optimizing security for workcenters and dashboards · workcenters and dashboards. business...

Optimizing Security for WorkCenters and Dashboards

Trimaan Dang, Senior Consultant, DeloitteEllen Dejonge, Senior ERP Business Analyst, Niagara Region

June 20, 2017

© Deloitte LLP and affiliated entities.

Contents

Enhanced Financial Management Service

Business requirements

Overview of WorkCenters and Dashboards

How-to guide for security

The EFMS Experience

Conclusion

Questions

Optimizing Security for WorkCenters and Dashboards 2


Trimaan Dang

Senior Consultant, Risk Advisory

Deloitte

Trimaan is a Senior Consultant in the Cyber Risk Services group within Deloitte’s Risk Advisory practice.

Trimaan has experience as a Security Specialist, designing and implementing security within ERP implementations at public sector organizations.

She also has experience with Internal Audits, Analytics and IT Assurance. Her areas of experience include: design and implementation of PeopleSoft security and controls, Audit Command Language, segregation of duties, development of process documentation; process improvement, and visualized analysis using Tableau.

Ellen Dejonge

Senior ERP Business Analyst

Niagara Region

Ellen DeJonge is a Senior ERP Business Analyst with Niagara Region.

She has been with Niagara Region for over 26 years and was part of the implementation team when PeopleSoft HCM was implemented in 2003 and part of the implementation team when PeopleSoft Finance was implemented in 2016.

Her support portfolio at Niagara includes: General Ledger, Commitment Control, Trees, CoA Structure, nVision Reporting (report requests/scopes) & Security.

Introductions



Enhanced Financial Management ServiceNiagara Region



The Enhanced Financial Management Service (EFMS) project is a multi-year project with two key objectives:

Improve the way Niagara Region operates, through modern business processes

Replace the multiple applications that are used to operate Niagara Region with an ERP system

Mission was to implement an integrated enterprise solution to provide system functionality that:

Niagara Region – Enhanced Financial Management Service (EFMS)


Improves efficiency and effectiveness

Reduces risk

Enables effective internal controls

Ensures better management of the organization

Improves the client experience


EFMS Timeline



EFMS Principles

Minimal customizations

Simple, consistent processes and information

Increased transparency and accountability

Improved financial control

Centralized information management

System of record for finance and purchasing data

Automated reporting and transaction processing

Participation from all department stakeholders



WorkCenters and DashboardsBusiness requirements



Business requirements and implementation issues


What’s the problem?

Multiple different ways of kicking off business processes

Tasks for users can include initiating transactions, providing approvals, resolving issues, running processes, consuming reports/queries etc.

Gap exists on how best to guide users to perform work that needs to be mitigated

What’s the need?

Linked to the original mission of EFMS

• Improves efficiency and effectiveness

• Enable better management of the organization

• Improves the client experience

Linked to the original principles of EFMS

• Simple, consistent processes and information

• Centralized information management


Solution implemented

Deploy numerous WorkCenters and Dashboards to a wide user group to ensure efficiency of business processes from the very beginning.

Guide users to the WorkCenters for their respective positions to execute work.

WorkCenters and Dashboards deployed for:

Accounts Payable

Accounts Receivables

Billing

General Ledger

Projects

Buyer (Procurement)

Dept ID Manager

Project Manager


Solution

Accounts Payable

Accounts Receivable

Billing

General Ledger

ProjectsBuyer (Procurement)

DeptidManager

Project Manager


WorkCenters and Dashboards allow organizations to enable and accelerate their user productivity by providing a one-stop shop to conduct transactions, take actions and view relevant reporting.



WorkCenters and DashboardsAn overview



Overview


One-stop shop for accessing all commonly accessed pages, transactions, reports, and queries.

One-stop shop

Can house ‘linked’ dashboards, which can display relevant data in a Pivot Grid format

‘Linked’ dashboards

Enable productivity by reducing the time a user spends searching through PeopleSoft’s many navigations.

Enable productivity

4 components of a typical workcenter and dashboard.

Multiple components

Benefits of WorkCentersand Dashboards


Two levels of configuration:

System configuration pre go-live:

- Common pages accessed on a daily basis. Can select from delivered list of pagelets or additional.

- Alerts that can notify users based on configurations in the Events and Notifications framework.

- Additional pages that may be less commonly used but are relevant for the users in their day to day job.

- Common queries and reports that can be used to facilitate and enable daily tasks.

- Links for reports and processes can take users directly to the respective Run Control pages and the Reporting Console.

End user personalizations

Typical configuration


Typical configuration

Links PageletOther relevant pages of interest

Queries PageletCommonly accessed Public and Private Queries

Reports and Processes PageletReports and results to facilitate work


WorkCenters – A few examples


1 https://blogs.oracle.com/peoplesoft/10-innovations-in-peoplesoft-92-8-WorkCenters-and-dashboards


EFMS Projects WorkCenter – An example



WorkCenters and DashboardsA ‘how-to’ guide for security



Types of pagelets in WorkCenters/Dashboards


PageletWizard

These pagelets will be published under the Pagelet Wizard.

