Presentation is loading. Please wait.

Presentation is loading. Please wait.

Administrator All-Hands

Published bySimona de Graaf Modified over 5 years ago

Similar presentations

Presentation on theme: "Administrator All-Hands"— Presentation transcript:

1 Administrator All-Hands
October 11, 2018 10/11/18

2 Agenda Audit Improvement Reminders
Agency Security Administrator (ASA) Self-Service Annual User and Role Validations Security Best Practices and Lessons Learned SFS Analytics New FBIC Roles A Look Ahead: SFS Improvements Procurement Card Threshold Business Unit Option Procure-to-Pay (P2P) Streamline Program Updates Travel Proxy Tool Updates Requester Setup Mass Upload Tool Administrator Resources Questions 10/11/18

3 Importance of the Annual Review
Ensures confidentiality, integrity, and availability of SFS data OSC is subject to an Annual Financial Audit (includes SFS) SFS customers may be audited for: Compliance review of user and role information for your agency Documentation for user and role provisioning, and documentation as part of your annual reviews Critical success factors for the Annual Financial Audit are: Timely review Documentation maintenance around user provisioning 10/11/18

4 Annual User and Role Validations
SFS has implemented an online solution for the quarterly reports process beginning this fiscal year (4/1/18). Static files are no longer being distributed. Agencies must use real-time queries to complete reviews online. A new work center has been deployed for easy access. Sign off form is now completed online. Snail-mail of forms will no longer be required. A mapping exercise was deployed to agencies requesting 100% compliance. Every agency must map at least one ASA, Financial Certifier, and Compliance Reviewer in SFS. If your agency does not have someone mapped to each of these roles, your agency will be unable to provide the required sign off. 10/11/18

5  Discussion: Annual Review
What is your experience with the annual review process now that the reviews and approvals are completed in SFS? 10/11/18

6 Audit Improvement Reminders
Kristen Pelcher 10/11/18

7 External Audit Your staff should notify you of review outcomes, so that changes can be made timely. Annual user and role review documentation includes: Spreadsheets Correspondence SFSSecure Resources for user provisioning processes: SFS Agency Security Maintenance Procedure SFS User Provisioning Request Form 10/11/18

8 Attachments within ASA Self-Service
ASA Self-Service will now require attachments that support the details of the provisioning changes being requested and the needed approvals. User provisioning form or correspondence documenting approval of changes. Compliance Reviewers and Financial Certifiers will be provided with inquiry access to the ASA Self-Service request page so that they can review user provisioning requests and attachments and approver details provided on the requests. Benefits: This ensures that the documentation needed for audit is available if your agency is selected. 10/11/18

9 Attachment Enhancement
There are two options on the ASA Self-Service page to provide attachments: “Attached File for All User Requests” “Attached File for Single Request Only” Note: Only one type of attachment can be provided for each ASA Self-Service request number. 10/11/18

10 Self-Service Attachment Option: All User Requests
If you select “Attached File for All User Requests”: The attachment MUST contain the justification and approval for ALL users who are part of the ASA Self-Service request number. The person who approved the change should be listed in the Authorized Approver Employee ID field. Note: Only one type of attachment can be provided for each ASA Self-Service request number. 10/11/18

11 Screenshot of new attachment field in ASA self service: All User Request
10/11/18

12 Self-Service Attachment Option: Single Requests
If you select “Attached File for Single Request Only”: When the ASA Self-Service request has multiple user changes, but there are separate files containing justification and approval, attach the appropriate file for the user request on each page of the ASA Self-Service request. Example: If you have two user accounts that need to be changed, and there are two separate files that need to be attached, attach the appropriate file to each user request under the Single Request Only file attachment. Note: Only one type of attachment can be provided for each ASA self-service request number Note: Only one type of attachment can be provided for each ASA Self-Service request number. 10/11/18

13 Screenshot of single user request attachment.
10/11/18

14 Required Field: Reason for Change
10/11/18

15 Required Field: Request Method
10/11/18

16 Required Field: Authorized Approver
10/11/18

17 Attachments – ASA Mass Upload Page
10/11/18

18 Attachments – Annual User and Role Validation Page
Annual User/Role Validation will now require attachments that support the details that the annual review has been completed and of the provisioning changes being requested and the needed approvals. Spreadsheets noting changes or any other form of documentation showing the review was completed. Changes needed should be made in a timely manner within SFS. The ASA Mass Upload functionality will be linked to User/Role Validation page to make this easier for everyone. A new query will be available that lists the reviews completed, who signed off and the related dates. Benefits: This ensures that the documentation needed for Audit is available if your agency is selected. Agencies will be required to attach documents supporting their annual User/Role Validation review, as well as requested provisioning changes and their required approvals. 10/11/18

