How Data Access Sets & Security Rules work together - R12 General Ledger

Data Access Sets:

Data access sets control, which ledgers can be accessed by different responsibilities. Data access sets can also limit a user from accessing certain balancing segment values or management segment values or grant read–only or read and write access to data in a ledger. 

 

It provides security in 3 levels.

 

1. Full Ledger - Provides access to whole Chart of Accounts. This is required to perform certain operations such as opening and closing periods, creating summary accounts, creating budgets, and performing mass maintenance. Full ledger access provides full read and write access to the ledger and all of its balancing segment values and management segment values.

2. Balancing Segment Value - Provides access to specific balancing segment values

3. Management segment value - Provides access to specific management segment values

 

 

 - Data Access Sets is mandatory in R12. But defining Data Access Sets is optional. That means if users do not define Data Access Sets, system creates it  with full access automatically when a ledger or ledger set is created.

 

 - Users need to define Data Access Sets, it they want security at balancing segment or management segment value level

 

 - We can assign multiple ledgers or ledger sets to a Data access set, which share the Chart of Accounts and Calender/period type combination.

 

 - To prevent potential errors in processing, we need to make sure at least one responsibility has a data access set assigned with full ledger access.

 

Data Access Sets & Security Rules:

Data Access Sets work with Segment Value Security Rules and Cross–Validation Rules. If we have defined Segment Value Security Rules that prevent certain responsibilities from accessing certain segment values, those rules are combined with data access set security.

For example, if user defined Segment Value Security rules to exclude Balancing Segment Value 01 and then defined data access set security that provides read-only access to values 01–03, the user assigned to this responsibility would not be able to read segment value 01 due to the Segment Value Security rule.