The Slightly Re-Engineered PeopleSoft Security Presented by Shelia Sloan - ITS Overview This session is aimed at both PeopleSoft Financials users and Security Administrators. We will discuss
plans for the 9.2 upgrade including streamlined security roles, the use of new tools like dynamic security, and things you can do to prepare for the upgrade. Setting Up Users Ever Feel Like This?
Adding New Users Users can add themselves Gives basic access - May include Expenses depending on institution
Core Users Core users can still Self Register, however, the local Security Administrator at the institution will be required to add additional roles. Local Security Administrators can still manually add user accounts under Distributed User Profiles. New Security Request Form Sample
Sample Job Aid by Job Function Sample Job Aid by Job Function Security Roles in 9.2
Security roles are mapped to functional Business Processes. During Fit Gap, a thorough review of 8.9 roles was completed. Around 32 roles were eliminated and 17 roles were renamed. Dynamic Role Assignment will be introduced as part of the upgrade for certain roles.
Dynamic Role Example Sally is an Expenses Department Approver. Setup for Approver Assignments is located here: Dynamic Role Assignment Contd Since Sally is defined on the Approver Assignments page as an
Approver, she should get the BOR_EX_APPROVAL role. Instead of the local Security Administrator going to Sallys User Profile and adding the role manually, it can be automatically added/deleted via a query process. Dynamic Role Assignment Contd The role query will run in the background and search for user IDs that are defined as approvers. It will automatically assign the role.
Upon Termination, when the approver is removed from the Approver Assignment Page, the role query will run and remove the BOR_EX_APPROVAL role from the user ID without manual intervention. ITS is looking into other areas where Dynamic Role Assignment can be used to help automate security. If the local Security Admin manually assigns the BOR_EX_APPROVAL role, then the role query/dynamic assignment will not remove the
role automatically. It becomes a static role at that point. Manual Role Assignments The hardest part of Role Assignments is knowing which role provides what access. In 9.2, ITS is updating the roles with long descriptions that will contain the business processes to which that the role has
access. Role Definitions In addition to the long description, there will be a cheat sheet released for all ITS delivered roles and business process assignments.
Other Roles Also, in 9.2 there is an expanded use of workflow in various modules. (Attend the Workflow is Overflowing Session today at 5:10 pm!) This means more roles (for workflow approvals!) Also means more cleanup of role assignments upon termination.
Workflow will be delivered in ePro, Purchasing, Accounts Payable, Expenses, General Ledger and Commitment Control. How to Prepare for the Upgrade There are several things that can be done at each institution now and ongoing in current production, that will ensure a smooth transition.
Stay on top of your terminated users Current User access review
User Access Report User Preferences Report Commitment Control Security Report How to Prepare for the Upgrade Each institution will NEED to run the User Access Report in version 8.9 that is under BOR Menus > BOR Utilities > BOR Security > User Access Report.
This report will need to be run prior to UAT and right before upgrade cutover. Local Security Administrators should review the role assignments and note where changes are needed for things such as: Role name changes in 9.2 8.9 role deletions Roles that have been combined with other functionality (Different than in 8.9).
How to Prepare for the Upgrade Prior to UAT, each local security administrator will be responsible for attending a training session as well as configuring their users within the UAT environment. It is the plan to extract users and their security from this UAT environment to use in Production after cutover. It is very important that a thorough review of access/user
preferences, commitment control security, documentations, and approvals is completed (especially for AUDIT Purposes)! After the Upgrade Audit 2015 will be right around the corner. Current User Access will be KEY this year. Terminated user cleanup is still critical. Review all unlocked accounts to ensure they migrated over correctly
from UAT. Remember segregation of duties during the review. Local Security Admin accounts will be forced to reset their password every 90 days instead of 180. Commitment Control security needs to be reviewed as part of the controls. Any access issue can be addressed via a helpdesk ticket to ITS.
Security Modifications There are several modifications that are being dropped for security in 9.2
The first two relate to updating a cross reference table dealing with multicampus users. What does this mean to you? When Security Administrators are terminating a user, it is very important to populate the User ID Alias field with OPRID-EMPLID. Security Modifications Contd Then on the ID tab, in the ID Type field, select None. Save.
This will eliminate MOST of the multi campus user issues you encounter! Security Modifications Contd This Save Approver ID page will no longer be available in 9.2 Security Modifications Contd The Role User Access Report and the User Access Report will no
longer be delivered in 9.2 as there are other queries that can be run to replace the reports. PT_SEC_USER_PAGE PT_SEC_ROLE_PAGES Training & Documentation Online Security Training http://www.usg.edu/gafirst-fin/training/archives
Security Guides & Documentation http:// www.usg.edu/gafirst-fin/documentation/categor y/security Questions? Thank you for attending!
University System of Georgia Information Technology Services
Critical Thinking: An Introduction Lecture 1 ... interval between observation and report Report by the observer, rather than someone else (that is, the report is not hearsay, and can be verified) Corroboration or possibility of corroboration Good access to actual...
NATS Safety Strategy. Lessons From iFACTS. Engage users early and throughout the design process. Train controllers how to apply the tools, not just how to use the tools. Validation in limited operational service, Monitor in service for adaptations to the...
Composite figure. A composite figure is made up of two or more different two-dimensional figures (triangles, squares, rectangles, semicircles, trapezoids…). To find the perimeter of a composite figure, find the distance around the figure.
Children and Young People (Scotland) Act 2014. Part 5 . There will be one statutory Child's Plan which will be used in all circumstances including CP, LAC , EEI, CSP and those in Young Offenders institutions . There will be...
It reduces everything to a simple level; depression may actually be an appropriate response to a bad situation and not a physical illness. Our behaviour often only makes sense if you look at the meanings people put to what they...
Ready to download the document? Go ahead and hit continue!