Upload
thomasine-williamson
View
222
Download
0
Tags:
Embed Size (px)
Citation preview
Security Management Security Management System for Department System for Department
SponsorsSponsorsSession #20244March 15, 2006
Alliance 2006 ConferenceNashville, Tennessee
2
Your PresentersYour Presenters
Jeralyn SnowJeralyn Snow•
3
Your Presenters (Continued)Your Presenters (Continued)
Terri PinkstonTerri Pinkston• Controller for OUController for OU• HRMS and Financials Functional HRMS and Financials Functional
LeadLead• 16+ years of Higher Ed experience16+ years of Higher Ed experience• 20+ years of accounting 20+ years of accounting
experienceexperience
4
Your Presenters (Continued)Your Presenters (Continued)
Karen SturtzKaren Sturtz• HRMS and Financials HRMS and Financials
Implementation Technical LeadImplementation Technical Lead• 10+ years of PeopleSoft 10+ years of PeopleSoft
experienceexperience• 20+ years of IT experience20+ years of IT experience
5
OverviewOverview
Department sponsors use an on-Department sponsors use an on-line system called Financial line system called Financial Account Management System Account Management System (FAMS) to maintain what data (FAMS) to maintain what data Campus Users have access to in Campus Users have access to in HRMS and Financials and what HRMS and Financials and what functions they can perform. functions they can perform. Information from FAMS is fed to Information from FAMS is fed to HRMS and Financials to update HRMS and Financials to update various tables within the systems.various tables within the systems.
6
Agenda/ContentsAgenda/Contents
• Overview of OUOverview of OU• The Birth of Financial Account The Birth of Financial Account
Management System (FAMS)Management System (FAMS)• FAMS sideFAMS side• PeopleSoft side with focus on PeopleSoft side with focus on
FinancialsFinancials
7
The University of OklahomaThe University of Oklahoma
8
The University of OklahomaThe University of Oklahoma
• Located in Norman, a city of ~ 100,000 residents, located 20 miles south of OKC.
• Enrollment on Norman Campus: 24,569
• Faculty & Staff FTE: 3,935
9
The University of OklahomaThe University of Oklahoma
• Total Norman Campus Budget: $511,240,169
• Total Norman Campus Sponsored Programs: $122,890,974
10
University of Oklahoma and University of Oklahoma and OracleOracle
• HRMS 8.0 - November 2002HRMS 8.0 - November 2002
• HRMS 8.8 – Upgrade 2004HRMS 8.8 – Upgrade 2004
• Financials 8.8 – July 2005Financials 8.8 – July 2005- General Ledger- General Ledger
- Purchasing- Purchasing
- Accounts Payable- Accounts Payable
- Asset Management- Asset Management
• Budgeting 8.9 (go live April 2006)Budgeting 8.9 (go live April 2006)
11
The Birth of FAMSThe Birth of FAMS
HRMS was the first ERP module implemented
• Moved from a legacy system with on-line capabilities
• HRMS department vs Financials department (funding source)
Decentralized functions • Approximately 500 department sponsors• Many “non-sponsors” using legacy system
12
The Birth of FAMSThe Birth of FAMS
In-house system created in Oracle• Departments and sponsors fed from Financials• “Roles” were developed for HRMS• Sponsors given access to their departments to
add “proxies” for their departments.• Allowed us to have row level security in PS
based on roles assigned to proxy in FAMS.
Leveraged existing system when Financials was implemented
• Developed roles for Financials• Enhanced the process for updating security in
PS
13
FAMSFAMS
14
FAMSFAMS
15
FAMSFAMS
16
FAMSFAMS
• Must have an EmplID in HRMS to access FAMS.
• Must have an EmplID in HRMS to be designated a proxy.
• Create Proxy – gives individual same abilities as sponsor.
• FAMS is used for the security of an in house Personnel Action Form (PAF) system as well as HRMS and Financials.
17
FAMSFAMS
18
FAMSFAMS
• Sponsored Program departments = xx5xxxxxx
• Teams of Sponsored Program specialists are responsible for groups of Sponsored Program departments
• “Grants and Contracts Teams” captures the members of the teams
• “Grants and Contracts Departments to Teams” captures the departments that belong to each team
19
FAMSFAMS
FAMS does not govern the security of all employees.
