Master Data Management

Configure Roles in a Position

A Security Administrator can include or remove roles to a position. Before performing this task, design the governance elements in Master Data Management > Design and add a position. Refer to MDM Design Process Overview and Add a Position for more information.

Roles can have conflicts where the same user is not allowed to finish both roles within a conflicting role pair. A user should not be included in position(s) with roles that are designed to conflict on the Role (Conflicts) page in Master Data Management > Design. If a user has finished a role that has a conflict with one they are attempting to finish, a validation error displays. Refer to Add a Conflict to a Role for more information.

NOTE: When using Unrestricted Position access, there is no relationship between a business process and a role within a position. If a user has multiple positions they will receive security to all business process-role combinations across all positions and access to all requests assigned to those roles. If the security must be more granular, you must create a new position and or new role(s) to grant different users access to the same role across different business processes, or use Restricted Positions. Refer to Set Restricted Position Access for more information.

To configure roles in a position in MDM:

  1. Select Master Data Management > Security > Positions in the Navigation pane.

  2. Click the Roles icon for a position.

    View the field descriptions for the Position Role page.

  3. Select one or more roles, and then click the Include or Remove icon as needed.

    The Include All Roles option allows the user to include all of the roles in the position without having to scroll through the list and select them all first.

    NOTE: If a role is removed from a position that has role level org unit value assignments, all of the org unit value assignments are removed from the role on the Position Role page. If the role is later included in the position, the org unit value assignments must be recreated.

    NOTE: This option allows a System Administrator to set the Read Only/Editable setting for all of the org unit values for a role.  If a role is set to read only, every org unit value assigned to the role is set to read only. However, this setting can be overwritten at the org unit value level.  If  any one of the org unit values is set to editable on the Position Role Org Unit 1 2 or 3 page, the role is editable. Refer to Configure the Read-Only/Editable setting for Org Unit Value Assignments for Roles for more information.

Next, Set a Role's Org Unit Value Assignment.