Hidden pages

These are published under a normal menu, component and

page.

If authorization error is received here, author access may need to

be disabled in Portal Structure and Content.

Vs


Configuration from a security standpoint - EFMS


Navigation accessDoes a specified role, through a permission list, have access to the navigation for the Workcenter/Dashboard?

1Specified access to Workcenter / DashboardHave the roles been specifically added to the Workcenter / Dashboard?

Numerous pages available from a configuration perspective here.

Test, test and test After providing all access, ensure to test WorkCenters / Dashboards in an environment with data.

This will help identify those remaining issues that need to be resolved.

2 3


Common security configurationSpecified access to Workcenter / Dashboard

Pre go-live, the implementation team to identify specified access on this page to enable consistent access for users.

Configuration page 1:

− PeopleTools → Portal → Pagelet Wizard → Pagelet Wizard → Select Pagelet → Pagelet Security = Security Type = Public Access

− Public Security, Author Access or Select Security Access through Permission List or Role available.

− EFMS security here was typically governed by Public Access

Step 1:

− Ensures that the pagelet is available for all those who will have access to the pagelet through the workcenter/dashboard.



Common security configuration (cont’d)Specified access to Workcenter / Dashboard


Method of provisioning used here must be consistent with access provided from a navigation perspective.


− PeopleTools → Portal → Workcenter → Manage WorkcenterDashboards → Select Workcenter Dashboard → Security type

− Public Security or Select Security Access through Permission List or Role available.

− EFMS security here was governed by Role access.

Step 2:

− Streamlines access by identifying only those specific roles or permission lists who have access to the linked dashboard for a particular workcenter i.e. even if a role obtains access through a navigation, if that role is not identified here, then the dashboard is unavailable.



Common security configuration (cont’d)Specified access to Workcenter / Dashboard


Method of provisioning used here must be consistent with access provided from a navigation perspective.


− Enterprise Components > Workcenter/Dashboards > Configure Pagelets > Select Workcenter > My Work

− Public Security or Select Security Access through Permission List or Role available.

− EFMS security here was governed by Role access.

Step 3:

− Makes workcenter/dashboard even more granular by identifying only specific roles who should be able to see certain links out of the whole population of roles who can see the link.


Remember to click on Save and Activate My Work Settings if any changes made on this page!


Design tips to keep in mind

Common Navigations:

• No need for additional configuration for navigations included on

WorkCenters and dashboards

• Security access for these ‘pages’ (i.e. common navigations) will flow

through the access already provided on the roles and permission lists as

normal.

Pivot Grids:

• Typically use PeopleSoft Queries as their base

• Can display results in a grid, chart or both formats.

• Access to Pivot Grids flows through query security administration i.e. Query Access Groups.


WorkCenters and DashboardsThe EFMS Experience



Niagara Region Feedback

Advantages

Convenient of have all links and reports in one place

Easy access to approval worklist and other work tasks.

Quick view of financials of specific projects.

Disadvantages / Future Improvements

Performance – Pivot Grids slow to build.

Limitations in information captured – Dept ID descriptions, account descriptions etc.

Frequently used parameter – Save Account number if there is an account that you frequently want to drill into.



AR Workcenter Dashboard



Workcenter prior to personalization AP WorkCenter Dashboard



Post-personalization results AP Workcenter Dashboard



WorkCenters and DashboardsRecap



Cost vs. BenefitsTo sum it all up


Central access

Accelerate productivity

Streamlined access and initiation

Relatively straightforward configuration

One stop-shop to enable users in their day to day tasks.

Can boost productivity by not having to navigate to each navigation one by one courtesy of the central location.

Consistent business processes –business cycles are always kicked off using common functionality.

Security is a tool to enable consistent and streamlined user access, in accordance with access available throughout rest of the application. Relatively easy to implement and maintain.

Favourable Cost-Benefit Assessment

Effort to setup and maintain is minimal given the advantages yielded by end-users on a daily basis.


Questions?

Trimaan Dang

Senior Consultant, Risk Advisory, Deloitte

[email protected]

Ellen Dejone

Senior ERP Business Analyst, Niagara Region

[email protected]


mailto:[email protected]

mailto:[email protected]

Deloitte, one of Canada's leading professional services firms, provides audit, tax, consulting, and financial advisory services. Deloitte LLP, an Ontario limited liability partnership, is the Canadian member firm of Deloitte Touche Tohmatsu Limited.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.

The information contained herein is not intended to substitute for competent professional advice.


optimizing security for workcenters and dashboards · workcenters and dashboards. business...

Documents