• No results found

EHRP Security Roles. Type Role Description Comparison Online Security Permission Lists

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "EHRP Security Roles. Type Role Description Comparison Online Security Permission Lists"

Copied!
14
0
0

Loading.... (view fulltext now)

Download now ( 14 Page )

Full text

(1)

 

 

 

 

                                                                    

EHRP

Security

Roles

Type Role Description  Comparison  Online Security Permission Lists

Core Roles Agency Super User  Most powerful user role;  responsiblefor N/A All implemented pages ofEHRP AW Inquire; AWSuperuser;  Auto Actions; Employee (Select only one expunging data; useof  and correction Appraisal Superuser; BB

per user) correction mode capabilities on a limited basis  mode.  Processing Superuser; BB Inquire; Payroll Processing Superuser; Worklist; End­ userSecurity; Agency SW Admin; POI Table  Maintenance Superuser;  PM ProcessingSuperuser;  Organizational Position Title Table Maintenance Superuser; PM Inquire;  Education Maintenance;  Recruit Inquire;SF5250;  SPWEBLIB; Department  Tree View Only;  CPPT1040; CPPT1050;  CPPT1400; Recruit  Requester; Recruit 1st  Authorizer; Recruit 2nd Authorizer; Recruit  Approver; Recruit Reviewer;  Recruit Processor;  HE_MASK: Health Benefit , EmployeeAwards & Realignment

Page 1 of 1

4

 

(2)

                                                                          

Type Role Description  Comparison  Online Security Permission Lists

Core Roles Agncy SU No Powerful user role;  Same as  All implemented AW Inquire; AWSuperuser; 

S/WPM VO  responsiblefor Agency Super pages ofEHRP Auto Actions; Employee

(Select only one expunging data; useof  User except,  and correction Appraisal Superuser; BB

per user) correction mode capabilities on a limited No S/W Administration,  mode.  Processing Superuser; BB Inquire; Payroll Processing basis  no Superuser; Worklist; End­ organizational  Position Title userSecurity; POI Table Maintenance Superuser;  Maintenance PM View Only; PM Inquire;  and position Education Maintenance;  management  is view only  Recruit Inquire;SF5250;  SPWEBLIB; Department  Tree View Only;  CPPT1040; CPPT1050;  CPPT1400; Recruit  Requester; Recruit 1st  Authorizer; Recruit 2nd Authorizer; Recruit  Approver; Recruit Reviewer;  Recruit Processor,  HE_MASK: Health Benefit , EmployeeAwards & Realignment

(3)

                                                         Core Roles Agency SU No  S/W Clone of Agency Super User without S/W N/A All implemented pages ofEHRP AW Inquire; AWSuperuser;  Auto Actions; Employee

(Select only one Administration and correction Appraisal Superuser; BB

per user) mode.  Processing Superuser; BB

Inquire; Payroll Processing Superuser; Worklist; End­ userSecurity; POI Table Maintenance Superuser;  PM ProcessingSuperuser;  Organizational Position Title Table Maintenance Superuser; PM Inquire;  Education Maintenance;  Recruit Inquire;SF5250;  SPWEBLIB; Department  Tree View Only;  CPPT1040; CPPT1050;  CPPT1400; Recruit  Requester; Recruit 1st  Authorizer; Recruit 2nd Authorizer; Recruit  Approver; Recruit Reviewer;  Recruit Processor,  HE_MASK: Health Benefit , EmployeeAwards & Realignment

Page 3 of 1

4

 

(4)

                                                                    

Type Role Description  Comparison  Online Permission Lists

Security

Core Roles Agency Power Second most  Same as  All implemented AW Inquire; AWProcessing; 

