Presentation is loading. Please wait.

Presentation is loading. Please wait.

HRMS Implementation Project HRMS Security Overview Module.

Published byGillian Gertrude Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "HRMS Implementation Project HRMS Security Overview Module."— Presentation transcript:

1 HRMS Implementation Project HRMS Security Overview Module

2 2 Purpose The purpose of this module is to provide an overview of: Security set up for HR Responsibilities of the decentralized security functions Login procedures/password maintenance Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security

3 3 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

4 4 PAY1 – HRMS Comparison PAY1HRMS Access is granted by…SSN/NamePosition (with link to UserID and Employee) What can be accessed…ScreensTransactions/Infotypes Level of access determined by…Individual screensRoles (a collection of transactions/infotypes for a business process) Scope is controlled by…Agency/sub agencyAgency or sub agency based on organizational structure Physical access determined by…RACF admin assigns UserID HRMS Agency Security UserID Administrator assigns UserID System access determined by…Agency PAY1 designeesAgency HRMS Security Admins

5 5 Security access (roles) are assigned to HR positions in the Organizational structure. Role Assignment – Determines which transactions/infotypes the end user can access in the system (collected via role mapping for cutover/conversion). Organizational Assignment – Determines which employees’ information the end user can view and/or update in the system. Default access assigned at the agency level (Level 2) unless otherwise noted (collected via organizational survey for cutover/ conversion). HRMS Position-based Security

6 6 Role Definition Handbooks HRMS End User Role Definition Handbooks (Centralized and Decentralized) have been provided as a resource and include: Introduction Background Introduction to State of Washington HRMS Roles HRMS Role Definition Components HRMS Roles Description Infotype & Transaction Access Matrices Link for Role handbooks: http://www.dop.wa.gov/HRMS/ClientServices/Security/

7 7 Security Naming Conventions In order to identify HRMS security objects in the HRMS system, please refer to the following naming conventions: R3/HRMS Roles Single roles begin with ‘S’; Composite roles (roles comprised of two or more single roles) begin with ‘C’ All technical names of HR roles will begin with ‘SR3P’ or ‘CR3P’ Decentralized roles begin with: ‘SR3P_DE’ or ‘CR3P_DE’ (standardized for all agencies) Centralized roles begin with: ‘SR3P_CE’ or ‘CR3P_CE’ Agency Data Profile roles begin with: ‘SR3P_XXXX’ (where XXXX = Enterprise Personnel Area) R3/HRMS Profiles Structural profiles: Enterprise Personnel Area numbers (system generated) Decentralized role profiles: ‘WAD’ Centralized role profiles: ‘WAC’ – central processing agencies that require statewide access BW (Business Warehouse) Roles All technical names of BW roles will begin with ‘SBWP’ Customized agency roles begin with: ‘SBWP_XXXX’ where XXXX = Enterprise Personnel Area UserIDs R3/HRMS and BW UserIDs are always the Personnel ID number, including leading zeroes Portal UserIDs for R3/HRMS and BW access are comprised of domain\network ID (ex. Dop\lonnier)

8 8 Decentralized HRMS Roles Payroll: Payroll Processor SR3P_DE_PAY_PROC Payroll Analyst SR3P_DE_PAY_ANL Garnishment Administrator SR3P_DE_GARNISH_ADMIN Payroll Supervisor SR3P_DE_PAY_SUPV Payroll Inquirer SR3P_DE_PAY_INQ Organizational Management: Organizational Management Processor SR3P_DE_ORG_MANG_PROC Personnel Administration: Personnel Administration Processor SR3P_DE_PERS_ADMIN_PROC Personnel Administration Supervisor SR3P_DE_PERS_ADMIN_SUPV Personnel Administration Inquirer SR3P_DE_PERS_ADMIN_INQ Time Management: Time and Attendance Processor SR3P_DE_T&A_PROC Time and Attendance Supervisor SR3P_DE_T&A_SUPV Time and Attendance Inquirer SR3P_DE_T&A_INQ

9 9 Decentralized HRMS Roles – cont’d Benefits: Benefits Processor SR3P_DE_BENE_PROC Financial Reporting: Financial Reporting Processor SR3P_DE_FIN_RPT_PROC Leave: Leave Corrections Processor SR3P_DE_LEAVE_CORR_PROC

10 10 Centralized HRMS Roles (Assigned/maintained by DOP HRMS Security Team only – Agency Security staff do not have access to assign centralized roles) RoleAgenciesTech Name Central Agency InquirerOFM, SAO, DOP – agencies with statewide oversight mandate CR3P_CE_INQ_HELP_DESK Central Benefits InquirerHCA and DRSSR3P_CE_BENEFITS_INQ Central Compensation AnalystDOPSR3P_CE_COMP_ANL Financial ApproverOFMSR3P_CE_FINC_APRV Garnishment InquirerAGOSR3P_CE_GARN_INQ Payroll Analyst ProductionDOPSR3P_CE_PAY_ANL_PROD Payroll Release AdministratorHRISD Only SR3P_CE_PAY_RELEASE_ADMIN Security AuditorSAO, DOP – agencies with statewide oversight SR3P_CE_SECURITY_AUDIT

11 11 Organizational Structure Level 1 Level 2 Level 3 State Agency 2Agency 1 Sub-Agency BSub-Agency A For security, the state-wide Organizational Structure consists of these three organizational levels.

