Hyperion Planning Security

Hyperion Essbase & Planning Training
Adiva Consulting Inc. [www.adivaconsulting.com]
1

User Security
• Shared Services Console is a part of the Foundation Services
layer of Oracle EPM System 11 includes w.r.t Planning can
perform the following security-related tasks:
1.Determine User Privileges
2.Assign access rights to Application Elements
3.Create Security Filters
• Access rights for users and groups can vary by application and
can be assigned for the following application elements:
 Scenario , Version ,Account ,Entity ,User defined custom
dimension members
 Data entry forms, Task Lists, Business Rules
2

Levels of Planning Security
There are four levels of Security in Planning
• User Authentication: User needs to be authentication with valid credentials, Users
and groups must exist in the authentication directory before they can be granted
access to Planning Application.
• Task Security: Task Security determines the application tasks that a user can
access. You assign task security by assigning a role to a user. Each role is assigned
with a set of tasks.
Eg: Interactive users cannot change dimension members, the dimension change
• Object Security: Planning Application has flexibility where security can assigned to
specific objects such as data forms and task lists.
Eg: Allow HR Managers to access only HR Data Forms
• Data Security:
3

Planning Roles
• User provisioning enables centralized management of users, their role
assignments, and their access rights to applications
• Planning Roles will be assigned to users and groups based on the tasks
that users need to perform in applications.
Roles:
• Provisioning Manager
• Administrator
• Manage Models – No Longer exists in Planning Applications
• Interactive User
• Planner
• View User
• Mass Allocation
• Analytic Services Write Access
• Cube Creator
4

Providing Access
5

Precedence and Inheritance of Access Groups
 Individual rights override group rights
Eg: For the Budget member, you inherit Read access through group and
are assigned direct write access, you have write access to the Budget
member
 For group rights, no access overrides write or read access. Write access
overrides read access
Eg: If you have Write access to the Budget member from one group and
None access to Budget from another group, you have None access to
Budget
 Direct member rights override relationship rights
You are individually assigned Write access to children of the Entity. Your
group is assigned direct Read access to one of its children. You have Read
access to Children
6

ImportSecurity Utility
• ImportSecurity utility helps to load access rights from a text
file into Planning enables you to quickly assign access for
members, users and groups
• Mandatorily the File should be with name secfile.txt
7

8

9

10

WorkFlow:
• Use Workflow Management to promote , review , sign off ,reject , and
approve planning Units
Planning Unit:
• Planning tracks budgets by Planning Units – a specific scenario, version,
and entity combination. Scenarios and versions are the basis of the review
cycle.
11

12
Planning Unit – Entity Hierarchy
• Entity hierarchy relationships affect review process:
– Promote or Reject action to parent results in
Promote or Reject action to the descendants (unless
previously Approved), the parent’s owner becomes
the descendant’s owner
– Approve action to parent results in Approve action to
the children
– When all children are promoted to the same owner,
the parent is promoted to the owner
– After Sign Off action to all the children, the parent
status changes to Signed Off

Steps to be followed
• Select scenario and version for which you want view
the status
• Select the list of entities to which you have access
• Track the status of each entity as it moves through
the review cycle from first pass to approval
• After planning data is submitted and approved for all
entities, the planning cycle is complete for the
scenario and version
13

Workflow States and Actions
14

15

16

17

18

19

Overview of the Tasklists
• Administrators and interactive users create and manage task
folders and task lists, detailed lists of tasks to guide users
through the planning process by listing tasks, instructions, and
due dates.
Modes of Planning Application:
• In a Planning Application, When user logged with Basic Mode,
they can completing budgeting process flow using tasks lists
• In Advanced Mode, We create or edit every object of a
planning application such as Data Forms, Tasklists , Planning
Units
20

Task List Creation Process
• Create task List folders
• Create task lists
• Edit task lists
• Assign Access to task lists
• Validate task lists
21

22
Task List Type
• URL Task: opens a specified web page
• Web Data Form: opens a specified Data Form in
a specified Data Form Folder
• Business Rule: launches a specified Business
Rule Name for a specified Plan Type
• Workflow: starts the workflow process with a
specified Scenario and Version
• Descriptive: provides text of descriptive tasks

Steps:
23

24

25

26

Assign Access to Task Lists
27

28

EPMA
• Enterprise Performance Management Architect(EPMA)
provides a single interface to build, deploy and manage all
financial applications for Planning, Financial Management,
Essbase and Profitability and Cost Management.
EPMA Components:
 Dimensions Library
 Applications Library
 Data Synchronization
 Library JobConsole
29

30
Finan
ce
Suppl
y
Chain
GL
DWHETL
EPMA Server
EPMA
Relational
Library
Essbase
Plannin
g
HFM
Interfac
e
Tables
Flat
Files

31
FILES
APPLICATION
INTERFACE TABLES
DIMENSION & USER INTERFACE
MANAGER
Workspace
Licensing
Security
Dimension
Server
Data
Synchronizer
Engirle
EPM ARCHITECT
Storage
IMPORT
WORKSPACE APPLICATIONS
BROWSER
HTTP/S
Deploy
Synchronize
ERO
ORCL
SAP
DW
EXTRACT
Financial Management
Application
Planning Application