19 Security Best Practices /
Lessons Learned Kristen Pelcher 10/11/18

20 Social Engineering Recently, an ASA was asked to reset an SFS user’s password via an that mimicked a formal request. The ASA found out that the reset request was phishing and the new password was sent via to an unknown party. Actions/Lessons: Lock compromised accounts immediately: ASA should immediately lock the SFS user account themselves, then contact SFS Security to report the issue and have the users password reset in the system. s can be compromised: This was not sent from the employee and it was discovered that the employees credentials were compromised. The appropriate IT Desktop team should determine that the and their devices are no longer compromised. Compromised s impact SFS processes: Before using ASA Self Service password reset again for the compromised user the ASA is responsible to follow up and ensure: The compromised situation had been addressed. ASA should immediately lock the SFS user account themselves, then contact SFS Security to report the issue and have the users password reset in the system This was not sent from the employee and it was discovered that the employees credentials were compromised. The appropriate IT Desktop team should determine that the and their devices are no longer compromised. Before using ASA Self Service password reset again for the compromised user the ASA is responsible to follow up and ensure: The compromised situation had been addressed. 10/11/18

21 Credential sharing is not allowed per the SFS Online Terms of Service
User Security Information Recently, an ASA asked an agency user for their SFS Forgotten Password question and answer to attempt resolution of a password reset issue. Actions/Lessons: An end user’s forgotten password hint question and answer should be treated as confidential. ASAs can use the password reset feature within ASA Self-Service to reset a user’s password. ASAs may contact SFS in order to resolve password reset issues. Credential sharing is not allowed per the SFS Online Terms of Service 10/11/18

22 What is your process for timely notification of contractor movement?
SFS Administration Observations User provisioning Do you have a process in place to ensure that separated employees and non-employees who have access to SFS are locked and removed in a timely manner? Risk: Separated SFS users retain access to your agency’s data. What is your process for timely notification of contractor movement? 10/11/18

23 SFS Analytics Kristen Pelcher 10/11/18

24 SFS Analytics Analyze NY – Financials has become SFS Analytics.
Users requiring access to SFS Analytics will need to be assigned the new role NYF_AGY_SFS_ANALYTICS. Discuss with your finance staff who will need the new role to access SFS Analytics. 10/11/18

25 FBIC Kristen Pelcher 10/11/18

26 New FBIC Roles Available
Please review the SFS Role Guide update available on SFSSecure for FBIC roles with your ASAs and ensure mapping exercise is complete. Role name Role Desc Description Role Mapping Advice NYF_AGY_FBIC_VIEW View FBIC Data online Provides Agency users the ability to view FBIC data online including; Standard Rates, Waivers, and Redirects. None NYF_AGY_FBIC_WAIV_APPRVR Approve FBIC Waivers online Provides Agency users with access to review all FBIC Waivers submitted by the Agency and the ability to set Approval status to E to send it to the first level of DOB Approvers. The user with this role can also set the status of the waiver request to R –Return, D – Deny, or X – Cancel. User with this role should not have the following roles: NYF_AGY_FBIC_WAIV_PREP, NYF_AGY_FBIC_WAIV_CPY NYF_AGY_FBIC_WAIV_PREP Enter FBIC Waivers Provides agency users with the ability to copy, add and maintain Waivers. This role also allows for the creation of a new set of Fiscal Year for Waivers. User with this role should not have the following role: NYF_AGY_FBIC_WAIV_APPRVR NYF_AGY_FBIC_WAIV_CPY Copy FBIC Waivers Provides agency users with the ability to copy and maintain Waivers. This role allows for the creation of a new set of Fiscal Year for Waivers which can be copied from a prior Fiscal Year Waiver Set. Users with this role may add if nothing is available to copy. NYF_AGY_FBIC_REDIR_PREP Enter FBIC Redirects The NYF_AGY_FBIC_REDIR_PREP role provides the same capability as the NYF_AGY_FBIC_REDIR_CPY role though users with this role will not be forced to use the copy function when creating a new redirect set. Users assigned this role will have the ability to directly enter a new set of redirects for a new fiscal year, even if there is an existing set of redirects in the prior fiscal year. NYF_AGY_FBIC_REDIR_CPY Copy FBIC Redirct Sets Users assigned this role will have the ability to copy a previous year's redirect set so that an entire set of redirects do not need to be entered manually. If a previous year’s redirect set does not exist, then this role supports adding a new redirect set. There is a control in place with this role to only use the copy function when entering a new set of redirects for a new fiscal year when the same set exists in the current fiscal year. Users with this role can edit existing redirect sets.