(Cont’d) User  powerful user role

after Agency Super User  Agency Super User except no correction mode pages ofEHRP but no correction mode PAR Requestor; PAR 1st  Authorizer; PAR 2nd Authorizer;  PAR Approver; PAR Reviewer;  PAR Processor; AutoActions;  EmployeeAppraisal; BB Processing; BB Inquire; Payroll Processing; Worklist;End­user Security; Agency SW Admin; POI Table Maintenance; PM Processing; Organizational  Position Title Table  Maintenance; PM Inquire;  SF5250; Recruit Reports; Education Maintenance; Recruit  Requester; Recruit 1st  Authorizer; Recruit 2nd Authorizer; Recruit Reviewer;  Recruit Processor; Recruit  Inquire;  SPWEBLIB;  Department Tree View Only;  CPPT1040; CPPT1050;  CPPT1400; Recruit Reports, HE_MASK: Health Benefit , EmployeeAwards & Realignment

(5)

 

 

 

 

 

                                                                  

Core Roles

Agncy PU No

Second most  Same as  All implemented AW Inquire; AWProcessing; 

(Cont’d)

S/W PM VO

powerful user role after Agency Super User  Agency Super User except no correction mode, No S/W Administration,  noOrganization Position Title Table  Maintenance,  Position Management  View Only,  Replaced BB Processing with BBProcessing Superuser pages ofEHRP but  correction mode PAR Requestor; PAR 1st  Authorizer; PAR 2nd Authorizer;  PAR Approver; PAR Reviewer;  PAR Processor; AutoActions;  EmployeeAppraisal; BB Processing Super User; BB Inquire; Payroll Processing;  Worklist; POI Table  Maintenance; End­userSecurity  PM Inquire; PM View Only;  SF5250; Recruit Reports; Education Maintenance; Recruit  Requester; Recruit 1st  Authorizer; Recruit 2nd Authorizer; Recruit Reviewer;  Recruit Processor; Recruit  Inquire;  SPWEBLIB;  Department Tree View Only;  CPPT1040; CPPT1050;  CPPT1400; Recruit Reports, HE_MASK: Health Benefit , EmployeeAwards & Realignment

Page 5 of 1

4

 

(6)

                                                           

Core Roles Agency PU No  Clone of Agency  Same as  All implemented AW Inquire; AWProcessing; 

(Cont’d) S/W Power User with No S/WAdministration and BB Processing Super User instead of BBProcessing Agency Super User except  correction mode only in BB Processing pages ofEHRP,  correction mode only in BB Processing PAR Requestor; PAR 1st  Authorizer; PAR 2nd Authorizer;  PAR Approver; PAR Reviewer;  PAR Processor; AutoActions;  EmployeeAppraisal; BB Processing Super User; BB Inquire; Payroll Processing;  Worklist; End­user Security;  POI Table Maintenance; PM Processing; Organizational  Position Title Table  Maintenance; PM Inquire;  SF5250; Recruit Reports; Education Maintenance; Recruit  Requester; Recruit 1st  Authorizer; Recruit 2nd Authorizer; Recruit Reviewer;  Recruit Processor; Recruit  Inquire;  SPWEBLIB;  Department Tree View Only;  CPPT1040; CPPT1050;  CPPT1400; Recruit Reports, Health Benefit andEmployee Awards MASK HE_MASK

(7)

 

 

 

                                                                                                                                             

Type Role Description  Comparison  Online Security Permission Lists

Core Roles HR HR staff whose N/A All applicable HR AW Inquire; AW

(Cont’d) (Must additionally select PAR Processor roleif  HR Processing is necessary) responsibilities  include maintaining both job codes and positions  reports, views, and processing capabilities; access  to Ethnic Group and Disability dataonly  when hiring; access  toboth job codes and positions  Processing; Auto Actions; Employee Appraisal; BB Processing; BB Inquire PayrollProcessing;  End­userSecurity; PM Processing; SF5250;  Recruit Reports;PM Inquire; Education Maintenance; Worklist; SPWEBLIB;  CPPT1040;  CPPT1050; CPPT1400 HR No Job Codes HR staff whose responsibilities  HR role without job codes; positions  All applicable HR reports, views, and AW Inquire; SF5250;  Recruit Reports;AW

(Must additionally include howeverare processing Processing; Auto selectPAR maintaining included capabilities; access  Actions; Employee Processor roleif  positions but not  to Ethnic Group and Appraisal; BB

