Use organizational security to grant or remove rights for users to view and/or update specific organizations. This is an optional feature that you can turn on or off in the System Settings screen.
Use this screen to set up organizational security profiles and identify the organizations to which a particular profile has access. You also can associate an organizational profile ID with organizations or groups of organizations. You also will need to specify a name for the profile and indicate the rights application method for the profile. If the Apply Org Security checkbox is selected, you specify an organization followed by a relation for that organization (i.e., begins with or equals).
This screen is the starting point for setting up organizational security. However, you may first want to enable or disable those modules and functions for which you wish to apply organizational security using the Enable/Disable Org Security for Modules screen.
You must set up the profiles in this screen before you can assign them to groups or create and/or maintain the Org Security Lookup table.
Enter an identification number of up to six alphanumeric characters for this profile. You will later assign Profile IDs to a module within an organizational security group.
Enter up to 25 alphanumeric characters for this profile.
This checkbox is selected by default. You can uncheck this checkbox if the profile should have full rights to all organizations. In this case, you would not need to enter anything into the table window.
Select the radio button associated with the rights application method you wish to apply to this profile ID.
Each organization to which you have rights should be listed in the table window. Organizations not listed will default to "inaccessible." Rights can be flagged only as "F" for this method. This radio button is selected by default.
Each organization to which you do not have rights should be listed in the table window. Organizations not listed will default to "accessible." Rights can be flagged only as "N" for this method.
This follows the Inclusive definition except that the organizations that have been flagged as "N" rights can also be used to specify an override to the list of included organizations. This is useful if you wish to provide access to most, but not all, branches of a particular organization tree.
Enter the organization ID or use Lookup to find a valid organization. This is an alphanumeric code, the length of which is set up in the G/L Settings screen in Costpoint General Ledger and stored in the Org Account table. The organizations listed in this column will be associated with the profile ID entered in this screen.
This column is non-editable and is automatically entered by the system once you select an Organization and move to another column.
To simplify the rights assignment interface and to make the creation of the profile table easier, you need to identify whether the organization you are assigning to a profile begins with the value entered in the column or equals that value. Use "Begins With" to specify a branch or portion of an organization branch. For example, if you specified org 1.1 and then chose "Begins With" for the relation, all organizations with 1.1 as their first characters would be selected when the organizational security Lookup process is run. These organizations are also known as "wild cards" because they are not individually listed, but merely assumed to be included. This is also discussed in the documentation for the Update Org Security Profiles screen.
The options for this column are as follows:
F = Full rights granted to the specified organizations. (This option is not available if you selected the Exclusive radio button in the Rights Application Method group box.)
N = No rights granted to the specified organizations. (This option is not available if you selected the Inclusive radio button in the Rights Application Method group box.)