27 A Look Ahead: SFS Improvements
Mary Alber 10/11/18

28 Procurement Card Threshold Business Unit Option
10/11/18

29 Save Time with Automated PO Approvals
SFS provides improved functionality that supports the use of the PCard through the requisition and purchase order (PO) processes. Effective immediately, agencies can setup a BU-specific dollar threshold to be used in PO workflow approval. This functionality is available in SFS today! SFS provides improved functionality that supports the use of the Procurement Card (Pcard) through the requisition and purchase order processes. This functionality is available in SFS today! With this improvement, POs will be auto-approved if the requisition meets certain criteria: References a PCard. Only includes lines from eMarketPlace or Agency Catalogs, where prices cannot be changed. Is auto-sourced to a PO. Has a dollar amount under the agency defined threshold. 10/11/18

30 Save Time with Automated PO Approvals
With this improvement, POs will be auto approved if the requisition: References a PCard. Only includes lines from eMarketPlace or Agency Catalogs, where prices cannot be changed. Is auto sourced to a PO. Has a dollar amount under the agency defined threshold. 10/11/18

31 Save Time with Automated PO Approvals
PCard information is made available the vendor via the supplier portal when the PO is dispatched. Action Required for Workflow Administrators: Work with your Business Office and Chief Financial Officer (CFO) to determine the appropriate dollar threshold for your agency, and submit a request with this information to the SFS Help Desk. 10/11/18

32 Procure-to-Pay (P2P) Streamline Workflow Updates
Mary Alber 10/11/18

33 Scheduled for Production release on 10/18/18.
Voucher Mass Approval As part of SFS’s efforts to streamline P2P processes, the SFS will provide the ability to review and approve vouchers for all agency approval levels en masse, in accordance with GFO guidelines. See OSC’s Guide for Financial Operations Section XII.8.H. Agencies must follow the GFO guidance in order to request mass approval functionality. OSC will notify your agency of its decision to allow use of this feature. ASAs will need to map users to the new role of NYF_AGY_AP_MASS_APPRVR (Agency AP Mass Approver). This role will add the ability to mass approve to any user who is mapped to one of the existing AP Approver roles. Note: If your agency helped pilot the feature, you will have to provision the new role to continue using voucher mass approval. Your agency should validate you have OSC approval before provisioning the role. Scheduled for Production release on 10/18/18. NYS only allows eligible sources to be mass approved. Sources that are eligible for mass approval are voucher sources of FRE, XLS (mass upload) and PROC (procurement card). ASAs should have received a mapping communication. 10/11/18

34 Travel Proxy Tool Update
Mary Alber 10/11/18

35 Scheduled for Production Release in November.
Travel Proxy Tool Updates Two change requests are underway to improve the maintenance and reporting of travel proxy assignments: A travel proxy mass update tool will: Support the ability to export and import the proxy authorization level – View, Edit, Full, and; Provide a flag if the proxy is Business Services Center (BSC) staff. Travel proxy assignment queries will: Give visibility into the authorization level, and; Include a new filter to include or exclude BSC travel proxies from the query/export results. Scheduled for Production Release in November. 10/11/18

36 Travel Proxy Export/Import
New export and import screens will have the updated filter ability The same process name will be used in process monitor The results files have a new format and show two new columns for BSC (Y/N) and level of access being provided (View, Edit, Edit and Submit) 10/11/18

37 Travel Query Improvements
The Travel proxy queries impacted are: NY_TRAVELER_PROXY_ASSIGNMENTS NY_TRAVELER_PROXY_ACTIVE Note: this screen shot may need to be updated due a change to BSC prompt needing to be optional – ex. Y, N or All being requirement for data display. 10/11/18

38 Requester Setup Mass Upload Tool
Mary Alber 10/11/18

39 Expected Release will be part of the Winter Update.
Requester Setup Mass Upload Currently, EDAs update Requester Setup manually via an online page. As part of our P2P improvements, a new mass upload tool for Requester Setup updates will meet the following approved requirements: Provide the ability to upload default values for new requesters or updates to existing requesters into SFS. Ability to assign multiple distribution lines as defaults on the Requester Setup and use this for the default distributions on the Requester's requisitions. Expected Release will be part of the Winter Update. 10/11/18

40 Administrator Resources
Mary Alber 10/11/18

41 Reference Materials/Job Aids
Training materials and job aids are now available in SFS Production – click on SFS Coach. In the Administrator Information Center on SFSSecure, you can access these key reference materials: Administrator Query Guide Employees On Leave Scenarios 10/11/18

42 SFS Security Policy Reference and Resources > Access to SFS (Security and Roles) > SFS Security Policy 10/11/18

43 Security Maintenance Procedure on SFSSecure
Reference and Resources > Access to SFS (Security and Roles) > SFS Agency Security Maintenance Procedure 10/11/18

44 SFS User Provisioning Request Form
SFS User Provisioning Request Form or your internal SFS access form are the methods for timely notification of provisioning changes to the ASA. Documentation should be retained in case your agency is required to produce it upon audit request. Authorization and justification of changes being made to users in SFS must be retained for traceability to the ASA Self-Service Request reference number. 10/11/18

