Professional Documents
Culture Documents
This document provides guidance on how to create a custom job role (from Release 12) with required
data security policies. The Inquiry only job role will allow the users to inquire payables invoices and
payments but doesn’t grant any privileges to edit them.
To create custom job role with required data security policies, we need to perform following tasks
1.3 Generate Data Security Policies for the Inquiry Job Role
Data security policies define the data which can be accessed by the role. For example, to view payables
invoices for a particular BU, we need to create a security policy which will grant access to the data for
the given BU and assign it to the job role. In this section we shall assign the data security policies to the
inquiry job role.
1) On the train chain click on the task Data Security Policies
2) Create following data security policies. Click on the button Create Data Security Policy to add new
policy.
# Policy Name Database Start Data Set Condition Name Actions/Privilege
Resource Date
1 Grant on Business Business Any Select by Access the business unit Manage Payables Invoice
Unit Unit Date instance for which the user is
set explicitly authorized Manage Payments by Business
Unit
2 Grant on Subledger Any Select by Access Ledgers associated Manage Ledger for Subledger
Subledger Accounting Date instance with Business Unit Data
Accounting Ledger Ledger set
3 Grant on Subledger Any Select by Subledger Application Manage Subledger Application
Subledger Application Date instance Instance Set Data
Application set
Parameter1: 200
4 Grant on Subledger Any Select by Access Subledger Source Manage Subledger Source
Subledger Source Source Date instance Transactions for a Transaction Data
Transaction Transaction set Business Unit
Parameter1: 200
3. Navigate to Summary and Impact Report. Click on button Save and Close and the Inquiry only job
role is ready.
Now assign this role to the required users and grant them the required Business Unit access. The user
will now have read only access to Payables Invoices and Payables Payament transactions.