Users cannot access the simultaneous programs ( just like Forms) until unless the program is attached to a responsibility by a ?Request Group?. Therefore the responsibilities give the complete security by restricting access to forms, reports, tables( by data-groups) and also to specific records ( by profile options like Set of Books Id, MO Org Id).