Understanding the Roles of a Security Partner

Slide Note
Embed
Share

Learn about the roles and responsibilities of a Security Partner, including requesting changes to security roles, approving security requests, and initiating access requests. Explore the overview of Workday Security, the security access request process, and the pre-request process flow. Discover how security is assigned in different ways and the steps involved in handling security issues effectively.

zaara
zaara Follow

Uploaded on Jul 17, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Security Partner 101 1

  2. Agenda Roles and Responsibilities of a Security Partner Overview of Workday Security Security Access Request Process Overview Demo Available Resources and Materials Q&A 2

  3. Security Partner Roles and Responsibilities Security Partner A departmental role assigned by leadership for each unit. Responsible for requesting changes to security roles associated with each position, including adding roles and removing roles, assigning responsibility for cost centers, programs and supervisory organizations. Responsibilities Approve Security Requests from Departments Initiate Security Access Requests in Workday Access to view security assignments by position 3

  4. Workday Security Overview Workday Security is assigned in two ways: Assignable Role Assigned to a position User-Based Group Assigned to a user Requested via Security Access Request Process in Workday Requested via Service Desk Examples: Cost Center Manager, HR Partner, Manager, Departmental Buyer Examples: HR Administrator, Finance Administrator 4

  5. Security Access Request Process 5

  6. Initial Request 6

  7. Pre-Request Process Flow L4 Sub- Process Deloitte. Deloitte. Pre-Request Client-specific deviations: Exception processes for adds-to-staff or additional approvals based on proposed rank or salary may require additional approvals including (but not limited to) Finance, HR BP, and Executive approvals. Contingent Hiring is a type of Hire Typethat is requested by the hiring manager Note: TA Recruiter should finalize interview approach during intake meeting Decision In scope Process Integration Assumption / Moment That Matters Technology Step On Page Connector Out of Scope Process Integration Pre- Security Access Requests Employee/Department Initiated Employee 1 Notify Supervisor of Security Issue 2 3 Identify appropriate access to resolve Draft Business Reason to Request Access Supervisor 4 Security Access Request Process Email Department/Area Security Partner with relevant Security Access Request info Access Approved? Yes Security Partner No 5 Deny Request and Notify Employee & Supervisor 7

  8. Pre-Request Process Flow 1. Employees reach out to their Supervisor when they do not have necessary access in Workday. 2. The Employee and Supervisor identify the appropriate access to resolve the issue and draft a business reason to request access. 3. The Supervisor fills out the Workday Security Request Form (next slide) and sends to the Security Partner for approval. 4. If the request is approved, the Security Partner initiates the Security Access Request Process in Workday. 5. If the access is denied, the Security Partner notifies the Employee and Supervisor. 8

  9. Workday Security Request Form Supervisor to complete the Request Form and send to Security Partner for approval. Upon approval, the Security Partner uses this information to begin the Security Access Request process in Workday. 9

  10. Security Access Request Process Flow L4 Sub- Process Deloitte. Deloitte. Request Client-specific deviations: Exception processes for adds-to-staff or additional approvals based on proposed rank or salary may require additional approvals including (but not limited to) Finance, HR BP, and Executive approvals. Contingent Hiring is a type of Hire Typethat is requested by the hiring manager Note: TA Recruiter should finalize interview approach during intake meeting Decision In scope Process Integration Assumption / Moment That Matters Technology Step On Page Connector Out of Scope Process Integration Security Access Requests - Administrative Initiated Security Partner Department Security Pre-Request FIN or HCM Role? Initiate Security Request FIN Approver Finance FIN PII Role? Approve Request No HCM FIN Role Assigner Perform Security Changes in WD Close Request Yes Approver HCM PII Role? PII Approve Request Yes HCM Role Assigner Perform Security Changes in WD Approve Request Close Request No 10

  11. Security Access Request Process Flow 1. Department sends Workday Security Request Form to Security Partner for approval (see slides 6-9). 2. Upon approval, Security Partner initiates a Request of Type Security Access Request in Workday, completes the questionnaire using the Workday Security Request Form provided by the Department Contact, and submits the request. 3. Based on the Role Category selected in the questionnaire, the request routes to one of the following groups for approval: PII Approver Finance Approver HCM Role Assigner 11

  12. Security Access Request Process Flow Cont. 4. Finance Approver approval is required for all finance role assignments prior to PII Approver approval and role assignment. 5. PII Approver approval is required to approve the requested security when access to PII will be granted. 6. HCM Role Assigner approval is required. Review ensures completeness of information required to make role assignments. 7. HCM Role Assigner/Finance Role Assigner make the actual role assignments in Workday and close the request. 12

  13. Security Access Requests (continued) Common Roles that use this process HR Partner Compensation Partner Financial Data View Only other view-access roles Any security questions can also be submitted to the Workday Service Desk. 13

  14. Security Access Requests (continued) Exceptions that do not use this process Grant Managers and Grant PIs are assigned only during award setup. This ensures that award setup notifications go out properly. User-Based Groups (i.e. HR Administrator, Finance Administrator, etc.) will NOT be requested through the Security Access Request Process. Tickets should be submitted to the Service Desk for these types of requests. Any security questions can also be submitted to the Workday Service Desk. 14

  15. Demo 15

  16. Helpful Resources and Materials Security Access Request Webpage Reference Guides: Security Access Request for Security Partner Security Access Request for Role Assigner Security Access Request for PII Approver Confluence Knowledge Base Article for Security Partners Including PII Matrix Security Roles with Descriptions Security Request Form 16