HR Processing is maintaining job Disability dataonly  Processing; BB Inquire

necessary) codes  when hiring; access 

topositions; no access to job codes  PayrollProcessing;  End­userSecurity; PM Positions; PM Inquire;  Education Maintenance; Worklist; SPWEBLIB;  CPPT1040;  CPPT1050; CPPT1400

Page 7 of 1

4

 

(8)

                                                                                                                           

Type Role Description  Comparison  Online Security Permission Lists

Core Roles HR No Position HR staff HR role without  All applicable HR SF5250; Recruit 

(Cont’d) Management (Must additionally selectPAR Processor roleif  HR Processing is necessary) responsiblefor all but  classification and position management  both job codes and positions  reports, views, and processing capabilities except  position management;no access to job codes  or positions  Reports; AW Inquire;  AWProcessing; Auto Actions; Employee Appraisal; BB Processing; BB Inquire;  PayrollProcessing;  End­userSecurity;  Worklist; Education Maintenance;  SPWEBLIB;  CPPT1040;  CPPT1050; CPPT1400 HR & PosMgtViewOnly (Must additionally selectPAR Processor roleif  HR Processing is necessary) HR staff responsiblefor all but  classification and position management  HR role with view  only toboth job codes and positions  All applicable HR reports, views, and processing capabilities except  position management; view  only access to job codes or positions  SF5250; Recruit  Reports; AW Inquire;  AWProcessing; Auto Actions; Employee Appraisal; BB Processing; BB Inquire;  PayrollProcessing;  End­userSecurity;  Worklist; Education Maintenance;  SPWEBLIB;  CPPT1040;  CPPT1050;  CPPT1400; PMVIEW

(9)

 

 

 

                                                                                                       

Type Role Description  Comparison  Online Security Permission Lists

Core Roles Management (View  Managers  Like management  Applicable reports  AW Inquire; SF5250; 

(Cont’d) Only) and/ortheir

administrative role except cannot  enter performance and views; access to view Ethnic Group Recruit Reports;Auto Actions; End­user

staff ratings  and Disability data Security; PM Inquire; 

fields will beblocked.  EducationView­only; 

These individuals will also beprevented SPWEBLIB; BB Inquire; CPPT1040;  from creating reports  CPPT1050; CPPT1400 containingthe Ethnic  Group and Disability  datafields.

Management (VO)  Managers  Like Management  Applicable reports  AW Inquire; SF5250; 

No Comp Emp and/ortheir

administrative (View Only) except  noaccess to and views; access to view Ethnic Group Auto Actions; End­user Security; PM Inquire; 

staff Compensate and Disability data EducationView­only; 

Employees menu path fields will beblocked.  These individuals will SPWEBLIB; Recruit  Reports; CPPT1040;  also beprevented CPPT1050; CPPT1400 from creating reports  containingthe Ethnic  Group and Disability  datafields; no access  to Compensate Employees menu path. 

Page 

9

of

1

4

 

(10)

                                                                                                                                                                                                                                                                                                                                                                                                     

Type Role Description  Online Security Permission Lists

PAR Workflow Roles PAR Requester 

Individualwhobegins(initiates) 

PARworkflowprocess 

Requester PARpagesand

worklist

PARRequester;Worklist

PAR1st Authorizer 

FirststepinPARworkflow

approvalprocess;individualeither  authorizestheactionandsendsit intoworkflowor routesitbackto therequester 

1st AuthorizerPARpagesand worklist

PAR1st Authorizer;Worklist

PAR2nd  Authorizer 

SecondstepinPARworkflow

approvalprocess;individualeither  authorizestheactionand

continuesitwithinworkflowor  routesitbacktotherequester 

2nd AuthorizerPARpages  andworklist

PAR2nd Authorizer;Worklist

PAR Approver 

FinalstopinaPARaction's 

approvalprocess;uponapproval

by thisindividual,theactionis  routedtoHRfor finalprocessing; individualalsohasoptionsof returningactiontorequester and

disapprovingaction

Approver PARpagesand

worklist

PARApprover;Worklist

Reviewer  (PAR) 