12 12 Role/Organizational Assignment State Agency 2Agency 1 Sub-Agency BSub-Agency A Position 2Position 1 Role ARole B Agency 1 Structural Data Profile One or more roles can be assigned to each position. The roles limit the screens that each position can view. The positions are assigned structural authorizations based on where they fit in the organizational structure. The structural authorization limits the position to view only data in a particular area. Role A Agency 2 Structural Data Profile

13 13 SAP UserID Assignment State Agency 2Agency 1 Sub-Agency BSub-Agency A Position 2Position 1 Role A Role C A person is appointed to a position, and inherits the structural authorizations and role assignment. The person is given a UserID. Personnel Record Role B UserID Personnel Record Agency 1 Structural Profile Agency 2 Structural Profile 1 2 3 4 Activity breakdown 1. Org Mgmt Processor 2. Security Auth’n Admin 3. Pers Admin Processor 4. Security UserID Admin

14 14 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

15 15 Responsibilities of the Decentralized Security functions Security Authorization Administrator Position Maintenance (R3/HRMS) Security UserID Administrator UserID Setup and Maintenance (R3/HRMS, BW and Portal) Security Auditor Execute security reports (R3/HRMS and BW) Analyze security assignments (R3/HRMS and BW) Responsibility is limited to your Access for your agency ONLY

16 16 How the Security Roles fit into the Overall HRMS Process Personnel Administration Processor - Hire employee into position Security Authorization Administrator - Assign role(s) to position Organizational Management Processor - Create position Security UserID Administrator - Setup UserID and password for employee Security Auditor - Monitor access profiles for entire agency R3/HRMS Security New Positions begin here Existing Positions begin here

17 17 How the Security Roles fit into the Overall HRMS Process Structural Authorizations loaded from R3 Security UserID Administrator - Setup UserID and password for employee; Assign Roles to UserID Security Auditor - Monitor access profiles for entire agency BW Security * UserID Setup complete in R3 (including structural authorizations) * R3 UserID must be setup, with structural auth. data profile assigned to pos. prior to setup of BW UserID

18 18 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

19 19 Login Procedures Why do you need to learn the different login procedures? You will be considered experts for logging into the system since you are mapped to Security roles. You will need to incorporate HRMS access requests into your agency’s user access procedures Why are there multiple log in methods for the State of Washington? Not all agencies access the internet in the same way Inside the SGN and on the EAD can be Single Sign-On (SSO) Inside the SGN and not on the EAD or outside the SGN (non SSO) Agency Infrastructure (subject to change in the future)

20 20 Password Maintenance Each Login Procedure has a different method for password maintenance: SSO HRMS password only used for Portal mapping; otherwise it will NOT be used Contact: HRMS Security UserID Administrators (Portal mapping issues) or Agency Network Administrator (SSO password issues) Non SSO HRMS password will be used Password prompt for reset every 90 days Contact: HRMS Security UserID Administrators Portal Portal password will be required for non-SSO users Contact: HRMS Security UserID Administrators

21 21 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

22 22 Role-based security and assignment of roles in different environments SAP security is role-based in all environments; however, role assignment procedures vary: R3/HRMS: Indirect role assignment; R3/HRMs roles are assigned to positions in the Organizational structure Roles should NOT be directly assigned to the UserID in R3/HRMS BW (Business Warehouse): Direct role assignment; BW roles are assigned to UserIDs, OR UserIDs are assigned to roles, depending on the ratio of UserIDs to roles and vice versa Portal: Direct role assignment; Portal roles are assigned directly to Portal UserIDs

23 23 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

24 24 BW (Business Warehouse) Security Overview Role-based security assignments Customized roles per agency BW Reporting End User –Execute web reports via the portal BW Reporting Power User –Execute web reports via the portal –Create/Maintain adhoc agency reports User Access Roles will be assigned directly to UserIDs - - OR - - UserIDs can be assigned directly to roles Access to agency data available next work day

25 25 How the Security Roles fit into the Overall HRMS Process Structural Authorizations loaded from R3 Security UserID Administrator - Setup UserID and password for employee; Assign Roles to UserID Security Auditor - Monitor access profiles for entire agency BW Security * UserID Setup complete in R3 (including structural authorizations) * R3 UserID must be setup, with structural auth. data profile assigned to pos. prior to setup of BW UserID

