Transcript May 29, 2009 Security Liaison User Group Meeting Presentation

Security Liaison User Group
Meeting
May 29, 2009
Agenda
Welcome
 Financials Security

General Security
 EPM Security
 HRMS Security
 Security Updates

Mary Yabrosky
Patty Cafazzo,
Nayda Flores
Sam Johns
Mary Yabrosky
Tracy Douglas
Sam Johns, Mary
Yabrosky
Welcome

Introduction





OSC
Core-CT HR Team
Core-CT Fin Team
Core-CT Security Team
Facility
Welcome

Goal: Help Security Liaisons understand
Core-CT Security and related tasks


Improve Communication
Improve access to Security related information




Improve Security Website Layout
Provide more on-line job aids and valuable links
Collect Feedback
Help transition Liaison responsibilities
Welcome

Security Liaison Communication Vehicles:





Core-CT Security Bulletins
E-mail Core-CT Security Mailbox
Core-CT Security Website
User Group evaluations
Liaison Survey
Welcome

Security Liaison Survey Results, March
2009





21 HRMS
24 Financials
24 Primary Liaisons
8 Secondary Liaisons
29 Agencies
Welcome

Security Liaison Survey - Findings





Need better understanding of CO-1092 process
Need better understanding of EPM Reporting
tables
Need better understanding of Financial
Workflow & Origins
Need better understanding of HR Roles
75% of survey participants would like a User
Group - 1 or 2 times a year
Agenda
Welcome
 Financials Security

General Security
 EPM Security
 HRMS Security
 Security Updates

Mary Yabrosky
Patty Cafazzo,
Nayda Flores
Sam Johns
Mary Yabrosky
Tracy Douglas
Sam Johns, Mary
Yabrosky
Financials Security

OSC Processing - CO-1092 and Segregation
of Duties

The general guidelines cont.:


Accounts Payable – A Voucher Adjustment, Maintainer or
Processor can not have the Voucher Approver or Alternate
Approver Role. Additionally, a Voucher/Alternate Approver
can not have either the Requisition Purchase Approver or
any Purchase Order Approver Role.
The Business Unit must have an approved CO-512 on file
with the Comptrollers office for identifying all final
approvers. Only the final approvers should be listed on the
CO-512. For Requisitions, the final approver role is the
Requisition Purchase Order Approver; for Purchase Orders,
the PO Budget Approver; and for Accounts Payable, the
Alternate Approver and the Voucher Approver.
Financials Security

OSC Processing - Reasons for Delays in the
Processing of the CO-1092:


Conflicts exist in an individual’s current roles or the roles
requested for the individual have a conflict or will cause
a conflict with the existing roles. Conflicts should be
eliminated currently or prospectively prior to the
resubmission of the CO-1092.
A CO-512 must have been approved for your Business
Unit and on file with the Accounts Payable Division. If
not, notice of this deficiency will be communicated to
your Business Unit by e-mail, allowing the Business Unit
five (5) business days to comply before the CO-1092 is
rejected. As a reminder, the CO-512 requires the
signature of the agency head.
Financials Security

OSC - Roles Audits

APD conducts periodic audits of the agencies’ security
roles for segregation. A listing of all employees that
have financial roles is generated and compared to a
Segregation of Roles grid. An analysis is made to
determine if a conflict in an individual’s roles exists. The
Business Unit is notified if a conflict has been
determined to exist and is given two (2) weeks to come
up with a resolution. A copy of the corrections resulting
from an audit must be sent by e-mail to
[email protected]. If the conflict(s) is (are)
not resolved in the time allotted APD will be forced to
delete the conflicting role(s). The Comptroller’s
Accounts Payable Audit team is willing to assist any
agency that may have some difficulties in the
segregation of roles.
Financials Security

Workflow & Origins

When to use the Financials Appendix Page – CO-1092







General Buyer OR Program Buyer
PO Amount Approver 1&2; PO Budget Approver
Requester and Multi Requester
Req. Amount Approver 1-4; Req. Budget Approver; Req.
Purchasing Approver
Alternate Approver
Adjustment Voucher Processor; Journal Voucher Processor;
Voucher Processor
Voucher Approver
Financials Security