  17. Questions? 17

Related


Legal Entitlements and Responsibilities in the Event of a Partner's Death

Legal Entitlements and Responsibilities in the Event of a Partner's Death

thana
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
Understanding PeopleSoft Security: A Comprehensive Guide

Understanding PeopleSoft Security: A Comprehensive Guide

kylen
TSA Updates on Security Training Rule for OTRB Companies

TSA Updates on Security Training Rule for OTRB Companies

aziza
Overview of Retirement of a Partner and its Effects

Overview of Retirement of a Partner and its Effects

dove
International Approaches to Enhance Nuclear Safety and Security

International Approaches to Enhance Nuclear Safety and Security

mazarine
Understanding Security Onion: Network Security Monitoring Tools

Understanding Security Onion: Network Security Monitoring Tools

sadhbh
Understanding Transport Layer Security (TLS)

Understanding Transport Layer Security (TLS)

amabel
Understanding Cyber Security and Risks

Understanding Cyber Security and Risks

kathryn
Understanding Provable Security Models in Cryptography

Understanding Provable Security Models in Cryptography

donoghue_e
Understanding Computer Security Principles and Practices

Understanding Computer Security Principles and Practices

jos_o
BCA 601(N): Computer Network Security

BCA 601(N): Computer Network Security

danna
Enhancing Security Definitions for Functional Encryption

Enhancing Security Definitions for Functional Encryption

kalila
AEP Enterprise Security Program Overview - June 2021 Update

AEP Enterprise Security Program Overview - June 2021 Update

aubriella
Evolving Security Practices in DevOps: A Holistic Approach

Evolving Security Practices in DevOps: A Holistic Approach

madisyn
Certification and Training in Information Security

Certification and Training in Information Security

buck
Overview of Social Security and Health Care System in Turkey

Overview of Social Security and Health Care System in Turkey

violeta
Designing the Perfect Wallet for Mom

Designing the Perfect Wallet for Mom

isabela
Understanding Paraeducator Roles and Responsibilities in the Classroom

Understanding Paraeducator Roles and Responsibilities in the Classroom

india
PNG Continuation Government of Alberta - Roles and Responsibilities Overview

PNG Continuation Government of Alberta - Roles and Responsibilities Overview

bjorn
Understanding PeopleSoft Security: User ID Creation and Role Administration

Understanding PeopleSoft Security: User ID Creation and Role Administration

kasper
National Labor Mapping Application User Roles and Access Overview

National Labor Mapping Application User Roles and Access Overview

rubymae
OWASP Bricks - Web Application Security Learning Platform

OWASP Bricks - Web Application Security Learning Platform

aleia
Cyber Security Toolkit for Boards: Comprehensive Briefings and Key Questions

Cyber Security Toolkit for Boards: Comprehensive Briefings and Key Questions

adalwolf

More Related Content

Understanding Security Reports and Hospital Security Services
Understanding Security Reports and Hospital Security Services
Understanding Security Management in an ICT Environment
Understanding Security Management in an ICT Environment
Cyber Threat Detection and Network Security Strategies
Cyber Threat Detection and Network Security Strategies
Understanding LXI Network Security in Industrial Environments
Understanding LXI Network Security in Industrial Environments
Understanding Information Security Basics
Understanding Information Security Basics
Understanding Information Security Policies for Effective Cybersecurity
Understanding Information Security Policies for Effective Cybersecurity
Organizational Structure Overview of HSE and Security Functions
Organizational Structure Overview of HSE and Security Functions
Modernizing Personnel Security Vetting for National Intelligence and Security
Modernizing Personnel Security Vetting for National Intelligence and Security
CAMPUS SECURITY AUTHORITY (CSA) TRAINING CAMPUS SECURITY AUTHORITY (CSA) TRAINING
CAMPUS SECURITY AUTHORITY (CSA) TRAINING CAMPUS SECURITY AUTHORITY (CSA) TRAINING
Mobile Device and Platform Security in Spring 2017: Lecture Highlights
Mobile Device and Platform Security in Spring 2017: Lecture Highlights
Securing IT Infrastructure at Exeter University
Securing IT Infrastructure at Exeter University
Enhancing Rail Security in the European Union
Enhancing Rail Security in the European Union
Comprehensive Overview of E-Commerce Application Development and Computer Security
Comprehensive Overview of E-Commerce Application Development and Computer Security
Understanding Accounting Ratios and Partner Admission in a Partnership Firm
Understanding Accounting Ratios and Partner Admission in a Partnership Firm
Solar for All Application Partner’s Meeting
Solar for All Application Partner’s Meeting
LS Retail Consulting Americas: Enhancing Partner Success in Retail and Hospitality
LS Retail Consulting Americas: Enhancing Partner Success in Retail and Hospitality
Trauma in Pregnancy and Intimate Partner Violence - 10th Edition
Trauma in Pregnancy and Intimate Partner Violence - 10th Edition
Guidelines for Selecting SkillBridge Partner Companies
Guidelines for Selecting SkillBridge Partner Companies
Comprehensive Guide to Creating Partner Value Propositions
Comprehensive Guide to Creating Partner Value Propositions
PEPFAR's Focus on Partner Notification Services for HIV Prevention
PEPFAR's Focus on Partner Notification Services for HIV Prevention
Vega Partner Program Overview and Development Timeline
Vega Partner Program Overview and Development Timeline
Understanding Semantic Roles in Linguistics
Understanding Semantic Roles in Linguistics
Examination of Biblical Perspectives on Gender Roles in Ministry
Examination of Biblical Perspectives on Gender Roles in Ministry
Understanding Wireless Security Audits and Best Practices
Understanding Wireless Security Audits and Best Practices