Forums / Categories / PeopleSoft / Financials / Who is responsible for maintaining PS Financials security in your organization?

    Who is responsible for maintaining PS Financials security in your organization?

    Who is responsible for maintaining PS Financials security in your organization?  Our IS department wants to move the responsibility to Accounting.  This is a segregation of duties conflict.  I appreciate all responses!

    Thank you!

    @Jo-Ann-Musgrave PS FSCM security is a shared responsibility by members of an Enterprise Financial System support organization. The IT support organization members manage the application and network security based on guidance from the functional members.

    @Jo-Ann-Musgrave It is maintained by our Finance Technology Operations team which is in the Finance Systems and Solutions Department that is part of Finance.

    Vicki Judd
    Edward Jones
    Finance Systems

    We have a small team of Functional Analysts. In our team we have a Security Analyst, and their role is creating and maintaining all aspects of security. Access Requests are submitted, access is then approved by the director of finance prior to granting the access.

    @jo-ann-musgrave PeopleSoft security as well as application configuration is maintained primarily by our Accounting Systems Team, which is part of our Corporate Accounting group. IT handles hardware and database maintenance.

    Robbie Tomlinson
    Manager - Accounting Systems
    Hancock Whitney

    Hi Jo Ann. In my organization, IT works with the business to define and maintain appropriate permission lists and roles. Basic access (e.g. ESS) is fully automated based on employee status. Roles that provide higher levels of access are administered several ways:

    • Dynamic role assignment - primarily based on job code and/or department

    • Distributed user profile functionality, where certain users/groups are authorized to grant and remove specific roles. All of this activity is fully audited so there's a record of who assigned or removed a role from a given user, or modified their row level security.

    • Peoplesoft Security Administrator within IT receives a request from a designated "functional area owner"

    Daniel Rech
    Director of Information Systems
    Beth Israel Deaconess Medical Center


    In our organization, we have a security request form that departments submit their request for security access into PeopleSoft. The PeopleSoft Finance Manager (me) reviews and approves, and then the form is routed to our admin person to update the security in the system. We are looking to automate this further with a GT Form, so upon approval by me the system will be updated automatically.

    @jo-ann-musgrave Hi Jo Ann. Security is normally maintained by a companies IT department. At least that's what we've seen over the years. Are there specific aspects of security that your IS department would like to shift over to Accounting?

    Thank you,

    Tom Meyer

    PS security is maintained by a project team within the Accounting Operations area….in the business.  This group does some configuration in some modules but do not have access to do transactions across the modules.  We did discuss with our Information Security Ops team in IT to have them do it, but given the complexity of PS security and the special knowledge it requires, they agreed to have the Business team maintain it.

    My current company has it in IT.  However, it works better to be in the Systems group that is the liaison group between IT and Accounting.  Sometimes the liaison group reports to IT and sometimes to Accounting.  But that still allows for segregation of duties.  Having it out of IT allows for better roles/permission list as my experience has been that when in IT the segregation of duties and page level understanding is not there.  Happy to discuss in more detail.

    Someone in our Finance group has responsibility to update security after a request has been submitted and approved by the business process owner.  This person does not have any responsibilities to create or issue vouchers or PO.  They can inquiry and assist with processes.

    IT is responsible - users enter Help Desk tickets that require Manager approval or above.

    Stamarian Watts


    Thank you all for your response!

    Jo Ann

    At our organization it is mostly controlled by IT.  IT provisions everything except for Nvision access and project costing access.  Those require approvals from the business.

    Sandra Chai

    City of Richmond

    I have been with 4 organizations that used PeopleSoft and all of them have done it the way Houston Methodist does.

    Michael Grisser
    IT Director – Business Systems
    Oklahoma Heart Hospital

    At AutoZone we have an team of Financial Systems Analysts.  This team is part of the Finance organization and manages application access to PeopleSoft financials which includes dynamic assignment rules.  The role that permits the ability to manage user access is restricted to use by this team only.  The team does not have the ability to record any transactions in the system, such a journal entries or vouchers, which mitigates the potential segregation of duties conflict.  This team also manages the configuration of the application and has responsibility for settings like BUs and accounting templates for example.  We treat the role that permits the ability to update user access as a sensitive role and perform periodic review to validate that it is only assigned to this team.  We also have logging turned on for user profiles so that we can check the log periodically for any instance of a user updating heir own access.  These reviews further complement the control environment to mitigate any segregation of duties conflict.

    Houston Methodist, PS Financials is a shared responsibility. 
    IT updates the security setting after approved by


    J Perales

    Financial Accounting



    PeopleSoft security is maintained
    by our Accounting Systems Team, which is part of our Accounting

    Diane Freese, FLMI
    Manager – Accounting Systems

Log in to reply

Looks like your connection to Quest Oracle Community was lost, please wait while we try to reconnect.