Data-Level Security Using Cognos Framework Manager Part I


Data-level Security

Cognos Framework Manager (FM) is an essential part of using IBM Cognos Analytics. In addition to being the designated Business Intelligence (BI) modelling tool of the Cognos family, FM is where operators can implement data-level security. 

Leveraging data-level security using Cognos Framework Manager is critical for organizations that need tailored views of the data output from a centralized dashboard or report. 

Benefits of Data-level Security

Rather than creating multiple reports for each type of user in your business, data-level security protocols allow you to create just one. You can then build views specific to each Role, Group or even User in your database, which show only the relevant information to the designated party and can be reused on future BI models. 

Essentially, Cognos FM gives you a streamlined way of delivering tailored data output to every individual in your organization, without creating multiple BI models. However, it can be complex to set up – and businesses still run into ongoing maintenance issues.

Today, we’re going to look at how to implement your data-level security using Cognos Framework Manager, as well as how to improve its efficiency.

A typical BI Model in Cognos FM (go_data_warehouse_dq from Samples):

How to implement

To add data-level security to your BI modelling, follow these five steps in Cognos FM:

  1. Find and highlight the table to apply data-level security to. This can be a database table, or a logical table like (Query Subject). 

  2. Click the Actions menu, and then Specify Data Security.

3. Start adding Roles, Groups, or even Users from Cognos Administration. These can be from Cognos default security namespace, or even from your Authentication Provider (AD) namespace.

4. Next, add the filter to be applied whenever this user/group/role member runs a query, report or dashboard – this determines exactly what they will see.


5. Finally, click OK, save the project, and publish the package again. This allows the changes made to Cognos FM to take effect on the published package available through Cognos Portal.



There – you’ve successfully set up data-level security!  Then users can get the specific information they need – and only that – whenever they run a report.  That is simply the general approach of data-level security implementation in IBM Cognos. However, there is one drawback to this: ongoing maintenance.  I hope you enjoyed my article on how to leverage data-level security using Cognos Framework Manager. 

In my next blog, I will lay out an intelligent, automated approach to streamline the data-level security implementation while also bringing maintenance overhead to a minimum.  Be sure to explore our blog for other helpful insights.  Subscribe to our e-newsletter for more technical articles and updates delivered directly to your inbox.

Next Steps

If you have any questions or would like PMsquare to provide guidance and support for your analytics solution, contact us today.