Tag Archives: Fusion Application

Fusion Application Differentiators

Simplify –

  • Simplified and modernized user interface with Web 2.0.
  • Role-based dashboard brings all relevant information to you in a single place and inform you what’s important
  • Direct self-service access to financial reports
  • Simplified information access.

Standardize –

  • 100% open, standard-based applications and middleware allow you to easily extend existing business process
  • Standardized UI treatment such as collaboration, excel and embedded business intelligence
  • Decision support embedded directly within the context of a transaction for timely, consistent decisions

Centralized –

  • Access to all information on the base of your role
  • Common setup data may be secured and shared across entities by reference set id
  • Centralized business functions like TCA, SLA, tax, etc.

Automate –

  • Automatically present user with all pending tasks, completed tasks, estimated tasks in dashboard
  • With self-monitoring accounts, your accounting system becomes intelligent and alters you to anomalies requiring actions
  • Imaging integration and character recognition capabilities to make invoice entry faster and reduce errors
  • Auto match receipt with your transactions;
  • Extended Excel import features.

Explanation of “JP-250DB 10” Depreciation Method in Oracle Formula Setup


Why Oracle design the formula like this? It looks far different than the requirement description.(See extracted requirement in below passage)

For formula itself, it can be explained easily. 

Guarantee depreciation amount can be calculated as “Cost * Guarantee Rate”

Depreciation Rate before switching can be calculated as “Begin NBV*Original Rate”

Depreciation Rate after switching can be calculated as “NBV when switching*Revised Rate”

The formula can be explained easily as “When depreciation amount less than guarantee amount, we will switch the rate from original rate to revised rate.” And due to “Dual Rate Evaluation” depreciation basis rule, the depreciation basis is changed from NBV of each begin of fiscal year to the NBV of the asset as at the date of the switch from Original rate to the Revised rate. It means after switching rate to revised rate, it is straight line depreciation on the base of the NBV of the asset as at the date of the switch from Original rate to the Revised rate.

The formula is explained, but the formula looks far away from requirement description! Why? And how the figure of revised rate and guarantee rate get from? Is it given by government? NO! It is introduced to design formula. The requirement has not any place mentioned these kind of rate.


The Old Declining Balance Method is calculated by multiplying the book value as of the beginning of the fiscal year by a predetermined depreciation rate. The New Declining Balance Method will be calculated by multiplying the book value as of the beginning of the fiscal year by the depreciation rate, which is 2.5 times the depreciation rate under the straight line method. If the amount calculated using the New Declining Balance Method is less than the “amount calculated by dividing the book value as of the beginning of the fiscal year by the remaining years (useful life less the elapsed year)”, then the calculation method will be changed from the declining balance method to the straight line method when calculating the depreciation limit.

It is decided on a fiscal year basis whether the “amount calculated by multiplying the book value as of the beginning of the fiscal year by the depreciation rate which is 2.5 times the depreciation rate under the straight line method” is lower than the “amount calculated by dividing the book value as of the beginning of the fiscal year by the remaining years”. A change of method from the declining balance method to the straight line method in the middle of a fiscal year is not permitted.

Let’s have a look at how revised rate and guarantee rate is gotten.

From requirement description,

Assuming asset cost = a, depreciation year = b, original rate=x, so, there’s a relationship b=1/x*2.5

So, by original rate declining balance deprecation in the first years,


Depreciation Value














Against the requirement, If the amount calculated using the New Declining Balance Method is less than the “amount calculated by dividing the book value as of the beginning of the fiscal year by the remaining years (useful life less the elapsed year)”, then the calculation method will be changed from the declining balance method to the straight line method when calculating the depreciation limit.,

We can get a inequation as below, assuming n is the switching year

x(1-x)n-1a<(1-x)n-1/(b-(n-1))a                     (b=1/x*2.5)

On the base of total deprecation year, we can get the switch year.

For example, b=10, x=0.25 in above screendump,

Finally, we can get n>7 from above inequation. So, at the eighth year, we need to switch from the declining balance method to the straight line method when calculating the depreciation limit.

On the base of n=8, we can calculate so-called guarantee rate to help design the formula.