Workflow & Origins

General Buyer & Program Buyer, You must complete the
following:



Ship to location
Deptid
Origin (1 only)
Financials Security

Workflow & Origins

Requester and Multi Requester, You must complete the
following:



Ship to location
Deptid
Origin (1 only)
Financials Security

Workflow & Origins

PO Amount Approver 1&2; PO Budget Approver Req.
Amount Approver 1-4; Req. Budget Approver; Req.
Purchasing Approver, Alternate Approver Voucher
Approver: You must complete:


Business Unit
Origin(s) All must be listed
Financials Security

Workflow & Origins

Adjust. Voucher Processor, Journal Voucher Processor,
Voucher Processor You must complete:

Origin (Only 1)
Financials Security

Workflow & Origins:




Origins are three character representation of and
Agency, Bureau, Division or Unit
Origins are used to identify where transactions originate
Workflow enables transactions to flow from originator to
approver when:
Transaction Originator Origin = Transaction
Approver Origin
Workflow Transactions include Requisitions, PO’s,
Vouchers
Financials Security

Workflow & Origins


How to look up Origin and Business Unit for
Approval Roles
Approval Roles:







CT WF REQ AMT APPROVER 1 – 4
CT WF REQ BUDGET APPROVER
CT WF REQ PURCH APPROVER
PO Amount Reviewer 1 - 2
PO Budget Reviewer
Voucher Approver
Alternate Approver
Financials Security

Workflow & Origins - Steps to lookup Route
Controls on Workflow Roles in Core-CT







Navigation: FIN PeopleTools>>Security>>User
Profiles>>User Profile
Enter Userid
Click ‘Search’
Click ‘Roles’ tab
Select the ‘Route Control’ link to the right of the
Approval Roles.
Origin and Business Unit is displayed
Click ‘OK’ or ‘Cancel’ to return to ‘Roles’ tab
Financials Security

Workflow & Origins - Steps to lookup Route
Controls on Workflow Roles in Core-CT
Financials Security

Workflow & Origins

How to look up Voucher Origins in Core-CT
 Navigation: Set Up Financials>SupplyChain>Common
Definitions>User Preferences>Define User Preferences
 Enter Userid (ex: test)
 Click ‘Search’
 Click on Procurement link
 Click on Payables Online Vouchering link
 Voucher Origin is displayed (Ex: ZZZ) under Default
Values
Financials Security

Workflow & Origins

How to look up Voucher Origins in Core-CT
Financials Security

Workflow & Origins
 How to look up Requester setups in Core-CT




Navigation: Set Up Financials/Supply Chain>Product
Related>Procurement Options>Purchasing>Requester
Setup
Enter Userid in ‘Requester’ field – Ex: BellamoJ
Click ‘Search’
Request Setup Page: displays the requester defaults: Ship
To, Origin, Department
Financials Security

Workflow & Origins
 How to look up Requesters setups in Core-CT
Financials Security

Workflow & Origins
 How to look up Buyers set ups in Core-CT




Navigation: Set Up Financials/Supply Chain>Product
Related>Procurement Options>Purchasing>Buyer Setup
Enter Userid in ‘Buyer’ field – Ex: StarbalaA
Click ‘Search’
Buyer Setup Page: displays the Buyer defaults:
Department, Ship To, Origin
Financials Security

Workflow & Origins
 How to look up Buyers setups in Core-CT
Agenda
Welcome
 Financials Security

General Security
 EPM Security
 HRMS Security
 Security Updates

Mary Yabrosky
Patty Cafazzo,
Nayda Flores
Sam Johns
Mary Yabrosky
Tracy Douglas
Sam Johns, Mary
Yabrosky
General Security

CO-1092 Security Form - Process Flows






Supervisor initiates/authorizes CO-1092
request submits to Liaison
Liaison verifies, authorizes and faxes to CoreCT Security (CS) mailbox
If new user, CS requests User ID from ITD
CS obtains appropriate central authorizations
(OSC or DAS)
CS processes request and notifies Liaison
Allow 2 week turnaround time
General Security

