To define Business group, LE, OU, Organization, HR Organization etc check out below link
http://oracleerpappsguide.blogspot.com/2012/01/organization-in-r12.html
SOB is a sepcial organization in multi-org model. Its a financial entity that shares a particular hart of account, finctional currency and finncial accounting calendar. A General Ledger (GL) secures transaction information bu SOB.
An SOB is the highest level that affects the accounting aspects of business. One BG can be associated with multiple SOBs, but one SOB can be associated with only one BG. Each SOB has 3Cs.
 

 
When you use GL, you need to choose a responsibility that specifies a particular SOB(with the profile – GL SET OF BOOKS NAME). This allows you to get information fo that SOB only. In Oracle applications, you can create an SOB using the set of books window in GL. In the set of books window, you can define all other types of organization using the organization window.
With the multi-Org enhancements, multiple SOBs can use the same global item master organization. This is because the item master organization is used for item definition and not for item accounting information. All accouting-related attributes in the item master are controlled at the item level or organization level.
A balancing entity is one for which you prepare a balance sheet as a balancing segment value in the Accounting Flexfield structure. In any OU, you can have multiple balancing entities and each of these must balance within itself.
In oracle applications, all intercompany entries are automatically created within the SOB to ensure that companies are never out of balance. A legal entity can have one or more than one balancing segments. For example, you may have multiple companies defined in your COA reporting to a single legal entity.
How to decide Legal Entities and OUs
There two things one should consider while creating legal entities
1. The number of fisical and tax report the organization has to produces – for each distinct values we should create one legal entity.
2. The number of entities for which the company produce balance sheet – for each distinct values we should create one legal entity.
An operating unit a is a fincial entity in a business group that engages in transactions with outsiders and for which you want to track the finalcial transactions.
OU deals with 5 subledgers – OM, AR, PO, AP and GL
Security and Subledgers decides how many operating units one should create in a business group.
Each company defined in your COA may have multiple divisions which you produc balance sheets. In that case, it is likely that each company in the COA is setup as a legal entity and each division is setup as an OU.
 
Securing values
Oracle Applications does not automatically secure balancing segment values within your COA with specific legal entities or OU. You can create security rules to ensure this security requirement. For example, you can ensure that the payables team may access invoices of a specific division. If security rules are not defiend, access to all divisions will be available.
 
To explain different balancing entities, assume that there is one GL SOB, balancing segment value is the company segment, and that there are three companies 10, 20 and 30. You should ensure that OUs are associated with responsibilities, and each responsibility is associated with one and only one OU. In the case the company 10 is a legal entity in which two divisions Div1 and Div2 are defined as OUs. You can create a security rule to ensure that when users log in with a particular responsibility, they should only be able to enter transactions with compnay 10, and the users from company 20 and copnmany 30 should not be allowed.
 
The Oracle Applications organization model defines organizations and the relationships among them in arbitrarily complex enterprises. This organization model serves as the cornerstone for all of the Oracle Applications products. It dictates how transactions flow through different organizations and how those organizations interact with each other.
Multi-Org is an application and database enhancement that enables multiple business units(operating units) in an enterprise to use a single installation of oracle applications products while keeping transaction data separate and secure.
Major Features of Multi-org
Multiple Organizations in a Single Installation
You can define multiple organizations and the relationships among them in a single installation of Oracle Applications. These organizations can be ledgers, business groups, legal entities, operating units, or inventory organizations.
Secure Access
You can assign operating units to a security profile and then assign the security profile to responsibilities or users. If multiple operating units are assigned to the security profile, then a user can access data for multiple operating units from a single
responsibility. This ensures that users can only access, process, and report on data for the operating units they have access to.
Data Security
You can limit users to information relevant to their organization. For example, you can limit access for order administration clerks to sales orders associated exclusively with their sales office.
Inventory Organization Security by Responsibility
You can specify the inventory organizations that are available to users in each responsibility. The Choose Inventory Organization window automatically limits available inventory organizations to those authorized for the current responsibility.
Responsibility Determines Operating Unit
Your responsibility determines which operating units you can access when you use Oracle Applications. If you only want a responsibility to access only one operating unit, then set the profile option called MO: Operating Unit. If you want a responsibility to access multiple operating units, then define a security profile with multiple operating units assigned and assign it to the MO: Security Profile profile option. Additionally, if using the MO: Security Profile profile option, you can also set the MO: Default Operating Unit profile option to specify a default operating unit that will default in transaction entry pages.
Types of Organizations
You can define organizations and the relationships among them. You can define security for either an organization hierarchy or list of organizations.
Business Group
The business group represents the highest level in the organization structure, such as the consolidated enterprise, a major division, or an operation company. The business group secures human resources information. For example, when you request a list of employees, you see all employees assigned to the business group of which your organization is a part.
The business group drives the legislation used for human resources and payroll purposes. If the implementation involves employees in multiple countries, then it will likely require several different business groups, one for each country where employees are located. This assumes that the company does not seek to customize multiple legislative requirements into one business group.

The HRMS best practice recommends that a new business group should represent a country or regional level partition of data. All companies that operate in the country or regions should be represented as legal employers in the business group.

