1.

Instructions to create Transaction Inquiry only Job Role

This document provides guidance on how to create a custom job role (from Release 12) with required
data security policies. The Inquiry only job role will allow the users to inquire payables invoices and
payments but doesn’t grant any privileges to edit them.

To create custom job role with required data security policies, we need to perform following tasks

1) Create Custom Job Role

2) Assign the Inquiry duty role to the Custom Job Role
3) Assign Data Security policies for the Inquiry Job Role

1.1 Create Custom Job Role

A Job role is an enterprise role for a specific job consisting of specific set of duties which are expected to
be performed by the user. In this section we shall create a custom job role.

1) Log into application and navigate to security console.

2) Click on Create role. Enter following fields
a. Role Name : Enter the Display Name for the Custom Job role
b. Role Code : Enter the Name of the Custom Job Role
c. Role Category: Financials Job Role
d. Description : Enter the details on what duties this Job role will perform

1.2 Assign Inquiry duty role to the Job Role

A duty role is a set of functions and data privileges, which are required to discharge a duty, and is
assigned to a Job role. In this section we shall assign the seeded payables inquiry duty role to the custom
Job role created in previous section.
1) On the train chain click on the task Role Category
2) On the table menu click on the icon
3) Search for the role name ‘Payables Transaction Review’
4) Click on the button Add Role Membership
5) The duty role will be added to the job role

1.3 Generate Data Security Policies for the Inquiry Job Role
Data security policies define the data which can be accessed by the role. For example, to view payables
invoices for a particular BU, we need to create a security policy which will grant access to the data for
the given BU and assign it to the job role. In this section we shall assign the data security policies to the
inquiry job role.
1) On the train chain click on the task Data Security Policies
2) Create following data security policies. Click on the button Create Data Security Policy to add new
policy.
# Policy Name Database Start Data Set Condition Name Actions/Privilege
Resource Date

1 Grant on Business Business Any Select by Access the business unit Manage Payables Invoice
Unit Unit Date instance for which the user is
set explicitly authorized Manage Payments by Business
Unit

2 Grant on Subledger Any Select by Access Ledgers associated Manage Ledger for Subledger
Subledger Accounting Date instance with Business Unit Data
Accounting Ledger Ledger set
3 Grant on Subledger Any Select by Subledger Application Manage Subledger Application
Subledger Application Date instance Instance Set Data
Application set
Parameter1: 200

4 Grant on Subledger Any Select by Access Subledger Source Manage Subledger Source
Subledger Source Source Date instance Transactions for a Transaction Data
Transaction Transaction set Business Unit

Parameter1: 200

3. Navigate to Summary and Impact Report. Click on button Save and Close and the Inquiry only job
role is ready.

Now assign this role to the required users and grant them the required Business Unit access. The user
will now have read only access to Payables Invoices and Payables Payament transactions.