Guarantee Rate = right of inequation = (1-x)n-1/(b-(n-1)) = 0.757/3 = 0.0445!

Revised Rate = 1/(b-(n-1))=1/3=0.33


As similar as above you can calculate the guarantee rate and revised rate for depreciation year 5, 10, 20 or others.


For this case, switching year n can be calculated as 14 by inequation.

Guarantee Rate = 0.875^13/7=0..252

Revised Rate = 1/7=0.143

Can you understand it now? Is it interesting? And who designed this formula?Smile

How to debug accounting issues in EBS and Fusion Application?

Oracle ERP applications, EBS and Fusion application, use subledger accounting architecture to create accounting for transactions and accounting events.

When you create accounting online from AP invoice, AR invoice, payment, receipt, etc., you may meet some problems that the accounting entries(subledger journals) are not able to created. It suggests you run create accounting concurrent program and see detailed errors. Generally, this is because some validations are not passed or some cross-application problems. For example, AP prepayment application for multiple times, etc.

At this moment, you should run the program and read the output file and log file to locate the problem. And you may need to validate the AAD (Application accounting definition) for your application and resolve the problems indicate in output file. Generally the problem can be resolved.

To validate ADD, you need to go to subledger accounting setup->subledger accounting setup->accounting methods builder->method and definitions->application accounting definition to validate your ADD by event class or run a concurrent program called “Validate Application Accounting Definitions” and select ledger and application in parameter.

To resolve other errors indicate in create accounting output file. It is case by case. For example, below error message

“The subledger journal entry does not balance by balancing segment and there is no Intracompany Balancing Rule defined for the ledger Vision India Operations, source Payables and journal category Purchase Invoices. The ledger option Intracompany Balancing is enabled, but no balancing rules are defined for the ledger. Please update the journal entry setups for the application accounting definition so that the journal entry balances by balancing segment, or define a cross-entity balancing rule for the ledger.”

It means the accounting entries generated for the transaction are not balanced. It means, in AP transaction, Dr. side accounting is from distribution line and Cr. Side accounting is from supplier liability account setup. They have different company segment (balance segment), so they are not balanced. You must need to change either distribution balance segment or supplier liability balance segment to make them consistent.

Create Data Roles for Business Units

This example will show a case where a user creates a Business Unit but no data roles are created so they have to create and assign them manually. The various stages will be broken down into the following headings:

  • Create Basic Business Unit (BU)
  • Check if BU Data Roles have been created
  • Create Data Roles
  • Synchronize Oracle Identity Manager (OIM) with Authorization Policy Manager (APM)
  • Assign Data Roles to Login User
  • Check Access to BU

Create Basic Business Unit (BU)

After picking the ‘Define Business Units’ task list create Business Unit. Then save and close. Note This user has created a new default set called ‘NC_BU110S’. It will hold any new set_id data used by the BU ‘NC BU110’.
Once the initial BU has been created Business Functions need to be assigned. Assigning functions to a BU should automatically create the related data role. In the above example the user is assigning Receivable functionality to a BU named ‘NC BU110’.

Check if BU Data Roles have been created

Check if the BU is available to pick when configuring the relevant module. In this worked example the user has chosen the receivable functionality. If they cannot pick ‘NC BU110’  when configuring the receivables system options then it’s likely the relevant data role has either not been created or not assigned.
To check if the data role exists log into the Authorization Policy Manager (APM) module. Under the ‘Authorization Management’ tab click on the Search External Roles.
For the basic BU setup there should be two data roles created under the ‘Financial Application Administrator’ role. One will be for the basic BU access and the other for the BU set_id access. In the above case neither role has been created ‘NC BU100’ BU.
For each functionality there will be additional roles required. An example will be shown in the latter steps of this document.