26 26 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

27 27 Portal Security Portal Admin Responsibilities of the Security UserID Administrator Create Portal UserID/Password Assist Users in mapping Portal UserID to HRMS UserID Assign Portal Roles End User Role (hrms.eu_role all users – this grants basic access) BW Role (hrms.BW if accessing BW) WEBGUI Role (hrms.webgui if accessing R3/HRMS)

28 28 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

29 29 Resources Additional SAP Reference Materials SAP Authorizations Made Easy SAP Authorizations System Additional SAP Vendor Training SAP R3 Security Basics SAP HR Security SAP BW Security SAP Auditing http://www.sap.com/usa/education/

30 30 Agenda Security set up for HR Responsibilities of the decentralized security functions Login procedures Role-based security and assignment of roles in different environments BW (Business Warehouse) security Portal security Resources Contact Us

31 31 Contact Us For more information: Contact the HRMS Security team (via DOP Help Desk email) at: HelpDesk@DOP.WA.GOV

Download ppt "HRMS Implementation Project HRMS Security Overview Module."

Similar presentations

HRMS Grievance Tracking Training Guide 1. Course Objectives Upon completion of this course, you will be able to: – Explain the roles used in the Grievance.

HRMS Grievance Tracking Training Guide 1. Course Objectives Upon completion of this course, you will be able to: – Explain the roles used in the Grievance.
ESS Reconfiguration Personnel / Payroll Association March 30, 2010 Dennis Gustafson Department of Personnel Going back to the basics – more choices, smoother.

ESS Reconfiguration Personnel / Payroll Association March 30, 2010 Dennis Gustafson Department of Personnel Going back to the basics – more choices, smoother.
HRMS Reporting Workgroup Presentation Payroll Journal Flexible Employee Data 1.

HRMS Reporting Workgroup Presentation Payroll Journal Flexible Employee Data 1.
Enterprise Resource Planning

Enterprise Resource Planning
Time Evaluation ZT60 Presented by: Kelly Welsh July 29, 2009.

Time Evaluation ZT60 Presented by: Kelly Welsh July 29, 2009.
DEPARTMENT OBJECTIVES 1. To Identify and deploy information technology to meet business objective at CKPL. 2.To Provide support to users for systems usage.

DEPARTMENT OBJECTIVES 1. To Identify and deploy information technology to meet business objective at CKPL. 2.To Provide support to users for systems usage.
Travel and Workflow Implementation In 4.5b With An Upgrade to R/3 Enterprise Denise McBride and Kim Wagester Central Michigan University.

Travel and Workflow Implementation In 4.5b With An Upgrade to R/3 Enterprise Denise McBride and Kim Wagester Central Michigan University.
Monitoring Security With Standard SAP Tools Session Code 805 Sandi McKinney.

Monitoring Security With Standard SAP Tools Session Code 805 Sandi McKinney.
Copyright © 2003 Americas’ SAP Users’ Group Optimizing HR PA/PD Process with Workflow David Ulin – Senior Process Architect May 21, 2003.

Copyright © 2003 Americas’ SAP Users’ Group Optimizing HR PA/PD Process with Workflow David Ulin – Senior Process Architect May 21, 2003.
Implementation Audit and Control Background Internal Audit Role Go-Live Criteria Audit Approach - Systems Audit Approach - People Summary Agenda.

Implementation Audit and Control Background Internal Audit Role Go-Live Criteria Audit Approach - Systems Audit Approach - People Summary Agenda.
FinancialAsset Management ©2003 Texas State, For Internal Purposes Only. Slide 1 of 15 Manager and Employee Self Service at Texas State University-San.

FinancialAsset Management ©2003 Texas State, For Internal Purposes Only. Slide 1 of 15 Manager and Employee Self Service at Texas State University-San.
Introduction to SAP R/3.

Introduction to SAP R/3.
Identity Management, what does it solve By Gautham Mudra.

Identity Management, what does it solve By Gautham Mudra.
SAP An Introduction October 2012.

SAP An Introduction October 2012.
Train The Trainer Employee Central Administration

Train The Trainer Employee Central Administration
Food and Nutrition Services Supervisors Manager Self Service (MSS)

Food and Nutrition Services Supervisors Manager Self Service (MSS)
University of California, Irvine Security Access Management at UC Irvine: Adding Decentralization and Ending Paper Mark Askren, Assistant Vice Chancellor.

University of California, Irvine Security Access Management at UC Irvine: Adding Decentralization and Ending Paper Mark Askren, Assistant Vice Chancellor.
DCIPS Occupational Structure Review

DCIPS Occupational Structure Review
Financial Administrative Training (SAP) Login & Self Enrollment Instructions Follow this procedure If: You want to access classes for the Financial Administrative.

Financial Administrative Training (SAP) Login & Self Enrollment Instructions Follow this procedure If: You want to access classes for the Financial Administrative.
Mandatory Annual ACE Training Fiscal Year 2011 – 2012.

Mandatory Annual ACE Training Fiscal Year 2011 – 2012.

Similar presentations

Ads by Google