Edit

Share via


Security tasks under the process hierarchy

The security tasks under the process hierarchy are the key processes that a given role completes in Dynamics 365 finance and operations apps to perform its specific duties. This feature lets system administrators convert these processes into individual tasks and multiple functionalities that those tasks support.

Segregation of duties

Segregation of duties prevents duties that have overlapping privileges and roles that have overlapping responsibilities. Segregation of duties can be enabled on the Parameters page. After you create a new task and assign entry points to it, you can validate the percentage of overlapping duties. You can set up segregation of duties rules to prevent users from saving conflicting duties.

Privilege separation validation

Privilege separation validation is more focused on the privileges that are assigned to roles. After you create a new task and assign entry points to it, you can validate the percentage of overlapping privileges.

Load from task recordings

Create new tasks from existing task recordings that are generated by capturing interactions with the user interface (UI) in the Task recorder tool. Users can record core business actions and share the recordings with system administrators. System administrators can then convert the recordings into security tasks in the security configuration. This approach offers an efficient way to create new tasks.

Load from user or role

Convert the entry points from existing user accounts or roles into security tasks. After you select an existing user account or role, the entry points are extracted and converted into tasks. System administrators can have a starting point to design a new security role based on existing users or roles. They can add, edit, or remove more entry points from the extracted entry points and define a new role with new duties and new privileges. System administrators can quickly create new roles that are inspired by existing roles within the company but don't completely overlap with each other.

Load from existing task

Use existing tasks as a starting point for creating new tasks.

Entry points subtraction

Create a new duty that is based on an existing entry point by removing specific processes from that entry point. Select Entry points subtraction, and then select an existing user account, role, privilege, or duty to view the entry points. You can remove any entry points that you don't want to create in the new tasks.