Workday Security Overview
Download
Report
Transcript Workday Security Overview
Workday Security
Overview
May 2011
Workday Security Overview
What data will the user be able to see?
• Functional data areas
• Special considerations
What can the user do within the data?
“View” – access to look at data (reports)
“Do” – transactions (business processes)
How is this access bestowed?
Roles assigned to positions
What data will the user be able to see?
HR
Functional Area Group
Special Consideration
Worker
Leave
Compensation Personal
Org
Position
Safety
Directory
Talent
Accruals
Ethnicities/gender/age
Emergency Contacts
SSN / confidential
Payroll
Benefits
Garnishment
Medical LV
Principle
Appropriately provide broad access based upon standard data
groupings applied consistently across the university
What can the user do within the data?
Workday organizes all functionality into “reports” and “tasks”
Note: All lookup data displays are considered “reports”
Define what the user can “view” and/or “do”
“View” access to a specified grouping of data (list of “reports”)
“Do” access to a specified set of transactions (business processes)
• e.g. business process steps – initiate, approve
Note: “Update” access does not exist in Workday
For a specified supervisory organization hierarchy
Specialized functions: RESCIND, CANCEL, CORRECT
How is this access bestowed?
Organizational roles are assigned within the supervisory
organization structure – by position
• Examples: manager, management partner, hr partner, payroll partner,
benefit partner, finance partner
Note: access remains with the position regardless of incumbent’s status
User based roles are assigned to persons and typically bestow
some kind of system wide access
System administrator tasks
Report writer
Note: access remains with the person until removed
Manager/Management Partner Data Access
HR
Worker
Leave
Compensation Personal
Org
Position
Safety
Directory
Talent
Accruals
Ethnicities/gender/age
Emergency Contacts
Payroll
Benefits
Some payroll
data
SSN / confidential
Garnishment
Access to core HR and some payroll info
“View” all, “Do” as specified
Medical LV
HR Partner Data Access
HR
Worker
Leave
Compensation Personal
Org
Position
Safety
Directory
Talent
Accruals
Ethnicities/gender/age
Emergency Contacts
Payroll
Benefits
Some payroll
data
SSN / confidential
Garnishment
Medical LV
Access to core HR and some payroll info
“View” all, “Do” as specified
Confidential and/or sensitive data questions
Payoll Partner Data Access
HR
Worker
Leave
Compensation Personal
Org
Position
Safety
Directory
Talent
Accruals
Ethnicities/gender/age
Emergency Contacts
Payroll
Payroll access to subset of HR
data
SSN / confidential
Some benefit
data
Garnishment
All primary payroll, some HR, some benefits
“View” all, “Do” as specified
garnishment data as needed
Benefits
Medical LV
Benefits Partner Data Access
HR
Worker
Leave
Compensation Personal
Org
Position
Safety
Directory
Talent
Accruals
Ethnicities/gender/age
Emergency Contacts
Payroll
Benefits
Benefits access to subset of HR data
Some payroll
data
SSN / confidential
Garnishment
Medical LV
Access to benefits data, some HR and some payroll info
“View” all, “Do” as specified
Confidential and/or sensitive data questions
Conclusion