1stHRstopinPARworkflow

process. Thisrolecaninitiate actionsaswell

Reviewer PARpagesand

worklist

PARReviewer;Worklist

PAR Processor 

FinalstopinHR;actionbecomesa

SF­50whenprocessedby thisrole

HRProcessor PARpages 

andworklist

PARProcessor;Worklist;; 

HE_MASK: Health Benefit ,

EmployeeAwards &

Realignment

NOTE: Theabovedeterminewhoappearsonthe“RoutesTo” list fortheroutingof PARworkflowactions. Select asmanyas

(11)

 

 

 

                                                                                                                                                                                              

Type Role Description  Online Permission Lists

Security Recruit Workflow Roles Recruit  Requester Individual who begins (initiates) Recruit  workflow process  Requester Recruit pages  and worklist  Recruit Requester; Worklist  Recruit 1st  Authorizer  First step in Recruit workflow approval  process; individual either authorizes the requisitionand sends it into workflow or routes it back to the requester 1st Authorizer Recruit pages  and worklist  Recruit 1st Authorizer; Worklist  Recruit 2nd  Authorizer  Second step in Recruit workflow approval  process; individual either authorizes the requisitionand continues it within workflow or routes it back to the requester 2nd Authorizer  Recruit pages  and worklist  Recruit 2nd Authorizer; Worklist  Recruit  Approver Final stop ina Recruit requisition's approval  process;  upon approval by this individual, the requisition is routed to HR forfinal  processing; individual also has options of  returning requisition to requester and disapproving requisition Approver Recruit pages  and worklist  Recruit Approver;Worklist  Recruit  Reviewer  1st HR stop in Recruit workflow process.  This role can initiate requisitions as well Reviewer  Recruit pages  and worklist  Recruit Reviewer;Worklist  Recruit  Processor 2nd HR stop in Recruit  workflow process.  This role can initiate actions as well.  Processor Recruit pages  and worklist  Recruit Processor; Worklist

NOTE: Theabovedeterminewhoappearsonthe“RoutesTo” list fortheroutingof Recruit workflowactions. Select asmanyas necessary. If anemployeeisanAgencySuperUserorAgencyPowerUser,theywillhaveaccesstoviewallrequisitionsviathemenu path,butwillnotbeapart of theworkflowprocessunlesstheyareassignedat least oneof theaboveroles.

(12)

                                                                                                                                                                                                                                                             

Type Role Description Comparison OnlineSecurity PermissionLists

SystemSupport 

Roles Agency TableMaintenance Individualresponsiblefor 

maintenanceof

tablesthatare administeredatthe Agency level.

N/A  Page1ofon­lineHelp

trackingtool

End­user Security;

POITable

Maintenance; Organizational PositionTitleTable Maintenance; SPWEBLIB; CPPT1040; CPPT1050; CPPT1400

HELP_POC_USER Anyoneusingthe

Helptooltoenter  issuesand/or obtain statusonentered issues 

N/A  Pagesneededto

assignuserstouser  profiles  HE_POC_U; CPPT1040; CPPT1050; CPPT1400; SPWEBLIB 

APP_MSG_ADMINISTRATOR For CDCandNIH

only 

N/A  PeopleSoftdelivered

role

PeopleSoft deliveredrole

Agency SWAdministrator  Individual

responsiblefor  Agency­levelsecurity  administration(i.e., creationand maintenanceofuser  profiles) and workflow administration

N/A  Alltablestobe

maintainedatAgency  level Agency SWAdmin; End­user Security; SPWEBLIB;Recruit Inquire;SW Administration2; DepartmentTree ViewOnly; CPPT1040; CPPT1050; CPPT1400

DepartmentTree/TableVO Individual

responsiblefor  Agency­level

departmenttree

N/A  Pagesneededto

assigndepartment codes  DEPTTAVO  DepartmentTable Viewonly; DTTREEVO

(13)

 

 

 

                                                                                                                                                                                                                    

