Understanding Security for PeopleSoft Expenses

PeopleSoft Expenses is designed with a variety of users in mind. Expenses enables you to set up access that is appropriate for different employees, depending on their role in the expense approval process.

This topic discusses:

  • Securing access to expense employees.

  • Securing access to approvers.

  • Securing ChartFields.

  • Delegating entry authority

Securing Access to Expense Employees

PeopleSoft Expenses enables you to limit employee access to accounting information and user default information for three transactions. The three transactions are expense reports, time reports, and travel authorizations. You accomplish this by creating employee privilege templates and associating those templates with a business unit or a user role.

See Maintaining Employee Privilege Templates.

Securing Access to Approvers

Your company may have staff, such as a travel and expense department, who submit expense reports for employees. Assign these staff members authorized user IDs to access the menus and pages to your expense system. They must also be authorized to enter expense information for specific employee IDs.

An approver in PeopleSoft Expenses is typically a department manager responsible for charges against one or more departmental budgets. You must authorize approvers in PeopleSoft Expenses security. If you don't authorize approvers, they cannot access the transactions in the system.

Securing ChartFields

PeopleSoft ChartField security provides a flexible, rule-based approach to administer security at a data level. ChartField security is supported in PeopleSoft Expenses and across other PeopleSoft Financial and Supply Chain Management (FSCM) applications. The ChartField security feature prevents unauthorized employees and contractors from viewing and editing sensitive financial data by restricting access to data stored with specific ChartField values.

The primary features for ChartField security are:

  • Enforces security rules by user, role, or permission list.

  • Enables ChartField security for all products or selectively by product.

  • Enables or disables ChartField security selectively by component.

  • Defines rules to accommodate end-user areas of responsibility.

  • Refines access rules by product feature or component.

  • Supports super-user access to minimize setup.

  • Defines components as exceptions to override security rules.

PeopleSoft Expenses does not secure access to transaction pages and accounting data. PeopleSoft Expenses has its own security; therefore, it does not use ChartField Security to restrict access to transaction pages and accounting data. Employees should always be able to view their past transactions, even if they no longer have authority to a specific ChartField. For example, employee A had access to department ID 42000 but has moved to department 50000. Employee 42000 can view all expense reports for all departments that he or she has been a member of.

For more information, see Securing ChartFields for PeopleSoft Expenses.

Delegating Entry Authority

Some organizations have staff members who create expense transactions on behalf of other employees within the organization. This staff member is referred to as a delegate because you are delegating authority to them to create expense transactions for you. You can grant, or delegate, authority to an employee to enter your expense data by authorizing their user ID.

A system administrator or manager can determine who is authorized to enter expense transactions for other employees using the Authorize Expense Users (Search) Page. Or, an employee can determine who is authorized to enter expense transactions on their behalf using the Authorize Users Page.