Download presentation
Presentation is loading. Please wait.
Published byJoanna Rich Modified over 6 years ago
1
Using the Banner Workflow Process to Validate Security Roles
Susan McCaffrey Director-Academic Affairs Banner Competency Center Temple University
2
Thank you for your cooperation
General Announcements: Please turn off all cell phones/pagers If you must leave the session early, please do so as discreetly as possible Please avoid side conversations during the session Questions will be answered ….. Thank you for your cooperation
3
CPE Credits - We’ve gone electronic!
To receive CPE credits for this session (if eligible), complete the CPE Attendance Form on the PABUG Annual Conference website or via the PABUG conference app. For additional questions please contact Lora Harper CPE - Coordinator
4
Temple University Total student population: 38,297 Total staff:
Full time and Part time Faculty: Full time staff and administration: 4267 Total degrees conferred in : 9136 Total freshman to sophomore retention rate: 90%
5
Oh no! An internal audit request!
Step 1: Don’t panic Step 2: Define the request Step 3: Examine the tools Step 4: Build the process Step 5: Go
6
Define the request Each supervisor must validate that every direct report with access to STUDENT information within Banner (SSB or INB) should maintain this access or have access revoked. Find all users with specific classes related to student system Maintenance or Query access to direct objects defined within Security Classes Classes are usually grouped within User Profiles Advisor role defined on SIAINST Query included data elements from various systems (HR and Student) as well as Portal information; DBAs created a table and an ad hoc process that, when run, would display supervisor’s response. Individual’s department and job title Supervisor information Contact information Last log on information SIAINST information Survey results
7
Examine the tools Once population is selected, develop a method to survey the supervisors and collect results in a manageable way. Evaluated our available resources: Qualtrics vs Workflow. We needed: Communication tool to supervisors with specific information about each employee Method for confirming or revoking access Method to store responses Communication to Competency Center (me) and Information Security to relay action needed
8
Examine the tools Workflow was chosen because:
Data from tables could supply the initial population to the workflow Results from survey could be saved in same table and could be refreshed in audit view could be customized and sent to supervisors for each employee. could direct supervisors to a Banner workflow link to complete their task; automatic provisioning could occur within the workflow rules. Requests for continued access: written to a table Requests for revocation: sent to my Workflow (Banner) account After my review, the request could be submitted to Information Security’s Workflow link
9
Build the Process Combining the various features of the product
Create the table and set up the ad hoc process to refresh data (DBA team) 1448 employees to be evaluated (including about 100 student workers) 451 supervisors, including 31 student worker supervisors would receive notices Create the to the supervisors Create the workflow Create the provisioning process Review with Information Security; set launch and deadline dates Test, test, test GO
10
Behind the scenes: Workflow diagram
11
to supervisors
12
Portal Workflow link
13
Worklist views
14
Supervisor confirmation
15
If supervisor REVOKED access, an email alert directed me to my Worklist
16
I reviewed notes, unchecked the Advisor role in Banner and then hit “Complete”
17
The final step sent the request to the Office of Information Security
This team removed the Banner security classes for the individual and then process is considered complete.
18
What could possibly go wrong?
This initaitive was launched in early June and we quickly realized that many of the faculty chairs were not on campus. In order to access the workflow through our Portal, network security was needed. An additional was sent explaining how to access our Portal through Citrix Additionally, some supervisory changes had occurred after we had gathered our initial dataset and the s did not go to the CURRENT supervisor Consequently, some faculty advisors and staff required assistance…
19
As an intervention, I found their specific employee within the Student Security Audit process by using “Workflow Status Search” …
20
…and then, within the workflow…
21
…I selected “Reserve for Self” and then completed the request in lieu of the supervisor
22
At any given time, I could see which requests were “Ready” or “Completed”
23
Results? After one “lagging” to remind the supervisors, our compliance was high At our deadline, 110 employees had their access revoked due to job changes At our deadline there were 107 employees who had not been reviewed Using the data from the ad hoc process, I was able to identify the supervisors and followed up with s to supervisors or Associate Deans and manually entered their responses in the workflow. Within three months, we had 100% compliance
24
Future Security Access project
25
Access to Protected Information
26
Submit request for access
27
Request Sent to Supervisor, Dean’s Designee, Collaboration Center, Security
28
Email messages for each action and at completion
29
Open to the Floor Questions Comments
30
Please take time to complete our Conference and Session evaluations
Please take time to complete our Conference and Session evaluations. YOUR INPUT MATTERS!!!
31
Session Title Presenter Name
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.