45 Thank you for attending!
Questions Thank you for attending! 10/11/18

Download ppt "Administrator All-Hands"

Similar presentations

NCOAUG Training Day Summer 2008 Presentation Approve and Send Your Purchase Order via E-Mail Possible Configuration Options (11i) Presented by Al Kannan,

NCOAUG Training Day Summer 2008 Presentation Approve and Send Your Purchase Order via Possible Configuration Options (11i) Presented by Al Kannan,
OnBase E-Forms and Workflow

OnBase E-Forms and Workflow
Procurement Card Training Strategic Account Management (SAM)

Procurement Card Training Strategic Account Management (SAM)
Mandatory Annual ACE Training Fiscal Year 2011 – 2012.

Mandatory Annual ACE Training Fiscal Year 2011 – 2012.
NAMS Account Activation Training. 2 What is NAMS? The NASA Account Management System is NASA’s centralized process for requesting and maintaining accounts.

NAMS Account Activation Training. 2 What is NAMS? The NASA Account Management System is NASA’s centralized process for requesting and maintaining accounts.
Mandatory Annual ACE Training Fiscal Year 2010 – 2011.

Mandatory Annual ACE Training Fiscal Year 2010 – 2011.
Supply Chain ERP: Vendor Training Change is coming …. Change is Here!!!!!!!!!!

Supply Chain ERP: Vendor Training Change is coming …. Change is Here!!!!!!!!!!
1. To start the process, Warehouse Stationery (WSL) will invite you to use The Warehouse Group Supplier Electronic Portal and will send you the link to.

1. To start the process, Warehouse Stationery (WSL) will invite you to use The Warehouse Group Supplier Electronic Portal and will send you the link to.
Statewide Financial System Program 1 Commitment Control (KK): Refresher Training Key Points Commitment Control (KK): Refresher Training Key Points Welcome.

Statewide Financial System Program 1 Commitment Control (KK): Refresher Training Key Points Commitment Control (KK): Refresher Training Key Points Welcome.
Enterprise Service Desk (ESD) Enterprise Service Desk for Notification / Knowledge Article Authors.

Enterprise Service Desk (ESD) Enterprise Service Desk for Notification / Knowledge Article Authors.
FHA Training Module 1 This document reflects current policy related to this topic. Its content is approved for use in all external and internal FHA-related.

FHA Training Module 1 This document reflects current policy related to this topic. Its content is approved for use in all external and internal FHA-related.
HIOS Portal Release 20.00 Issuer Training.  Provide an Overview of HIOS Portal Release 20 Enhancements  Outline CMS Portal UI Changes  Provide an Overview.

HIOS Portal Release Issuer Training.  Provide an Overview of HIOS Portal Release 20 Enhancements  Outline CMS Portal UI Changes  Provide an Overview.
Web P-Card Training February 2016. Overview The SUNY Financials Web Procurement Card application is used to manage the regular operations of SUNY’s Procurement.

Web P-Card Training February Overview The SUNY Financials Web Procurement Card application is used to manage the regular operations of SUNY’s Procurement.
Step 1 Lead Notifications Dear Partner, New leads have been assigned to your organization based on customer preference and are available for you.

Step 1 Lead Notifications Dear Partner, New leads have been assigned to your organization based on customer preference and are available for you.
1 Logging into the new PCard (PaymentNet) System: www.paymentnet.jpmorgan.com PAYMENTNET * Introduction * May use IE 8.0 or greater or Firefox * Do not.

1 Logging into the new PCard (PaymentNet) System: PAYMENTNET * Introduction * May use IE 8.0 or greater or Firefox * Do not.
PCard Training Logging into the new PCard (PaymentNet) System: www.paymentnet.jpmorgan.com * Introduction * May use IE 8.0 or greater or Firefox * Do not.

PCard Training Logging into the new PCard (PaymentNet) System: * Introduction * May use IE 8.0 or greater or Firefox * Do not.
1 State of Connecticut Core-CT Continuing Education Initiative Asset Management for Asset Processors.

1 State of Connecticut Core-CT Continuing Education Initiative Asset Management for Asset Processors.
QAD Global Requisition System (GRS). Agenda  Introduction  GRS Features  Key Design Decisions  GRS Setups  Process Walk-Through  Example for High-Volume.

QAD Global Requisition System (GRS). Agenda  Introduction  GRS Features  Key Design Decisions  GRS Setups  Process Walk-Through  Example for High-Volume.
Source-to-Pay (S2P) Initiative Coupa Supplier Network Training

Source-to-Pay (S2P) Initiative Coupa Supplier Network Training
For use with New York State agency staff

For use with New York State agency staff

Similar presentations

Ads by Google