• Financial Support Services• Internal Auditing• Purchasing
20
FAMS – The PeopleSoft SideFAMS – The PeopleSoft Side
• Create Record / Page Definitions for the Deptid / Project Authorization tables.
• Create Search / Add views to select / retrieve Deptids / Projects that a Campus User has access to, based upon the Authorization Tables.
• Modify Prompt tables in Record Definitions to use Custom Security Views.
• Modify identified Component Definitions to use Custom Security Views.
21
FAMS – The PeopleSoft SideFAMS – The PeopleSoft Side
1. PeopleTools Customizations2. Interface / Data Requirements3. Detail Design
− Custom Field Definitions and Translate Values
− Custom Record Definitions− Customized Record Definitions− Custom View Definitions− Customized Components− Custom Page Definitions
4. Custom Interface Batch Process – SQR5. Modified Delivered SQR Reports 6. Row Level Security7. Maintenance
22
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustom Field Definition -
OU_GL_AUTHCODE. • Auth Code Translate values:
− 001 Financials Inquiry Only− 002 Requisition Add / Update /
Cancel− 003 Requisition Approve− 004 PO Receiving
23
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustom Record Definitions• OU_GL_DEPTAUTH
− Captures Deptid(s) and corresponding Fund Codes per User ID.
− Data retrieved from FAMS, updated by batch process.
• OU_GL_PROJAUTH
− Captures Project(s) and corresponding Fund Codes per User ID.
− Data retrieved from FAMS, updated by batch process.
24
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustomized Record Definitions:
Prompt Tables pointed to custom views.• Enforces row level security by retrieving
Deptids / Projects for specific Auth Codes
CFCC2_AKS_SBR INQ_CRIT_TBL
JRNL_ERROR_REQ JRNL_PANELS_WRK
JRNL_PANELS_WRK PO_ACTG_ENT_WRK
PV_RECV_FILTER PV_REQ_HDR_WRK
REQ_ACTG_ENT_VW REQ_HDR
REQ_HDR REQ_HDR_VW
REQ_INQ_WRK REQ_LN_DISTRIB
REQ_PNLS_WRK REQ_RECON_SEL
25
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustom View Definitions:
Various Custom views cloned from original views• Retrieves Deptids / Projects for specific Auth
Codes.OU_GL_DAUTH_VW OU_JRNL_HDR_VW OU_INQ_EDALL_VW
OU_GL_PAUTH_VW OU_JRNL_NPST_VW OU_INQ_EPALL_VW
OU_GL_SPDATH_VW OU_KKQ_BDLD_VW OU_PO_DAUTH_VW
OU_INQ_DALL_VW OU_KKQ_BDLL_DVW OU_PO_PAUTH_VW
OU_INQ_DAUTH_VW OU_KXCP_BD_VW1 OU_PO_RQSTR_VW
OU_INQ_PALL_VW OU_KXCP_GL1_VW1 OU_REQ_SRCH
OU_INQ_PAUTH_VW OU_KXCP_PO2_DVW OU_RQID_ACTG_VW
OU_JRNL_ALL_VW OU_KXCP_PO2_VW1 OU_RQSTR_ACT_VW
OU_ JRNL_DATE_VW OU_SPEEDTYP_VW OU_SPEEDAUTH_VW
OU_JRNL_HDR_FVW OU_XCP_INQ_SRCH
26
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustomized Components:
Changed Search records to Custom Views • Retrieves Deptids / Projects for specific Auth
Codes.
