Verifying security policies for navigation and reports that are delivered with a service release

Infor provides the ability for customers to view delivered security policies, including those that have been updated through a service release, to determine if new or updated policies affect their modifications.

Customers often make modifications to delivered security policies for navigation items and delivered reports. With release, 2025.04, they can quickly review a new policy against the current policy on their system. They can also view Infor-generated recommendations and use built-in tools to handle the changed policy.

To review newly delivered security policies, perform these steps.

  1. As a user with access to the Security Administration application, open the application.
  2. If policies have been delivered that have not yet been reviewed, they are listed on the main page.
    • Navigation Policies In Use Needing Review shows policies that have been changed for navigation items.
    • Delivered Report Policies In Use Needing Review shows security policies that have been changed for delivered reports.
    Note: 

    If all to-be-updated policies have been reviewed, the security administration application home page shows "All policies reviewed."

  3. Click a policy to view the changes or click the View All Changes link. If you select View All, the reports are listed on the Policies In Use Needing Review page and can be opened individually.
  4. Click on each tab to review changed policies and take actions as needed.

Delivered policies review page showing no differences

Policy tab

This tab shows information about the current version of the policy on your system. The policies in use display in the large section at the bottom of the page.
  • Description: A descriptive name of the policy if one was configured.
  • Role: The role that uses the policy.
  • Last Review: Date that you marked this policy as reviewed.

  • Based On Delivered: Shows the delivered policy that this policy is based on.

    If differences exist, you can run the action to determine how to handle them. See "Example: Handling differences" below for details.

    If no differences exist, "No Differences" displays.

  • Copied From: Shows the policy that this policy was copied from, if any.
These actions can be performed from the Policy tab:
  • Configure: If you select this button, the Review Changes tab opens. See "Review Changes tab" for details.
  • Copy: Use this action to copy the selected policy to a new version. The most common reason for doing this is to create a local version of a delivered role. For example, Infor delivers a role called, EMPLOYEE_ST, which should not be changed. You can copy the role as EMPLOYEE_ACME to have your company's version of the role.
  • Deactivate: This action deactivates a policy. It still exists but is not enforced unless you reactivate it by clicking the Activate button.
  • Enable Auto Update: Turn on this option to enable updates when an update for the policy is included in a service release. This means that when Infor delivers updates for the policy, delivered changes are automatically merged with the existing policy.

Review Changes tab

When a new policy is delivered, this tab shows your current policy and suggestions for handling differences.

Review Changes displays a side-by-side comparison of the current policy and a suggested policy. You can choose how to handle the suggestions. See "Example: Handling differences" below.

If "No Differences" displays, it means that Infor has no suggestions for policy updates. In this case, you can select the Mark as Reviewed button. When you select Mark as Reviewed, you no longer receive messages that a policy needs to be reviewed. Changes are retained in history.

History tab

Use this tab to view all changes that you made to the policy.

Delivered History tab

Use this tab to view all changes to the policy that have been delivered by Infor.

Example: Handling differences

This example steps through the process for handling differences between policies on your system and those that are delivered in a service release.

When the Review Changes tab shows differences, a screen similar to this one displays.

Current shows what is currently on the system. Suggested highlights differences from the new delivered version.

Delivered changes requiring review
From here you can perform these actions:
  • Configure: Use this action to open the options for creating and editing policies. See Working with the UI Access Control feature for more information.
  • Resolve Differences: Click to open an editor that lets you select line items from the suggested policy. The selected new policies are added to your existing policy. New policies that you do not select are not added to the existing policy. Click Submit when you are finished.
  • Accept Suggestion: This action accepts all line items in the suggested policy.
  • Mark as Reviewed: Select this action when you are finished reviewing a suggestion and have taken the appropriate actions (Resolve Differences, Submit, Accept Suggestion). When you select Mark as Reviewed, you no longer receive messages that a policy needs to be reviewed. Changes are retained in history.