Using Security Hierarchies
Security hierarchies let you control who has access to certain documents.
For example, you can create a security hierarchy in which only you and other buyers in that hierarchy can view each other's purchase orders.
Security hierarchies are not an alternative to approval hierarchies, but something different altogether. Changes you make to a security hierarchy do not affect the approval hierarchy and vice versa.
If you want to specify a Security Level of Hierarchy for any of your document types, you must first define all positions which should have access to the documents you want to restrict in this manner. (Even if you are using jobs to route documents for approval, you must define positions before you can enable this Security Level).
You then define a security position hierarchy, and specify it in the Purchasing Options window.
To define Purchasing Options:
Document Control Options
Select a Security Hierarchy, which is a position hierarchy from the Position Hierarchy window in “Security Hierarchy” field of Purchasing Options page. When the Security Level is set to Hierarchy for a document in the Document Controls window, this position hierarchy governs access security for the document.
Important: This field is enterable only when the form is accessed from the Purchasing menu.
For user-defined quotations and RFQs, Purchasing displays as a default the Security Level of the Standard Quotation or RFQ, and you cannot enter the field. Otherwise, choose one of the following options:
• Hierarchy - Only the document owner and users above the owner in the defined purchasing security hierarchy may access these documents.
• Private - Only the document owner may access these documents.
• Public - Any user may access these documents.
• Purchasing - Only the document owner and users listed as buyers in the Define Buyers window may access these documents.
Important: Note that a “Security Hierarchy” controls which positions (and therefore which employees) have access to a particular document type. It does not control whether an employee has the authority to approve a document or perform other actions.
----------------------------------------------------------------------------------------------------------------------------------
Security Hierarchy – Setup Steps
- Define Position (Approval) Hierarchy
Position Hierarchy Name : PA-Materials-1
Navigation : Setup > Personnel > Position Hierarchy
- Define Security Hierarchy
Security Hierarchy Name : PA-Security-Hierarchy
Navigation : Setup > Personnel > Position Hierarchy
- Approval Assignment
Approval Group “Director Production ” is assigned to
Position “PDR810. Production Director”
Navigation : Setup > Approvals > Approval Assignments
- Approval Group : Director Production
Amount Limit is USD 100,000.00
Navigation : Setup > Approvals > Approval Groups
5. Purchasing Options
Navigation : Setup > Organizations > Purchasing Options
Select the Security Hierarchy “PA-Security-Hierarchy” in the field Security Hierarchy.
6. Document Types
Navigation : Setup > Purchasing > Document Types
In the above Document Type page, select as below for Document Name “Standard Purchase Order”
“PA-Materials-1” in the field “Default Hierarchy”
“Hierarchy” in the field “Security Level”
7. Financial Options
Navigation : Setup > Organizations > Financial Options
Select the check box against “Use Approval Hierarchies”.
Scenario Testing
1. Purchase Order Number 6640 is created by “PrakashAnand”
2. PO 6640 is approved by “Horton, Connor”.
Please see the “View Action History” showing the approval path.
3. Log-in as “cbrown”
- “cbrown” is the user name of “Brown, Ms Casey”
- Brown, Ms Casey is a Buyer
- She is also present in the Security Hierarchy “PA-Security-Hierarchy“
- She is not present in the Approval Hierarchy “PA-Materials-1“
4. Query the Approved Purchase Order “6640”
5. Brown, Casey is able to open / access the PO 6640, even though Brown Casey is not in the Position (approval) hierarchy; but, present in the Security hierarchy.
6. Brown, Casey is not seen in the view action history which means she is not part of the Approval hierarchy “PA-Materials-1”.
7. Buyers
Above window shows the employees defined as “Buyers”.
“Barton, Jeffrey M” is one of the Buyers.
Barton, Jeffrey M is not present in the Position (Approval) Hierarchy as well as Security Hierarchy.
8. Log-in as “EBUSINESS-MFG” (which is the user name of Barton, Jeffery”)
9. Query Purchase Order “66%”
PO 6640 is not displayed, which means any Buyer other than those in the Security hierarchy and or Position Hierarchy can not access the Purchase Order.
---- Prakash Anand KV.
Good Sir
ReplyDelete