
centre)
Here lies the issue:-
**************************
:canned %n1oices had ;o be /rst sorted $er o$erating unit

Why? -ecause# there was a di7erent <0ayables Clerk< res$onsibility (or each
o$erating unit !he $oor clerk had to switch responsibility de$ending u$on which
o$erating unit the in1oice was being entered against Also it will ne1er be $ossible to
(orce all your su$$liers to $ost their in1oices to =M8 >ateway ?ence clerk had to
ensure that each $a$er in1oice is coded.entered into the right organi5ation.o$erating
unit
How does Oracle Release 12 coe to the rescue here?
%n R12# the clerk will no longer be a <$oor clerk<# because they will no longer need to
kee$ changing the res$onsibility (or di7erent legal entities ?ere lies the strength in
the design o( Oracle Release12# it caters to the need o( :hared :er1ice solution
!oes this ean the "aya#les cler$ res"onsi#ility will ha%e access to all the
o"erating units?
!his is $ossible now in R12 i( that)s what your business needs You can assign a node
o( organi5ation hierarchy or a list o( o$erating units to your res$onsibility 67ecti1ely#
you are now able to assign multi$le o$erating units to a single res$onsibility !his is
made $ossible either through Organi5ation ?ierarchy or by an Organi5ation 8ist
&his sounds %ery uch li$e HR 'ecurity (ro)les as we saw in lin$ Oracle
?RM: :ecurity 0ro/les ?
!rue# in (act Oracle Release12 multi*org model uses :ecurity $ro/les (so % am told)
Read this linked article abo1e to get your conce$ts on ?RM: security $ro/le clear
!oes this ean* a security "ro)le will #e attached to res"onsi#ility as
"ro)le o"tion?
Correct
What if + don,t wish to i"leent this enhanced feature? Will this #rea$ y
e-isting ulti org setu"?
Oracle is great when it comes to u$grades 9nless you im$lement security $ro/le
(eature# your multi*org will kee$ working as $re R12
Will R12 ulti-org access control still "o"ulate org.+d colun?
O( course 6ach record will still remain tied to an indi1idual org
/an we re-use security "ro)les that we de)ned for HR0'?
% suggest you kee$ MultiOrg security $ro/le se$arate (rom ?RM: security $ro/le# as
?R security $ro/les also cater (or $ositions and 1arious other hr related attributes
"e will know this once MultiOrg Access Control gets launched
/oing #ac$ to "aya#les cler$* while $eying in the in%oice* how will they
attach s"eci)c in%oice they $ey that in%oice against a s"eci)c
o"erating unit?
-y entering 1alue in the o$erating unit /eld in the screen 0rior to Release12# this
was a hidden column -ut now all screens that use security $ro/le multi*org will ha1e
an enter*able /eld
Oh dear* an additional )eld to #e entered #y the user in R12?
@ot really# i( you wish# you can s$eci(y de(ault o$erating unit $er res$onsibility !his
too by means o( a $ro/le o$tion
@ame o( $ro/le o$tion is 'i don)t know yet+# but it e&ists# so % am told
'o* we ha%e two new "ro)le o"tions?
%ndeed# one (or attaching security $ro/le and other (or de(ault org
What ha""ens to d#s.client.info.set.client.info11213?
!his will become redundant (unctionally 9se moAglobal $ackage instead !his
$ackage already e&ists in 11B14 instance And i( you o$en this# you will /nd this
using Row 8e1el :ecurity !echnically % think d#s.client.info.set.client.info will
still work# but will $roduce une&$ected results i( you ha1e enabled the MultiOrg
:ecurity 0ro/le (eature too
How does this e4ect y custoi5ations?
:tatement 1 3* %( you ha1e hard*coded client*in(o command# then ob1iously that will
no longer work'with disclaimers# but % think so will be the case+
:tatement 2 3* Also# i( you ha1e been using (ndA$ro/leorgA%d# that again will not
work
Both stateents a#o%e are false if you decide not to i"leent 0ulti Org
6ccess /ontrol feature in Release 12.