Workday Security Overview

Workday Security Overview

1. What is Workday?

Workday HCM is a cloud-based Human resource management software system that unifies a wide range of HR functionality into a single system.

The software provides benefits, talent management, payroll, time tracking, compensation, workforce planning and recruiting.

2. Challenges before workday

  • Overlay Customized Legacy system.
  • Lack Of visibility into People and processes.
  • Reporting difficulties
  • Poor Employee Experience
  • Manual, Inefficient processes.

3. Overall Benefits of using Workday

  • Greater Transparency: Leads to better data Accuracy.
  • Mobile: Allowed associates and managers access to mobile versions of the HR System- Increasing visibility and enabling Quicker, easier access to paychecks, Leave Tracking and , for managers, approvals and Notifications.
  • Audit: We can audit every Transaction in the system, and have the process trial for any action taken.
  • Approvals: Implemented approvals in Workday for a variety of transactions- audit trial shows who approved and when with all comments captured.
  •  Recruiting: All Job openings to be posted in Workday to ensure proper procedures are followed, compliance assured and that recruiters can have over sight ; ensured that background tests occurred prior to Hire and I-9s are captured within the first few days of hiring.
  • Job offers: require to happen in workday assuring accurate and appropriate language- again, limiting variations, allowing for oversight and ensuring approvals.
  • Began requiring any associate/temp/contractor to be input into Workday in order to get global ID assigned.
  • Manager access: Provided access to associate information for all managers and supervisors.
  • Added position management: a way to track budgeted and head count rather than just unlimited job postings.
  • Eliminated manual hiring: Previously all hiring was done on paper.
  • Onboarding– Using workday learning, we can ensure that each associate receives and reviews the most up-to-date and required policies and proper up-to-date training( Safety, compliance) at the right time.
  • Payroll: Payroll closes and reconciles daily, allowing for much more accurate accounting and accruing.

4. Workday Security

    Your security groups configuration underpins all of your Workday tenants. These groups fall into three categories: role-based, user-based, and standard worker.

In role-based groups, the role is given certain security permissions and is constrained on a Workday Organization (for example, Supervisory Organization, Company, etc). Any worker assigned to that role is able to see key data/perform the actions against workers and objects within the Organization (for example positions) as specified for that security group.

User-based security access is generally tenant-wide and these security groups contain critical tenant maintenance functions (for example Business Process Administrator, Security Administrator).

Standard workers are security groups that apply across the majority of the worker population (for example Employee as Self).

Components of Configurable Security:

  • Security Groups: Groups of users who need to perform actions or access data.
  • Domains: Defined tasks and reports that are functionally similar.
  • Domain Security Policies: Rules that dictate which security group can view or modify data within domains.
  • Business process: Workday-delivered processes. You cannot create new business processes, but you can configure them to meet your Workflow requirements.
  • Business Process policies: Rules that dictate which security groups can participate in the business process and in what ways they can participate.

Creating Role-based Security Groups:

Step1: Search for Maintain Assignable Roles Task to create a role.

Step2: Input Role Name and Administered by security Groups names.

Creating Role-based Security Groups

Step 3: Click Ok and Done.

Step 4: Search for ‘Create Security Group’ Task.

Step 5: Input the type of security group, you wish to create. In this scenario input ‘Role-Based security group (Constrained)’.

Step 6: Enter the Name for Security Group.

Enter the Name for Security Group

Step 7: Input Previously created Role in Group Criteria.

Step 8: Leave Default ‘Access Rights to organizations’ and ‘Access rights to Multiple Job Workers’.

Access Rights to organizations

Step 9: Click Ok and Done.

Creating User-based Security Groups:

Step1: Search for Create Security group task.

Step2: Enter User-based Security Group in Type of security group:

Enter User-based Security Group

Step 3: Click Ok and Done.

Click Ok and Done

Step 4: Search for ‘Assign user-based security groups for Person’ task. Enter name of the person to whom you need to assign created User-based security group and click on Ok .

Assign user-based security groups for Person

Step 5: Enter name of the Security group which you need to assign to the user and Click on Ok and Done.