Create Data Roles

To create a data role the user first needs to search and pick the relevant data role template.
There are two templates used for the minimum BU usage these are:
FinancialsFunBusinessUnit = used for basic BU setup
FinancialsFunSetIdFinancialsFunSetId = BU SetId usage
In this example as we have assign receivable functionality there should be 2 additional templates which are:
BillingRevMgtandCustPayment = Basic AR setup
FinancialsArSetIdFinancialsArSetId = AR SetId
Once the correct template is shown the user needs to highlight the required template then click on open.
Once the template has been opened the user can view existing data roles. If they want to create new roles then they need to click on ‘Generate Roles’ as shown above.
Once the ‘Generate Roles’ has completed the user can click on ‘refresh role’ under ‘valid roles’, In the above example it shows a data role for basic BU usage has been successfully created – ‘FUN_FINANCIAL_APPLICATION_ADMINISTRATOR_JOB_NC BU110’.
When the FinancialsFunSetIdFinancialsFunSetId template is used it will create set_id data role called ‘FUN_FINANCIAL_APPLICATION_ADMINISTRATOR_JOB_NC BU110S’.
As this example is using receivables functionality when the template FinancialsArSetIdFinancialsArSetId is used to generate data roles then all AR roles will have a set_id role created for them. As as shown above.

Synchronize Oracle Identity Manager (OIM) with Authorization Policy Manager (APM)

Once the data roles have been successfully created in APM they then need to be copied over to OIM. To do this you can either run ‘LDAP Role Create and Update Full Reconciliation’ or ‘LDAP Role Create and Update Reconciliation’ program. To run either program you will need to go into OIM and click on the ‘Advance’ icon as shown above.
Once in OIM’s Advance Administration section pick the ‘System Management’ tab then select either of the LDAP reconciliation scheduled jobs. Now double click on the chosen job to open up it’s parameters.
After opening the parameters section of the job click on ‘Run Now’. This will then copy all the successfully created data roles from APM into OIM.  The next step will to assign these data roles to a login user.

Assign Data Roles to Login User

When in OIM under the ‘Administration’ tab click on the users ‘Advance Search -Users’ section.
In this example the user would like the login user ‘fin_superuser’ to be able to use the BU ‘NC_BU110’. Therefore they will need to assign these roles to this login user. Once the user has found ‘fin_superuser’ they will need to pick this user in the research results field then click on open.
Once the user is in the required login user. Here it is showing the ‘FIN_SUPERUSER’ tab. Then click on the assign icon to pick which roles you want assigned.
The above example shows the user assigning basic BU access data role for BU ‘NC BU110’ to the login user ‘FIN_SUPERUSER’.
As the user has assigned Receivable functionality to this BU they also need to assign the AR roles ,such as the ‘AR_BILLING_MANAGER’, to this login user.

Check Access to BU

To show the user now has access to the newly created  ‘NC BU110’ BU they can go to any AR configuration step to see if this BU is available in the LOV. Here the user has chosen the ‘Receivable Activities’ task.
The data roles have correctly been created and assign as they are now able to pick BU ‘NC BU110’.

Difference between jobs and positions

What’s the job and position?

Oracle HRMS provides flexible work structures to represent the ongoing responsibilities and functions that an organization must carry out in order to meet its goals. Jobs and positions are placeholders in your enterprise model representing roles, which enable you to distinguish between tasks and the individuals who perform those tasks. Oracle HRMS uses jobs to represent the duties people perform and the required skills, for example:

  • Professor

  • Developer

  • Accountant

Positions represent a specific instance of a job, such as:

  • Assistant Professor of Sociology

  • Senior Software Developer

  • Payroll Accountant

A clear conceptual model of your enterprise helps you to optimize your workforce. Jobs and positions are key components of that model. The flexibility of jobs and positions enables you to model your enterprise accurately. Use jobs or positions (in combination with organizations, assignments, grades, salaries, and other HR structures) to manage your workforce in a manner consistent with the way you do business.

How to select job or position control for your enterprise?

As you implement your enterprise model, one of the earliest decisions you face is whether to use jobs, positions, or a combination of both. You can use Oracle HRMS to define required skills and valid grades for either one. Enterprises fall into one of three general categories:

  • Rule-based

  • Project-based

  • Hybrid

If your organization is a rule-based enterprise, you regulate employment, roles, and compensation according to strict policies and procedures. Fixed roles tend to endure over time, surviving multiple incumbents. You manage roles rather than individuals. Examples include government, higher education, and health care. Rule-based industries, where roles continue to exist after individuals leave, typically model the enterprise using positions.

