Forums / Categories / PeopleSoft / Financials / Who is responsible for maintaining PS Financials security in your organization?

    Who is responsible for maintaining PS Financials security in your organization?

    Who is responsible for maintaining PS Financials security in your organization?  Our IS department wants to move the responsibility to Accounting.  This is a segregation of duties conflict.  I appreciate all responses!

    Thank you!

    PeopleSoft security is maintained
    by our Accounting Systems Team, which is part of our Accounting
    department.

    Diane Freese, FLMI
    Ameritas
    Manager – Accounting Systems

    At
    Houston Methodist, PS Financials is a shared responsibility. 
    IT updates the security setting after approved by
    Accounting.

    Regards,

    Demetrio
    J Perales

    Corporate
    Financial Accounting

    Houston
    Methodist

    832.667.6084

    [email protected]

    At AutoZone we have an team of Financial Systems Analysts.  This team is part of the Finance organization and manages application access to PeopleSoft financials which includes dynamic assignment rules.  The role that permits the ability to manage user access is restricted to use by this team only.  The team does not have the ability to record any transactions in the system, such a journal entries or vouchers, which mitigates the potential segregation of duties conflict.  This team also manages the configuration of the application and has responsibility for settings like BUs and accounting templates for example.  We treat the role that permits the ability to update user access as a sensitive role and perform periodic review to validate that it is only assigned to this team.  We also have logging turned on for user profiles so that we can check the log periodically for any instance of a user updating heir own access.  These reviews further complement the control environment to mitigate any segregation of duties conflict.

    I have been with 4 organizations that used PeopleSoft and all of them have done it the way Houston Methodist does.

    Michael Grisser
    IT Director – Business Systems
    Oklahoma Heart Hospital
    [email protected]

    At our organization it is mostly controlled by IT.  IT provisions everything except for Nvision access and project costing access.  Those require approvals from the business.

    Sandra Chai

    City of Richmond

    Thank you all for your response!

    Jo Ann

    IT is responsible - users enter Help Desk tickets that require Manager approval or above.

    Stamarian Watts

    Comporium

    Someone in our Finance group has responsibility to update security after a request has been submitted and approved by the business process owner.  This person does not have any responsibilities to create or issue vouchers or PO.  They can inquiry and assist with processes.

    My current company has it in IT.  However, it works better to be in the Systems group that is the liaison group between IT and Accounting.  Sometimes the liaison group reports to IT and sometimes to Accounting.  But that still allows for segregation of duties.  Having it out of IT allows for better roles/permission list as my experience has been that when in IT the segregation of duties and page level understanding is not there.  Happy to discuss in more detail.

    PS security is maintained by a project team within the Accounting Operations area….in the business.  This group does some configuration in some modules but do not have access to do transactions across the modules.  We did discuss with our Information Security Ops team in IT to have them do it, but given the complexity of PS security and the special knowledge it requires, they agreed to have the Business team maintain it.

    @Jo Ann Musgrave Hi Jo Ann. Security is normally maintained by a companies IT department. At least that's what we've seen over the years. Are there specific aspects of security that your IS department would like to shift over to Accounting?

    Thank you,

    Tom Meyer
    [email protected]

    @Jo Ann Musgrave

    In our organization, we have a security request form that departments submit their request for security access into PeopleSoft. The PeopleSoft Finance Manager (me) reviews and approves, and then the form is routed to our admin person to update the security in the system. We are looking to automate this further with a GT Form, so upon approval by me the system will be updated automatically.

    Hi Jo Ann. In my organization, IT works with the business to define and maintain appropriate permission lists and roles. Basic access (e.g. ESS) is fully automated based on employee status. Roles that provide higher levels of access are administered several ways:

    • Dynamic role assignment - primarily based on job code and/or department

    • Distributed user profile functionality, where certain users/groups are authorized to grant and remove specific roles. All of this activity is fully audited so there's a record of who assigned or removed a role from a given user, or modified their row level security.

    • Peoplesoft Security Administrator within IT receives a request from a designated "functional area owner"

    Daniel Rech
    Director of Information Systems
    Beth Israel Deaconess Medical Center
    [email protected]

     

Looks like your connection to Quest Oracle Community was lost, please wait while we try to reconnect.