Enter name of the Security group

Important tasks and Functionalities related to security:

  1. To Find what policy to update for a given securable item use:
  • View Security for Securable item.
  1. To Find what security groups a user has use:
  •  View security Groups for user.
  1. To Find who are the members of a Security group :
  •  If User- based – View Security group.
  •  If not user –based, write a custom report with PBO(Primary business object): Security group,   Report field, Members)
  1. To find whether user has access to specific target using a given security group
  •  Test Security Group membership.
  1. To find how did this user get to this task or item and what security group allowed it.
  •    Security analysis for action.
  1. To add or remove a security group from Multiple domain security policies at once.
  • Maintain permissions for security groups.
  1. Given user’s security groups, to find their Cumulative access in tenant
  • Security Analysis for Workday Account.
  1. To find Unassigned roles:
  • Unassigned Organization roles audit.
  • Unassigned Roles audit
  • Unfilled assigned roles audit.
  1. Domain Security Policies can control:
  • Which group can view or modify items in a report/task and Get and Put transactions from an integration.
  1. To Modify Security in workday
  •  Security Configurator/ Security Administrator access should be given.
  1. Report and Task you can use to view and edit domains and BP types between the different Workday Modules.
  • Functional Area Report to View
  • Maintain functional Areas Task to edit.

       Scenario: Say that you, the Security administrator, inadvertently altered a security Policy that revoked access to several key Integrations in your System. What can you do to fix the problem and restore the security quickly ?

  • Run the “Activate previous security Time stamp” to revert to the previous time the Activate pending security policy changes was executed.’’

Report Security:

To Create Custom report you must be assigned to the Report-writer user-based security group  and must have access to Custom report creation Security Domain in addition to this you must have access to :

  • Security Domain for Datasource you want to use.
  • Security domains for report fields you want to add.

To edit and delete custom report, Report Owner and users must have access to

  •  Manage: All custom reports security domain.

Who can share the created Custom reports?

Report Writers must have access to below mentioned security domains to use the sharing options:

  • Domain:Report Definition sharing –All Authorised Users
  • Domain: Report Definition Sharing- Specific groups
  • Domain: Report Definition Sharing-Specific users

Who can transfer Ownership of a report?

Use Transfer ownership of custom reports task to transfer the ownership of a report.You must have access to the Custom Report Administration or Manage: All custom reports security domain to transfer ownership of reports owned by other users.

Leave a Reply

SOAIS - Worksoft Newsletter

To view on your browser, click here
Facebook Twitter LinkedIn
Dear Default Value,

Welcome to SOAIS Newsletter of September 2021!

Continuous Testing with Remote Execution
The speed of innovation continues to increase, driving rapid and relentless change for today’s ever-evolving IT landscapes, creating greater risk as IT and business teams scramble to ensure timely delivery. How can your organization keep pace? Test more, worry less. With Worksoft’s Connective Automation Platform, you can easily build and maintain automated tests, accelerating testing time without losing scope or volume. You can schedule and execute remote, continuous tests to intercept defects sooner and prioritize remediation - without sacrificing your nights and weekends. Explore how continuous test automation and remote execution can empower your organization.

Click here to connect with us to get more information on our services.

Skip Costly Rework with Dynamic Change Resiliency​

Change resiliency is imperative in ever-evolving IT environments. Our patented object action framework streamlines change management by assigning object definitions to your shared assets. The same object may be used in a thousand automation steps, but it can be easily updated by making one simple change to the model definition. The change automatically propagates to every single instance where that object may have been used without a single line of code or manual human involvement. For more change readiness you can also engage our Impact Analysis for SAP to predict how changes in SAP transports will affect your business processes. 

Please click here to watch the video to get a gist.

SOAIS Blog – Nuts and bolts of Certify Database Maintenance​

One of the key thing, which is often missed by the organizations, who have invested in using Worksoft Certify for automating their Business Process Validation initiatives, is implementing a Database Maintenance Plan. While the business and the test automation consultants get excited about the shiny new thing that they have got and start building the regression suite; planning and executing a database maintenance plan for most of the customers gets pushed down the priority list. However, since all the test assets in Certify are stored in a Database, a robust database maintenance plan is very important to maintain smooth operation of Certify with acceptable performance criteria. The customers usually start facing issues once they have built significant number of Certify processes which they have started executing on regular basis. Such executions add a lot of data to the tables storing results data and increase the overall size of the Certify database.

Please click here to read the complete blog.

Worksoft Blog – Process Intelligence: A Multi-Dimensional Approach

The ability to extract process knowledge has become easier through the years. Technology has evolved to the point where we can deploy capabilities that connect at multiple levels to extract different types of process insight. In the past, organizations were forced to spend enormous energy extracting data manually from different applications and databases. Then, they would have to use things like spreadsheets to transform the data and convert it into meaningful information. 

Please click here and read the complete blog.
Unit 9, Level 5, Navigator, ITPL,
Bangalore - 560 066.
Phone: +91 80 40071234
Suite 101, 1979, N Mill St,
Naperville, IL 60563
Phone 1-800-262-2427
Please click here to Unsubscribe / Unsubscribe Preferences

Leave us your info