CO-1092 – Authorizations Required




Agency
Liaison
ITD
OSC/DAS
General Security
CO-1092
– Process Flow
To Core-CT for
review and
approval
Core-CT Security
makes changes to
user profile
Segregation of duties
Receive CO-1092
from Agency
Sort by type
New
Modify
Name Change
New User ?
Yes
New to ITD for
assignment of
User ID
New User ? No
HRMS
or
Financial
Faxed back to
agency liaison
Segregation of duties
And CO-512
To OSC for review
and approval
Core-CT Security
makes changes to
the user profile
General Security

CO-1092 - Prioritization of Security
Requests
1.
2.
3.
New Users
Updates
Name Changes
General Security

Security Liaison Guide

Guide will help you to understand:






Core-CT Application Security
Password policies
Agency Security Liaison Responsibilities and Agency
Manager Responsibilities
CO-1092 Process
Financial / HRMS / EPM Security
Other useful links and job aids
Agenda
Welcome
 Financials Security

General Security
 EPM Security
 HRMS Security
 Security Updates

Mary Yabrosky
Patty Cafazzo,
Nayda Flores
Sam Johns
Mary Yabrosky
Tracy Douglas
Sam Johns, Mary
Yabrosky
EPM Security

Understanding EPM Reporting Table and
Security:




Reporting Functional Subject Areas
EPM Permissions and Access Groups (Trees)
User Profiles: Roles, Data Permissions
How it all Comes Together
EPM Security

Functional Reporting Subject Areas


HR or Financial information and data access will
be the same in EPM
Exceptions: EPM only access; EPM roles do not
mirror Financial or HR roles
EPM Security

Functional Reporting Subject Areas

HR Reporting Table descriptions job aid:
http://www.core-ct.state.ct.us/epm/docs/hr_reporting_table_summary.doc
Position Information Subject Area
Position Reporting Table (CTW_POSITION)
The Position Reporting Table contains data related to the employee positions
that have been set up within the State of Connecticut. The table will hold
the status of the position (whether it has been approved or not), the
department or agency assigned to the position, the job code or class of the
position, and the chart field string that has been assigned to the position
for budgeting purposes. This reporting table will not hold the employees
that will be assigned to the positions as it is possible for several hundred
employees to be enrolled in the same position. A join to the Employee
table will allow the user to select both employee and position information.
EPM Security

Functional Reporting Subject Areas

Financials Reporting Table descriptions job aid:
http://www.core-ct.state.ct.us/epm/docs/fin_reporting_table_summary.doc
General Ledger Subject Area
Ledger Balances Table (CTW_LED_BAL)
This table holds ledger balances for each accrual ledger (modified
accrual, full accrual, and modified cash ledgers) for all accounting
periods and fiscal years. Included in this table will be the business
unit, ledger, ChartFields, and the posted total amount. Users can
query this table to view the State's accrual accounting position for
the current month or year-to-date.
EPM Security

EPM HR Permissions
and Access Groups
Permission
Lists
Access
Groups
Reporting
Tables
EPM Security

EPM Fin Permissions
and Access Groups
Permission
Lists
Access
Groups
Reporting
Tables
EPM Security

How it all comes together:
EPM User Profile
Roles
Permission
Lists
Access Groups
Reporting Tables
EPM Security

EPM User Profiles: Roles, Data Permissions



Liaison must check EPM checkbox on CO-1092
form
User must have EPM Reporting Role(s) to access
EPM Reporting Tables
User must have data permissions (HR Deptid or
Fin BU) to access Core-CT Data in EPM
EPM Security

EPM User Roles
 Reporting Table to Role Mapping Job Aid –
HRMS
http://www.core-ct.state.ct.us/epm/Reporting Table to Role Mapping
EPM Security

EPM User Roles
 Reporting Table to Role Mapping Job AidFinancials
http://www.core-ct.state.ct.us/epm/Reporting Table to Role Mapping
EPM Security

How it All Comes Together in EPM User Profile
EPM Data Permissions: FIN
HR
EPM Security

How it All Comes Together in EPM User Profile
Reporting Table role
Portal, EPM Application & signontime roles
Agenda
Welcome
 Financials Security