Dimension Library
• The Dimension Library is a central location for Planning and Financial
Management administrators to view, create, and manage dimensions and
hierarchies
• Easily can maintain the hierarchies for the dimensions as well as global
and application specific properties.
Types of Dimensions:
 Shared Dimensions: Can be used by Multiple Applications
 Local Dimensions: Independent dimensions that exists only in one
application
32

Importing Dimensions
in Dimension Library
• Dimensions can be loaded from flat files or Interface tables.
• Load Files can contain Metadata for the following
- Account , Entity ,Scenario ,Version ,Period , Year and
Currency Dimensions
- Generic Dimensions (User-Defined Dimensions)
- Attribute Alias ,UDA and Smart List Dimensions
Note:
 Need to load metadata from specific database for the
Interface tables
 All the dimensions can include in single file if the data source
is flat file
33

File Contains following Sections
• Dimensions
• Dimension Associations
• Members
• Hierarchies
34

Dimensions Section
This section is required
• If the dimension does not exist, it will be created based on the
specifications of this section
• If the dimension already exists, this section will update its current
properties
Section header: !Section=Dimensions
• The section header must match EXACTLY what is written above
Field headers:
‘Name|DimensionClass|DimensionProperty1|DimensionPropertyN
• The field list doesn’t have to include every dimension property and the
field headers don’t have to match the EPMA property names exactly;
these can be mapped in the profile
35

Dimension Associations Section
• This section contains information about the associations between
dimensions, for example associations between account dimensions and
security dimensions.
• Note: If member properties refer to another dimension, this section is
required for new dimensions and for dimensions using the replace method.
Syntax
• 'BaseDimension;Property;TargetDimension
Eg: S_Scenario|Alias|S_Alias
Account|UDA|S_UDA
36

Hierarchies Section
• Purpose: Define parent-child relationships within Dimensions
• For the example on this slide,
you define the Entity hierarchy
with Geographical as the top-level
parent, followed by United
States and Europe, where United
States has child entities of
California, Connecticut and Massachusetts.
• You control the member order in a dimension based on the
member order in the source. Members of existing dimensions
are reordered during a merge or replace import
37

Managing Aliases in Hierarchies Section
• Aliases are alternate names for members.
• If an application uses multiple languages for
member descriptions, you can add properties
to the hierarchies, Members, or Property
Array section headers for each language that
is setup in the Alias dimension
38

Loading MetaData
Perform the following tasks to load metadata:
1.Create an import profile
2.Map dimensions in the load file to dimensions in the
Dimension Library
3.Map fields for the load file or interface table to
dimension properties in Dimension Library
4.Run the import profile
5.View job statuses
6.View and correct import errors
39

Creating importing Profiles
• You create profiles to import metadata from flat files or
interface tables. You can import metadata into Shared Library
or directly into an application.
40

Mapping Dimensions
• You can create dimensions, or you can map dimensions in load files to existing
dimensions.
• When you map a dimension in the load file to an existing dimension, you can
merge or replace members:
• The Merge option update members that exist in the applications as well as the
missing members are added
• The Replace option replaces existing metadata with the metadata in the file. If a
dimensions member that exists in the application is not present in the metadata
file that you are loading, the Replace option removes the member from the
application.
41

Mapping Dimension Properties
• For each column for a dimension in the flat file, the following is displayed: a drop-
down list of properties for the same dimension class in Shared Library or the
application. You select the property to which map the column
42

Library JobConsole
• Library job Console-provides a summary of dimension library
and Application View activities, including imports,
deployments, and data synchronizations.
43

Actions can be performed on dimensions within the EPMA Dimensions Library
 Copy local dimensions to the Shared Library
 Copy dimensions to an Application
 Delete Applications
 Create and view Associations
 View Application membership and deployment Status
44
Actions can be performed on members within the EPMA Dimensions Library
 Cut and Copy
 Create and Insert Shared Members
 Remove, Delete and Rename Members
 View Application membership (In which applications does the member exists)
 Find Members
 Reorder a members children

Application Creation
You create applications with Application Creation Wizard, which includes
three steps:
1.Set up application components
2.Select dimensions
3.Configure application Settings
45

46
Note:
Changes in local dimensions do not affect dimensions in other applications
or in Shared Library
Property Setting for members of shared dimensions can be override with an
application
Local Dimension cannot be associate with a shared dimension
Eg: Attribute dimensions in Shared Library cannot associate with a local
dimensions in an Application
 Validate and Deploy applications to a planning server

Requirements for Data Loading
• Each data point must be tagged with a member from each dimension
• Data must be for bottom-level members, unless you are loading data into
a target version
• Data is scanned from the top of the file and from left to right
• Each field in a record must be separated by a valid delimiter
47

Data File for Multi-Currency Applications
• Applications that support multiple currencies have an additional dimension named
HSP_Rates to store exchange rates. The HSP_Rates dimension includes the
following members:
• The HSP_InputValue member stores data values
• The HSP_InputCurrency member stores currency types for the data values
• The HSP_Rate_<Value> member stores currency for multicurrency applications
48

49

Hyperion Planning Security

Recommended

More Related Content

What's hot (20)

Viewers also liked (15)

Similar to Hyperion Planning Security (20)

More from adivasoft (7)

Recently uploaded (20)

Hyperion Planning Security