Thursday, 25 June 2015

Differences between HR:Security Profile & MO:Security Profile

HR:Security Profile and MO:Security Profile are used for MOAC (Multi-Org-Access-Control).

HR:Security Profile is used to restrict the data in Human Resources according to the Business Group or whatever criteria you define in this security profile. Thus, for HR, it uses this secuity profile in its data exposure to the user.

MO:Security Profile acts the same but is used for Financials and Manufacturing applications. It restricts the access (site level or can be set at responsibility level) to certain operating unit (or whatever criteria defined in the security profile).

If there is no value at MO:Security Profile, then Financials and Manufacturing use the HR:Security Profile option for their data exposure to users.


Not true exactly.In R12 if you enabled MO: Security profile, it takes care of HR: Security profile also, but opposite does not holds good.

Also HR: Security profile is something coming from 11i, which at least should have a view all security profile value ( created by default by Oracle) to access

In 11i, we had HR : Security Profile which will still hold good in R12. Also we had MO : Operating Unit in responsibility level in 11i.
In R12, two new Profile option came, both of them are optional depending upon you want to use MOAC or not. MO : Security Profile have some security profile value (created in HRMS > Security prile same like HR : Security Profile) at responsibility level. We can have multiple Operating units under one security profile under one BG(Note : HR: Business Group defines the BG).So,out of them you can choose one Operating unit to appear as default at responsibility level by MO: Default Operating Unit.
If you enable MOAC, Security List Maintenance program needs to run after responsibility assignment.
If you don’t want to use MOAC, in that case you do not put any value in MO : Security Profile and MO: Default Operating Unit . MO : Operating Unit at responsibility level will will take care of the settings like 11i. HR : Security Profile needs to be setup at responsibility level in that case(When you create a new Business Group, a view-all security profile is automatically created. It provides access to all employee records, and all applicant records in the Business Group.). The following 4 profile should have value as 11i
HR:Business Group
HR:Security Profile
HR:User Type
MO: Operating Unit


What happens if the customer did NOT set MO: Security Profile,

but did set HR: Security Profile?

They have restricted user access to the respective Business Groups and Operating Units (and Inventory orgs), simply by setting the HR: Security Profile for each Responsibility.
That is what they wanted.
And they have tested, that MO: Security Profile does pretty much the same thing, when set for each Responsibility.
You may test that at your end as well.

What will they be missing, if MO: Security Profile option is not set for each of the Responsibilities?

They are using Manufacturing and Financial applications.

1 comment:

  1. This is a great post. I like this topic.This site has lots of advantage. It helps me in many ways.Thanks for posting this again.

    Hr Franchise in Bangalore