JOURNAL_ENTRY_IE JOURNAL_FS KK_INQ_BD_DETAIL KK_XCP_BD KK_XCP_GL1 KK_XCP_PO2 REQUISITIONS
27
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustom Department Auth Page:
28
FAMS – PeopleTools FAMS – PeopleTools CustomizationsCustomizationsCustom Project Auth Page:
29
FAMS – Custom Interface Batch FAMS – Custom Interface Batch Process Process
SQR Process that:Updates PS Financials Security tables with User
Roles:
• PSROLEUSER− ReportSuperUser− EOPP_USER− OU_GL_INQ_CAMPUS - Financials Inquiry Only − OU_PO_REQADD_CAMPUS - Requisition Add / Update
/ Cancel − OU_PO_REQAPPR_CAMPUS - Requisition Approve− OU_PO_RECV_CAMPUS - PO Receiving
• PS_ROLEXLATOPR
30
FAMS – Custom Interface Batch FAMS – Custom Interface Batch Process Process
Updates Department and Project Authorization tables
• OU_GL_DEPTAUTH• OU_GL_PROJAUTH
with authorized Deptid / Project values and Auth Code information from FAMS.
31
FAMS – FAMS – Custom Interface Batch Custom Interface Batch ProcessProcess Retrieves Fund Code for the Deptid / Project ID
from the PeopleSoft SPEEDTYP_TBL. Inserts the appropriate FUND_CODE into the Authorization tables.
Updates the PS_REQUESTOR_TBL and the Requisition Setup section of the User Preferences (PS_OPR_DEF_TBLs).
NOTE: In order to retrieve data efficiently, FAMS must have a LAST UPDATE DTTM stamp on every row that it stores. This enables the PS Financials system to retrieve data based on a date or a date range.
32
FAMS – FAMS – Modified Delivered SQR Modified Delivered SQR ReportsReports
GLS7002 - General Ledger ActivityFIN2001 - Journal Entry DetailGLS7011 - Journal Error ReportGLS8005 - Budget Transaction DetailGLS8010 - Budgets / ActualsGLS8020 - Budget Status ReportGLS8510 - Ledger Details report
33
FAMS – FAMS – Row Level SecurityRow Level Security
Permission Lists and Roles were developed to control Campus user access to the Maintain Requisitions pages.
Row level security then ensures that the Campus user only adds, approves or changes requisitions for Deptids / Projects for which he or she is authorized.
On specific pages, when a SpeedChart is selected, the DEPTID /PROJECT_ID is validated against the PS_OU_GL_DEPTAUTH / PS_OU_GL_PROJAUTH custom Authorization tables to ensure the Campus user has the appropriate Add authority for the Deptid / Project selected.
34
FAMS – Row Level SecurityFAMS – Row Level SecurityWhen a Campus users clicks on Speedchart, the values are limited to what is stored in the Authorization Tables.
35
FAMS – MaintenanceFAMS – Maintenance
Interface Monitoring: • Should be monitored daily.• Can be re-run many times in batch mode or
on an ad-hoc basis. • Can be run for a date range, or default to
current date
Application Message Monitoring: • Partial Sync application message sync’s the
User Profile (only) data between HR and Financials.
• Monitor message on a daily basis. If errors or remains in a NEW status, OPRIDs may not be created in Financials.
36
FAMS – MaintenanceFAMS – Maintenance
Changes to FAMS: • Changes to table structures in FAMS must be
addressed in the FAMS to PS interface.
• The rest of the row level security code in PS will not be affected.
• The PS Financials row level security hinges
on the Authorization tables PS_OU_GL_DEPTAUTH and PS_OU_GL_PROJAUTH tables. Changes to these custom tables will affect Row Level Security.
37
FAMS – MaintenanceFAMS – Maintenance
Impact of Patches and Fixes:
• Care must be taken not to overwrite custom Search views for components and prompt table edits for Record Definitions.
• Document all modifications, including SQR’s.
• Run compare reports prior to applying patches to show comments and customizations.
38
Questions?Questions?
39
ContactsContacts
Terri PinkstonTerri PinkstonControllerControllerUniversity of OklahomaUniversity of OklahomaE-mail: [email protected]: [email protected]
Karen SturtzKaren SturtzPeopleSoft Team LeadPeopleSoft Team LeadInformation TechnologyInformation TechnologyUniversity of OklahomaUniversity of OklahomaE-mail: [email protected]: [email protected]
This presentation and all Alliance 2006 This presentation and all Alliance 2006 presentations are available for presentations are available for
download from the Conference Sitedownload from the Conference Site
Presentations from previous meetings are also availablePresentations from previous meetings are also available