Hyperion Planning Security – Flashcards
Unlock all answers in this set
Unlock answersquestion
Scenario and Version member definitions
answer
Affect security for all users, regardless of access rights.
question
Bottom-Up
answer
Enter data at bottom levels, and only READ upper levels.
question
Start/End Month/Years
answer
Defines a range of time for each Scenario member which users can enter data.
question
Access to forms
answer
Granted on form by form level, or by folders.
question
New Forms
answer
By default no one has access, the users must be granted access to new forms.
question
Form, Task, Business Rules - Security settings
answer
All set inside the Planning application
question
Primary Roles (most used)
answer
Administrator, Interactive User, Planner
question
Administrator / Owner
answer
Open ended access. Developers. Owner is allowed to delete applications.
question
Interactive User
answer
Reserved for Planner/Developer. Create and maintain forms, create and run business rules, create and run HAL integrations. Different from admin because they cannot assign security.
question
Planners
answer
Typical end user. Enters data into form. Access to workflow management. Can run business rules they are given access to.
question
Essbase Write Access
answer
Submit data via Smartview Essbase connection. No planning security applies - can accidentally enter data at upper level.
question
Setting Security Roles
answer
This is done in Shared Services via the workspace.
question
Administrator
answer
He is the big boss, he can do everything. He can create and manage Planning applications; he is the one who initiates the budget process (workflow), The owner can delete the Planning application, while the administrator cannot. Also, an administrator cannot do mass allocation, he needs to have the role of mass allocation to do that.
question
Analytic Services Write Access:
answer
This is applicable to the users who already have the role of 'Planner' or 'interactive user'. This role of 'analytic services write access' lets a user use third-party products to write data back into Essbase.
question
Interactive user
answer
This user can create/update data forms, smart view sheets, business rules, and task lists. Quite a powerful role, as the user with this role can create many important Planning objects like forms, rules, and task lists. This role is typically assigned to the head of departments/divisions.
question
Manage models
answer
This role is dead. It's no longer a valid role, though we see it as a possible role under a Planning application. Hence, let us not bother about it.
question
Planner
answer
He is always in the majority. He can only enter data and submit forms, run business rules, and view and use task lists. He does not have enough power to create any of these objects though. But, in any implementation, we would find that many of the users are planners
question
Provision Manager
answer
Can assign security. We have very comfortably logged into Shared Services and had created few users and also provisioned the 'SRGD' application to the users. We were able to do so only because the user 'admin' has already the role of 'provision manager'.
question
Power Roles
answer
We can see that the provisioned roles of the admin user are 'administrator', 'provision users', and 'Mass allocation'. These three roles are hence defined as power roles.
question
View user
answer
These are the users who can only view the forms and data, rather than entering data.
question
Changing Ownership
answer
Coming to the owner, there is always one owner. Yes, we can change the ownership of an application from one to the other. But, it's only the current owner who can do that.
question
Types of Access
answer
Read Write None
question
Types of Access for Period / Year
answer
None. These dimensions do not have security options.
question
Security Refreshes
answer
Done through Workspace. Check "Security Filters" while refreshing an application. Admin > Application > Refresh Database
question
Path for single security changes
answer
Admin > Manage > Security Filters > User
question
Users login at Essbase
answer
Only have Read capabilities.
question
Planning Security refreshes and Essbase security
answer
Planning overwrites Essbase security changes.
question
Read
answer
Edit data within the forms but cannot change form design. Access to data is based off privileges on the application.
question
Write
answer
Interactive roles can update form design and enter data based off security settings
question
None
answer
Users cannot see the form. This is the default setting unless otherwise changed.
question
Form Access only.....
answer
Grants access to the form. Users must still be granted specific access to the data intersections.
question
Minimum security for a view of data
answer
Must assign some read/write combination to Version, Scenario, Accounts, Entities.
question
Periods / Years and Access
answer
No access types.
question
Custom dimension access
answer
Default - cannot assign access. @IDescendants, which is level 0 bottom up access. Forms can be designed to restrict pick lists through layout design. If you want to assign access you must set a dimension property and choose apply security. This adds complexity but may be needed to fit requirements.
question
Access Precedence
answer
NONE overwrites READ/WRITE, WRITE overwrites READ. Individual access trumps group access.
question
Conflict 1: A user is assigned direct access but belongs to a group with different access.
answer
Individual access beats group access.
question
Conflict 2: Access is assigned to a member vs through relationship
answer
Member level access to data intersections is granted over user or group access.
question
Required dimensions in planning (6)
answer
Account, Entity, Version, Scenario, Time, Year
question
Grid spread
answer
Spreads across selected members. When a user working on a data form wants to change the data value by increasing/ decreasing by a percentage or wants to change it by an amount, then this option is handy. The prerequisite for Grid spread is to enable this option, when we created the data form.
question
Differences between Grid Spread and Mass Allocate
answer
With Mass Allocate, its spreads to the descendants, even though they are not a part of the data form. One more difference is, after we mass allocate, the data is immediately saved without giving the user a chance to look at the values in cells and saving it later.
question
Mass Allocate
answer
Very handy when we spread the data across the dimension. In typical implementations for top-down budgeting, data spread across the Entity dimension is very handy.
question
Account annotation
answer
As defined earlier that annotation is additional explanation or critical commentary. We can provide the same for account and we do it with the help of account annotation. This is very handy to a planner, as he gets additional information of how to enter and what to enter in the data form.