Pay ProcessingSuper User  CorrectionModeto

PayrollProcessing

N/A  Correctionmodefor 

DirectDeposit,

EmployeeTaxData,

GeneralDeduction

Data,andUS Savings 

BondData,Benefit

Program Participation, Dependent/Beneficiary, HealthBenefits,Life

andAD/DBenefits,

SavingsPlans,Leave

Plans, andPension

Plans 

PAYPROSU, BBPROSU

TSP HardshipProcessor  AllowsTSP Hardship

processing,

Update/Display, Update/Display Allto Datacontrolpageof

HRProcessing,

Administer Base Benefits, Update/Display, Update/Display All

SavingsPlans,Update,

UpdateDisplay All& 

CorrectiontoGeneral

Deductions 

TSPPRO TSPPAR1 TSPPAR2

HE_BOND_CLEAN Allowscleanupof

SavingsBondData

Update/Display, Update/Display  All/Correctionto Dependent/Beneficiary 

pagesandSavings 

BondData,alsoallows 

processingoftheMove

BondPortfolio HE_BOND DepartmentTable Maintenance Allows  additions/updatesto

thedepartmenttable

Thisroleisonly for 

PaulaHartand

ErikaThomas 

Add/Update/Display  Update/Display Allto

theDepartmentTable

HE_DEPT

(14)

                                                                                                                                        

HE_AUDIT Allowsaccessto

EHRP auditreport

Update/Display to

pay034EHRP edit

report

HE_AUDIT

NOTE: Select asmanyasnecessaryof theabove. It isrecommendedthat employeeswhoareassignedtheroleof AgencySW Administratorsalsobeassignedall12workflowroles. Theaboverolesmaybeassignedinconjunctionwithacoreroleifnecessary, butthisisnot essential.

**Thefollowing roles must be added toalluserprofiles:

• ReportDistAdmin

• Worklist User

• Standard Non­PagePermissions

• Query View­Only (EEO)

Supplemental Roles:

EEO (View Only) role now no longerhas any permission lists associated with it.  It is merely intendedto serve as a supplemental role 

that would give users access toview RNO data that is normally hidden.  In andof itself, it does not provideauser withany pages or

References

Download now ( PDF - 14 Page - 455.30 KB )

Related documents

Wireless Sensor Networks

Theorem 3.2 states that for any non-zero node capture probability P c, the secure communication performance for any KP protocol monotonically decreases as network dimension

Hydro-mechanical Simulations of Well Abandonment at the Ketzin Pilot Site for CO2 Storage Verify Wellbore System Integrity

Our simulation results indicate that failure of the Ktzi 201 wellbore system is highly unlikely to occur at the Ketzin pilot site, taking into account the available site-specific

Key dates for tax April 2014 April 2015

31 October 2014 • Individuals 2013/14 paper income tax self-assessment returns must be filed by 31 October (online returns must be filed by the following 31 January).. Exceptions

Medicare Bad Debts. How to collect Medicare Bad Debt on the Cost Report. Medicare Bad Debt. Medicare Bad Debt. When to write off a Medicare Bad Debt

If the patient is unable to pay their deductible, after valid collection efforts, that same deductible is written off to the Medicare Bad Debt Log and is paid to the clinic

Understanding Java Virtual Machine Selection in InstallAnywhere

(For Windows and Unix installers, you can customize the search paths and search patterns this search uses. See "Customizing VM Search Paths and Patterns for Unix and

Sikap Rusia Terhadap Protokol Perjanjian Seanwfz (Southeast Asia Nuclear Weapons Free Zone)

Perjanjian SEANFWZ bagi negara ASEAN sendiri merupakan jaminan masa depan kehidupan bebas dari senjata nuklir terutama untuk regional Asia Tenggara, Sen- jata Nuklir

Powerpoint presentation tips Becky Pike Pluth

http://tinyurl.com/6ou4nnz Amazing number of PowerPoint based games: Includes Concentration, Jeopardy, Wheel of Fortune, Millionaire, and Hollywood Squares, Balloon Game, Blast

Role of the Election Commission of India in Strengthening Democracy in India - Election Law

commission +oined the 1upreme 4ourt in improving the legal conditions that mae representative government and democratic participation possible+.. Rudol%h )'d