Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

some AAC & AFC role privileges seem to allow more than they should?

I'm trying to create a very light view-only and remediate role for end users to assess their own ORMC Controls output entries, but on creating versions of both 'Advanced Access Controls Analyst' & 'Advanced Transaction Controls Analyst' roles I'm finding, for example:

GTG_VIEW_ACCESS_CONTROLS_PRIV (Allows for the viewing of access controls) still allows users to EDIT the Controls themselves!?!

..or:

even though I have removed priv 'GTG_GLOBAL_USER_CONFIGURATION_VIEW_IN_APPLICATION_CONFIGURATIONS_PRIV' (Allows viewing of the Global User Configuration) …testing finds the user can still view all users !?!

Also, these roles provide access to TOOLS > Scheduled Processes section to be able to run reports that are not stated in list of Privileges stated from original list x2 roles (as far as I can see).. Any one else tried this?

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!