Setting Up Consolidation Security from User & Role Management

  • 6 minute(s) read
Prev Next

Article Summary

This article provides a complete, step-by-step guide to setting up Consolidation Security from User & Role Management. It explains how to assign security for consolidation processes, configure decentralized access, enable navigation access for consolidation tools, and manage user privileges for journals, eliminations, validations, and consolidation processing, covers key settings like process-level permissions, entity access trees, workflow actions, and previewing assigned security, and helps administrators efficiently control consolidation access, enforce data governance, and distribute responsibilities across users, ensuring secure and accurate consolidation operations.

eddy_summary: Learn how to configure consolidation security, assign process permissions, and manage decentralized access in Planful.
eddy_keywords: consolidation security, user and role management, processes tab, decentralized consolidation, entity access tree, journal permissions, eliminations, validations, consolidation process, security configuration
eddy_intent: Informational
eddy_module: Consolidation
eddy_synonyms:
consolidation security = consolidation access control, consolidation permissions
decentralized consolidation = distributed consolidation access, entity-level consolidation permissions
eddy_questions:
- How do I assign consolidation process permissions to a user?
- What is decentralized consolidation and how do I enable it?
- How do users gain access to consolidation journals, eliminations, and validations?
- What does each process permission (Full, Manage, Approve, Post/Process, etc.) allow?
- How do I preview or export user consolidation security settings?

To set up Consolidation Security from User & Role Management, follow the steps below:

Note:

Navigation Access must be given to a user to enable access to the Administration items in the Consolidation Control Panel.

Note:

You can also find Consolidation Security under the Administration section in the Consolidation Control Panel. To configure security from the Consolidation Control Panel, click here.

Processes

You can assign security permission for the Process using the Processes tab.

Description of fields on the Process table

Note:

Workflow actions do not result in email notification. For example, if you authorize a user to post a journal and another user has the authority to approve it, the approver does not receive an email when the Standard Journal is posted.


Process

Action

Standard Journal

Recurring Journal

Dynamic Journal

Non Controlling Interest

Reclass

Eliminations

Actual Data Load

Validations

Consolidation Process

Full

Enables all entry and approval actions. Active/Inactive is not applicable.

Enables user to manage all Recurring Journals and post/process.

Enables user to manage all Dynamic Journals and active/inactive applies.

Enables user to manage all non controlling interest and active / inactive applies.

Enables user to manage all reclasses and post/process.

Enables user to manage all Eliminations, clear /unpost, and post/process.

Provides user with ability to load data using Actual Data Load templates in Decentralized mode. User can perform template input and all privileges associated with Actual Data Load.

Enables user to manage all Validations, clear/unpost, post/process, and active /inactive applies.

Allows user to run the Consolidation Process.

Manage

Allows user to access Standard Journals, add new journals, and edit journals. .

Allows user to access Recurring Journals, add new journals, and edit journals.

Allows user to access Dynamic Journals, add new journals, and edit journals.

Allows user to access Non Controlling Interest, add new rules, and edit rules. .

Allows user to access Reclasses, add, and edit.

Allows user to access Elims, add, and edit.

Not Applicable.

Allows user to access Validations, add and edit.

Not Applicable.

Forward

Submit an entry for review. Select a journal entry that is in process and click Forward to move the entry to Pending Review.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Send Back

Return a journal entry to an In Process status to make required changes. This option is only available when the journal is in the Pending Review or Approved statuses.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

In Process

A journal entry that has not in a forwarded state.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Approve

Approve a journal entry that is Pending Review, which confirms the entry for posting.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Post / Process

Post the entry to the application. Once posted, a message indicates whether the post was successful or not.

Post the entry to the application. Once posted, a message indicates whether the post was successful or not. You can give a user the ability to post a journal without having full control.

Not Applicable.

Not Applicable.

Post the reclassification to the application. Once posted, a message indicates whether the post was successful or not.

Post the Elimination to the application. Once posted a message indicates whether the post was successful or not.

Not Applicable.

Post the Validation to the application. Once posted a message indicates whether the post was successful or not

Automatically enabled when Full is selected. Entries will post during Consolidation.

Reject

Refuse a journal entry. To re-use a rejected journal, create a copy of it (which will return the entry to the In Process status) with a new name.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Unpost / Clear Data

Current period or prior period journals can be unposted. This action removes the original posted entry from the system.

Not Applicable.

Not Applicable.

Not Applicable.

Not Applicable.

Current period or prior period Eliminations can be unposted. This action removes the original posting from the system.

Not Applicable.

Current period or prior period Validations can be unposted. This action removes the original posting from the system.

Not Applicable.

Active / Inactive

Not Applicable.

Not Applicable.

The journal entries that are valid for the period in which they are defined when created.

The non controlling interest that are valid for the period in which they are defined when created.

Not Applicable.

Not Applicable.

Not Applicable.

The Validations that are valid for the period in which they are defined when created.

Not Applicable.

When an action a user doesn't have access to is selected by that user, a message will display indicating that the user doesn't have access to the action. It is important to note that entry and approval actions that users don't have access to will display in the actions pane, however, these users will not be able to perform the displayed actions.


Perform the below steps to assign Processes security permissions to a user:

  1. Navigate to Maintenance > Administration > User & Role Management.

  2. Click the User tab.

  3. Click Security Options (shield icon) and select Consolidation Security under Security Configurations.

  4. Select a user from the User dropdown for which you want to assign security privileges.

  5. Click the Processes tab.

  6. Assign the selected user with access privileges by checking/unchecking the checkboxes.

  7. Click Save.

Decentralized

Use the Decentralized tab to grant distributed users access to Consolidation activities. Upon entering the Decentralized page, the entity access tree is grayed out. Select the Decentralized Consolidation checkbox to enable the entity access tree.


Perform the below steps to assign decentralized security permissions:

  1. Navigate to Maintenance > Administration > User & Role Management.

  2. Click the User tab.

  3. Click Security Options and select Consolidation Security under Security Configurations.

  4. Select a user from the User dropdown for which you want to assign security privileges.

  5. Click the Decentralized tab to grant distributed users access to consolidation activities.

  6. Select the Decentralized Consolidation checkbox.

  7. Once you’ve enabled the Entity Access Tree by selecting the Decentralized Consolidation checkbox, select the members you want the selected user to have access to. If you provide a user with access to a descendant but not its parent, the user will have access to the descendant and will have implied access to the parent member. This way, a tree can be created for the user to access only a portion of the Legal Entity/Company hierarchy.

  8. Click Save.


Enable Preview Assigned to display the Security tree in read-only mode. This view is helpful for Security Administrators to view the assigned security details for a selected user.

preview assigned

Select Export All User Security to download the list of users along with the security permissions they hold.
excel(1)