A privilege rule only defines a name. This rule does not convey any capabilities to any user until you associate it with an object (flow, flow action, report definition, and so on) and an access role.
On the Privileges tab of the Access Manager landing page, you can create, review, and modify privileges for users with different roles to access specific objects of a case and data types.
The source for the list of privileges is the data page D_PrivilegeList. By default the data page uses a report definition to return the list of privileges in the current application.