If your organization is a project-based enterprise, such as a construction or software company, you require the flexibility to assign people to new projects or organizations on a regular basis. You manage people and their skill sets, rather than fixed roles. This requires the flexibility to match competencies to tasks quickly and easily. Project-based organizations, where roles end when individuals complete a project, typically model the enterprise using jobs.

If your organization is a hybrid enterprise, you assign some individuals to fixed roles, and others to multiple projects. This is typical of large manufacturing or corporate enterprises. Hybrid enterprises such as these model the enterprise using both jobs and positions.

Oracle Fusion Application Security Overview

Oracle fusion application security mechanism is designed on the base of role-based access control (RBAC). Oracle recommend to implement roles with functional security and data security and then assign roles to user, which bring benefits from maintenance and reusability. We should not directly assign functional security and data security to user, even though it looks ok from technical perspective.

First, let’s have a look at the Oracle recommended security setup process with a real business scenario, and then have a review of Oracle fusion security architecture and concept for further understanding.

Oracle recommended Security Setup Process, which is the most safe for your implementation.

Considering you have a financial manager called Ning  Yun, who is responsible for all financial modules as a manager role in business unit A, B, C, Ledger X, Y, and asset book Z.

1. Create a user ning with person information (generally employee information). A person will auto created in HCM. Or you can create person in HCM and user will be auto created.

2. You should have had job roles, like general ledger manager, payables manager, receivables manager, etc. in your system, generally they are predefined by oracle.

3. Create data roles for above job roles through data role template. Or the data role can be generated automatically when you create BU, asset book, GL data access set.

4. Assign the necessary data role to user.

I recommend that you always generate data role by data role template or generate automatically and NOT try to generate your own data security, because it is not completed. If you try to research the Oracle-predefined data role template, it is very complex. You can duplicate it by data security easily. So, always use data template or auto generation.


Oracle fusion security architecture and concepts

Functional Security:

1. Resource: Very technical concept that the technical components used by privilege.

2. Entitlement (Privilege): A task/action of duty role. An entitlement is one or more allowable actions applied to a set of database resources.

3. Application Role (Duty/Duty role):  Duty roles cannot be provisioned directly to users, but are inherited by enterprise roles to control access to applications. Duty roles may carry both function and data security grants.

4. External Role (Job/Job role): Specific to a job, and controls access to functions through inherited duty roles that carry the entitlement necessary for performing specific tasks associated with the duties of the job, such as access for a procurement manager.

5. User: application user registered in system.

Data Security

6. Database resource:  A database resource specifies access to a table, view, or flexfield that is secured by a data security policy.

7. HCM Security Profile: HCM data roles are generated using the Manage Data Roles and Security Profiles task, which uses HCM security profiles, not data role templates, to define the data security condition.

8. Data role template: You use data role templates to generate data roles. You generate such data roles, and create and maintain data role templates in the Authorization Policy Manager (APM).

Data Role (Also external role in APM): Specific to a job within a dimension of data, and augments the inherited abstract, duty, or job roles with entitlement to access specific data, such as access for a procurement manager in a particular business unit. Job role with data security.




External Role/Job Role: Accounts Payable Manager (which is mapping to real AP manager in business)

Duties assigned directly and indirectly to the job role Accounts Payable Manager

Application Role/Duty Role


Accounts Payable Managerial Analysis Duty: Analyzes Invoices and related documents along with Payments, Holds  Discounts, and Payables Balances

Accounts Payable Period Status Management Duty: Manages Oracle Fusion Payables period status.

Accounts Payable Period Status Review Duty: Reviews Oracle Fusion Payables period status.

Actual Procurement Cost Collection Duty: Subscribes to costing service for interfacing invoice transactions to receipt accounting.


The relationship between external role (data role) and job role: (first page for functional hierarchy, second page for data security)




The relationship between job role and application rule:


The relationship between application role and entitlement:


The relationship between entitlement and resource:


(From my own opinion, the security mechanism, especially data security is very complex in current version of Fusion Application, so please always use data role template or auto-generation. That’s enough)