Which security group types include other security groups to determine membership?

Aggregation security groups and intersection security groups are designed to incorporate other security groups in order to define their membership, thus facilitating the management of permissions and access within Workday.

Aggregation security groups allow members to be collected from multiple other security groups, making it easier to assign access based on broader categories of users or rules. For instance, a group representing all employees in a region can aggregate several smaller groups representing specific departments within that region.

Intersection security groups, on the other hand, create a membership that is based on the overlap of members from multiple security groups. This means that only individuals who belong to all the referenced groups are included in this new group, allowing for highly specific access control tailored to unique requirements.

The other types of groups mentioned do not incorporate other security groups in the same capacity. For example, user-based and role-based security groups focus on membership based on individual users or specific roles rather than aggregating from other groups. Similarly, segment-based and function-specific security groups are more focused on specific segments of the workforce or functions rather than on the inclusion of other groups in defining their membership. Lastly, standard security groups and dynamic security groups pertain more to traditional and changing organizations or contextual roles within Workday, without involving the aggregation or intersection of