SOB/PL
Set of books in 11i consists of 3Cs – Chart of Account, calendar, currency
Primary ledger in R12 consists of 4Cs
See the child chapter to this
http://www.oracleug.com/user-guide/basics-oracle/define-sob
Legal Entity


A legal company for which you prepare fiscal or tax reports. You assign tax identifiers and other legal entity information to this type of organization.
You can define legal entities using Legal Entity Configurator or Accounting Setup Manager in General Ledger.

 


Operating Unit

  • An organization that uses Oracle subledgers, such as Oracle Cash Management, Order Management and Shipping Execution, Oracle Payables, Oracle Purchasing, Oracle Receivables, and related products. It may be a sales office, a division, or a department.
  • In R 12 Operating units are not associated with legal entities. Operating units are assigned to ledgers and a default legal context.
  • Information is secured by operating unit for these applications using responsibilities. Each user can access, process, and report on data only for the operating units assigned to the MO: Operating Unit or MO: Security Profile profile option. The MO: Operating Unit profile option only provides access to one operating unit. The MO: Security Profile provides access to multiple operating units from a single responsibility
  • You can define operating units from the Define Organization window in Oracle HRMS or from Accounting Setup Manager in General Ledger.
Inventory Organization
  • An organization for which you track inventory transactions and balances, and/or an organization that manufactures or distributes products. Examples include (but are not limited to) manufacturing plants, warehouses, distribution centers, and sales offices.
  • The following applications secure information by inventory organization: Oracle Inventory, Bills of Material, Engineering, Work in Process, Master Scheduling/MRP, Capacity, and Purchasing receiving functions. To run any of these applications, you must choose an organization that has been classified as an inventory organization.
  • You can create ledgers using the Accounting Setup Manager in Oracle General Ledger and define organizations using the Define Organization window.
HR Organization
HR organizations represent the basic work structure of any enterprise. They usually  represent the functional management, or reporting groups that exist within a business group. In addition to these internal organizations, you can define other organizations for tax and government reporting purposes, or for third party payments.
Information Shared Across Organizations
The following information is global. It must be set up once for the enterprise:
• Flexfield definitions
• Customer Header (customer site is at the operating unit level)
• Supplier Header (supplier site is at the operating unit level)

Implementors and administrators can verify the successful configuration of end user functions by performing the tasks described in this section.
Self-Service Registration
Oracle User Management enables users to register for access to applications without requiring assistance from administrators. To register for application access, users must provide information in the required fields and click the Submit button.
Oracle User Management ships with the following sample self-service registration processes:

  • Employee Self-Service Registration
  • Customer Self-Service Registration (external individuals)

Organizations can use these registration processes in their existing form, or can use them as references for developing their own registration processes.
Requesting Additional Application Access
Oracle User Management enables you to request additional access to the specific applications for which you are eligible. Application access is based on roles and to access an application you must be granted the appropriate role. Perform the following to view the roles you have been assigned and to request additional ones.
Steps
1. After logging into the system, click the Preferences link in the upper right corner, and click the Access Requests link in the sidebar menu. The Access Requests page displays the roles you have been assigned. Click the Request Access button to request one or more additional roles.
2. Most roles are organized according to role categories: roles that are not categorized appear under the Miscellaneous node. Select the role category that contains the role you want to request. If you do not see the required role, then either you are not eligible for the role or it has not been set up to for additional access requests.
3. Select the role or roles you require for additional access to the system, and click on the Add to List button. You can optionally remove roles from your list by clicking on the Remove Roles button.
4. When you have selected all your required roles, click on the Next button.
5. Enter a justification for your request and click on the Next button. You can remove any pending roles or check their status in the page that appears next.
Guidelines
Some roles may require you to provide additional information. In such cases, the system will prompt you for additional information before you can complete the process for requesting a role.
If the role being assigned would cause a separation of duties violation, the operation will flag this in the workflow attributes, and any approvers for the request will see the details.
Login Assistance
It is not uncommon for system administrators to have to reset a user’s forgotten password, or even advise a user of the account’s user (login) name. This is unproductive for both the user, who cannot do any work in the meantime, and for the administrator.
In addition, a user will occasionally request the password to be reset, when it is actually the user name that has been forgotten, or vice versa. This type of occurrence leads to even more time being lost.
A new feature reduces the time spent in such administrative activities by implementing a login help mechanism that is easily accessed from the E-Business Suite Login Page. A user simply clicks on the “Login Assistance” link located below the Login and Cancel buttons.
On the screen that appears, you can either:

  • Go to the Forgot Password section, enter the correct user name and then click on the “Forgot Password” button. You will then be emailed details of how to reset your password.
  • Go to the Forgot User Name section, enter the email address associated with the account, and click on the Forgot User Name button. The user name will then be emailed to the address specified.

For security, the relevant data is stored securely in workflow tables, and the URLs employed have both an expiration time and a single-use limitation.
The identify verification process required in previous Applications releases is no longer needed. Instead, a link to a secure page is sent to the email address of the user name defined in the system. From this secure page, the user can change password immediately.

There are two types of auditing in Oracle Applications: auditing users, and auditing database row changes.
Auditing User Activity
Auditing users is supported by:
• Sign-On:Audit Level profile option setting
• Audit Reports
Based on the audit level you choose, Sign-On audit records usernames, dates, and times of users accessing the system, as well as what responsibilities, forms, and terminals users are using.
Auditing Database Row Changes
Auditing database row changes is supported by:
• From the Help menu, About This Record
• AuditTrail:Activate profile option setting
• Audit forms