Forecasting Roles and Security
To provide the Services Forecasting feature users with access to application functions that are essential to performing their job tasks, you create roles and assign them to individual user profiles. Inherent in each role is access to the application pages and processes that are required to perform the job tasks. Setting up user access requires that you understand shared data and access to PeopleSoft applications.
This topic discusses:
-
Permission lists.
-
Row-level security.
-
Other security features.
-
User profiles and roles.
Permission Lists
The Services Forecasting feature comes with preconfigured permission lists that grant access to various pages. These permission lists support the functional roles that are delivered with the application. You can modify the permission lists to grant or revoke access to certain pages, web libraries, components, and other objects as necessary to support an organization's unique roles. To modify the access for a user's role, you modify a permission list that is linked to the role.
Important:
If you modify a permission list, you change the access for all users who are assigned to roles that are assigned to the permission list.
The permission lists that begin with EPEX, EPRS, EPPC, and EPPG are associated with PeopleSoft Expenses, Resource Management, Project Costing, and Program Management, respectively. Because users of these applications are likely to use the Services Forecasting feature, PeopleSoft updated the appropriate existing permission lists to include Services Forecasting pages instead of creating new permission lists.
The following table lists the delivered permission lists that provide access to the Services Forecasting feature, the purpose of each permission list in Services Forecasting, and the roles that are associated with each permission list:
| Permission List | Description | Purpose | Roles |
|---|---|---|---|
|
EPCO9000 |
Setup Financials/Supply Chain |
Enables administrators to establish business rules for the Services Forecasting feature. |
Application Administrator |
|
EPEX1000 |
Travel and Expense Employee |
Provides employees access to enter forecast hours and actual hours. |
Employees who log time |
|
EPEX4000 |
Manager - Time |
Provides managers access to approve forecast time and actual time that is entered by an employee. |
Expense Manager |
|
EPEX4100 |
Project Manager - Time |
Provides access to approve and modify forecast hours and actual hours against specific projects. |
Project Manager, Time Report Project Mgr Appr. |
|
EPEX5000 |
Travel & Expense Auditor |
Enables auditors and administrators to enter, review, update, and submit forecasts on behalf of any employee or manager. |
Expenses Auditors, Time and Expense Administrator |
|
EPPC2100 |
Project/Activity Team |
Provides access to update and approve forecast hours for project team members. |
Resource Manager, Project Manager, Practice Manager |
|
EPRS5100 |
RS Worker |
Enables resources to enter, review, update, and submit forecasts. |
Resource |
|
EPRS5200 |
RS Worker Manager |
Enables managers to enter, review, update, and submit forecasts for their resources. |
Resource Manager, Practice Manager |
Row-Level Security
PeopleSoft provides row-level security to enable individual users or permission lists to have access to a table without having access to all rows on that table. This type of security is typically applied to tables that hold sensitive data. The Services Forecasting feature uses row-level security in three ways:
-
It controls the HR business units that users can access when they are analyzing utilization.
-
It limits managers who are using the Review Forecasted Time page to only the GL business units to which they have been granted row-level access.
-
It limits the entry of forecast time on the Forecast Time page to only the project business units that the employee is allowed to access.
Note:
Row-level security does not restrict the data that is selected by batch processes.
Other Security Features
Other security mechanisms in the Services Forecasting feature include:
-
The Review Forecasted Time page, which is used by managers to review employee forecasts, limits managers to the forecasts of their own employees, unless an administrator grants a manager access to another manager's resources using the Authorize Users page.
The Authorize Users page is also used to grant a time and expense administrator access to a manager's employee forecasts on the Review Forecasted Time page to work on behalf of the manager.
-
The Review Forecast by Project page, which is used by project managers to approve hours forecasted against a project, limits project managers to the projects on which they are designated as project manager.
The designation of an individual as project manager occurs on the Resource Detail page of the Project Resource Plan component (PGM_RESOURCE_LIST). The Authorize Users page is used to grant a time and expense administrator access to a project manager's employee forecasts on the Review Forecast by Project page to work on behalf of the manager.
-
The Forecast Time pages that are used for entering and submitting project and personal time can limit the projects and activities to which a user can forecast time (either the employee or the employee's manager) .
The projects and activities that are available for selection depend on whether a project or activity team is enforced on the project. If no team enforcement is specified for the project, then any employee with access to the project's business unit can access the project. If a project team is enforced, the employee must be on the project team to have access to the project. If an activity team is enforced, the employee must be on the activity team to have access to the project and the specific activity. The level of team enforcement is applied to a project on the Project Costing Definition page of the Project General component.
User Profiles and Roles
The user must meet these requirements to access pages in the Services Forecasting feature:
-
The user must have a PeopleSoft user ID.
-
The employee's user ID must be associated with the employee on the Authorize Users page.
Any user ID can be associated with any employee ID using this page. On the Authorize Users page, you enable users to act on behalf of other users when entering forecasts.
-
The user's profile must be assigned at least one role.
-
The role must be assigned at least one permission list that authorizes access to the desired Services Forecasting feature pages.
The Services Forecasting feature comes with several preconfigured roles based on functional tasks that are typically performed by an individual assigned to that role. Each preconfigured role comes with access to the set of pages within the application that corresponds to the functional tasks of that role. For example, employees can enter and submit their own forecasts and project managers can modify and approve forecasted hours only for projects for which they are designated as the project manager.
User profiles define individual PeopleSoft users. After you create user roles, create user IDs and link them to roles. The values for a user's page access and authorized actions, such as add, update, or review, are inherited from the associated roles.
This table lists the sample security roles that the Services Forecasting feature provides, the role descriptions, and the permission lists that must be associated with each role to use the full functionality of the Services Forecasting feature:
| Role | Description | Purpose | Related Services Forecasting Permission Lists |
|---|---|---|---|
|
ADMINISTRATOR |
Administrator |
Manages system security; specifies installation and business unit options; administers batch processes; grants authorized user access. |
ALLPAGES |
|
Application Administrator |
Sample - App Administrator |
Establishes and maintains business rules for various PeopleSoft Financials and PeopleSoft Supply Chain Management applications. |
EPCO9000 |
|
Employee |
Sample - Employee |
Enters own forecast of project hours and personal hours. |
EPEX1000 |
|
Expense Manager |
Sample - Expense Manager |
Ensures the submission of forecast time by employees who are direct reports. Approves actual time, expense, and travel authorizations for these employees. |
EPEX4000 |
|
Resource |
Resource |
Enters own forecast of project hours and personal hours. |
EPRS5100 |
|
Resource Manager or Practice Manager |
Resource Manager or Practice Manager |
Ensures that resources submit forecasts by deadlines. Manages resource utilization; views and modifies resource schedules and profiles; approves assignments; submits recommendations for resources. |
EPPC2100 EPRS5200 |
|
Project Manager |
Project Manager |
Ensures accurate project forecasts and has the authority to modify and approve all hours forecasted for a project. |
EPEX4100 EPPC2100 |
|
Time and Expense Administrator, EX_AUDITOR |
Sample - Time/Expense Admin, Expenses Auditors |
Enters, monitors, and approves forecast time and actual time and expense for employees, supervisors, and project managers who either have not complied with the process or need assistance. Ensures that processes of submitting forecast and actual data proceed smoothly. |
EPEX5000 |
|
EX_TS_PROJMGR |
Time Report Project Mgr Appr. |
Approves and manages time and expense that are charged to a project against budget targets. Updates and approves forecasts of hours against a project. |
EPEX4100 |
See Also: PeopleTools: Security Administration