General Security
 EPM Security
 HRMS Security
 Security Updates

Mary Yabrosky
Patty Cafazzo,
Nayda Flores
Sam Johns
Mary Yabrosky
Tracy Douglas
Sam Johns, Mary
Yabrosky
HRMS Security

HRMS/EPM Application Security Request form

The CO 1092 Security Request form for HRMS/EPM


The HRMS/EPM Security request form is now a separate form
from FIN/EPM
When making your requests, please be very careful not to
put a check mark by any roles that the User already has
http://www.core-ct.state.ct.us/security/xls/hrform.xls
HRMS Security

HRMS Role Handbook

The handbook is provides:



Roles
Descriptions
Tasks associated with each role
http://www.core-ct.state.ct.us/docs/hrms_role_handbook_task_55.doc
HRMS Security

HRMS Role Mapping Job Aid
HRMS Security

HRMS Role Mapping to Page Job Aid
http://www.core-ct.state.ct.us/user/hrjobaids/overall/default.htm
HRMS Security

HRMS Reports




Reports can be found in
the master reporting
document list
Go to Core Security
Web Site
Click on Reporting Job
Aids
Click on the appropriate
hyperlink.
http://www.core-ct.state.ct.us/
HRMS Security

Segregation of Duties

There are two very important roles associated with the
security segregation of duties guidelines.
Agency Payroll Specialist
Agency Time and Labor Specialist roles
These roles cannot be assigned to a User who has the
Agency HR Specialist role. The link below provides
further information.

http://www.core-ct.state.ct.us/security/docs/hr_seg_duties
Agenda
Welcome
 Financials Security

General Security
 EPM Security
 HRMS Security
 Security Updates

Mary Yabrosky
Patty Cafazzo,
Nayda Flores
Sam Johns
Mary Yabrosky
Tracy Douglas
Sam Johns, Mary
Yabrosky
Security Updates

CO-1092


Retention Schedule: CSL & OSC - agencies to
retain original forms 2 years from employee’s
separation of service – 3/2009
RIP impacts:


Delete users and adjust roles of approvers and
processors
Ensure timely submission of CO-1092s for deletion or
updates of HR & Financial users
Security Updates

Userid Audits



Changing from Quarterly to Biannually
Identifying new mechanisms to automate
process
Subsequent reporting in EPM
Security Updates

New and modified Security forms and jobs
aids:





Security Liaison Guide –4/2009
HRMS Role Handbook –3/2009
Financial Role Handbook –2/2009
HRMS CO-1092 Form – 3/2009
Financial CO-1092 Form – 4/2009
Security Updates

New and revised Security forms and jobs
aids:


Agency Security Liaison List – 4/2009
EPM Table to Role Mapping – 5/2009
Security Updates

Core-CT Security Website – Before Changes
Security Updates

Core-CT Security Website - After
Security Updates

Security Liaison Website – new Links and Job Aids

Security Liaison Guide
http://www.core-ct.state.ct.us/security/docs/liaison_guide.doc

State IT Policies
http://www.ct.gov/doit/cwp/view.asp?a=1245&q=253994&doitNav=|&doitNav=|

Comptroller Memoranda
http://www.osc.state.ct.us/

Roles HRMS Pages and Reports
http://www.core-ct.state.ct.us/user/hrjobaids/tl/hrms_rl_hndbk.xls

Security Liaison Financials Job Aid (Workflow Routing Template)
http://www.core-ct.state.ct.us/financials/wf/

Navigation to Look up Requesters and Buyers
http://www.core-ct.state.ct.us/security/docs/look_%20up_rqstrs_and_byrs.doc

Steps to Look Up Route Controls in Workflow
http://www.core-ct.state.ct.us/security/docs/fin_lkp_origin_bus.doc

When to Use Appendix – BU Workflows for Origins- coming soon
http://www.core-ct.state.ct.us/security/docs/when_to_use_fin_appdx.doc

Roles needed to access Financial Reports
http://www.core-ct.state.ct.us/reports/financial.asp

EPM Reporting Table to Role Mapping
http://www.core-ct.state.ct.us/epm/xls/rptng_tbl_to_rl_mppng.xls
Agenda

User Group On-line Evaluation Form:
http://www.core-ct.state.ct.us/evaluation/
THANK YOU!