- 4 Posts
- 288 Views
We currently use a Notes database designed security request process for an employee's supervisor to request access on their behalf. There is some basic workflow built-in. This helps track access approval for our auditing/compliance obligations. We're looking to upgrade /update this process.
How do other companies handle requests for access - request process, approval routing (if any), etc.? And in what - custom built tool, pre-built tool, email requests, other?
Mamuka, thanks for the insight into your setup. I have a few follow up questions.
You mentioned using service desk (JIRA). Do ALL requests start there, so the end user does not have to know some access relates to PeopleSoft and other access is for a different system? Or, is this specifically when PeopleSoft access is needed, the form would be filled out and submitted?
For the default preferences updates, you stated the system looks them up and trues defaults with the user. What system is the one handling this lookup and update? PeopleSoft itself?
In general we use our service desk (JIRA) to process all user privisioning (and other) service requests. While service desk is intelligent enough to allow for custom formst and stuff, as we are not that sofisticated in many of our locations and requests mostly come via email channel, the forms are excel based (i.e. no automation).
However, due to the fact that it's not fun do deal with offline forms in 21st century, we have developed in-house an PeopleSoft user administration self-service, that among other features has new user request functionality. Certain designated (privileged) users in each BU can request new users (or deactivate existing ones or process their security / module access requests) using this enhancement. It is workflow enabled, and once approved system processess it automatically. Functionality is smart enough perform some checks (like ensure that userid is unique, and email isn't used by anyone esle) as well as assigns role level preferences too. We acomplish this by having defult preferences for each functional roles. For instance, we have a role in GL Data Entry, and another GL Approver, and both of them have their own default preferences. When one role is assigned, or replaced with another, system looks up the preferences and trues up defaults with the user.
The enhancement isn't coverying everything (like pay cycle security) but does the job for 99% of the time and we are constantly improving and extending its functionality. Since we are on 9.1/8.54 we don't have some of those new capabilities that 9.2 offers (like forms) so we had to desing the solution grounds up.
We are working on similar solution for our workflow administrtion, which is harder nut to crack, but we are getting there.
Part of the reason why we chose PeopleSoft instead of external system to design our forms etc is automation, auditability and support capabilities.
I should clarify, this relates to any access being requested, not necessarily only financials or even Oracle related.