Responsibilities
Responsibilities control what applications the user can access and - once in
- what they can do within the application. They control what screens the
user sees, what choices they may make from those screens, what reports
they can run, and, at the lowest level, what CoA segment values they can
transact to or report on. Users may have multiple responsibilities to
access the various applications such as General Ledger, Budget Tool or
Data Warehouse.
Responsibilities can be classified into two broad classes:
- Transactional responsibilities, which allow you to create
transactions (pay invoices, enter journals, budget funds) in the central Oracle
financial OLTP (On-Line, Transactional Processing) system using modules like General
Ledger or the Budget Tool, or through self-service web applications like Web Voucher,
Web Reimbursement, and PCard.
- Reporting responsibilities allow you to report on the transactional
data that is copied nightly from the OLTP system to the Harvard Data Warehouse
(HDW) using HUDINI, AWS2, FINSTAR or Ad Hoc Reporting.
Transactional Responsibilities
Transactional responsibilities may themselves be broken down further into two categories.
- Application Responsibilities
- Self-Service Responsibilities
Applications Responsibilities
 These
responsibilities control user access to Oracle modules like General Ledger,
Accounts Payable, Accounts Receivable, the Budget Tool and the Chart-Security
Maintenance Application (CSMA). The applications employing these responsibilities
are Oracle Forms-based and launch the standard Oracle Applications Navigator
(see right) window at the time they are selected.
Each Application responsibility is uniquely identified with a specific module, such as General Ledger, Budget Tool, Accounts Receivable or CSMA.
Each module’s responsibilities are then uniquely configured with the following elements:
- Menus which define which options will appear on the user’s
Navigator screen
- Flexfield Security Rules (FSRs) which define the
CoA values a user may transact to or report on. FSRs on transactional
responsibilities restrict access by Tub and Org ranges as well as Object
Codes limiting the 33-digit code combinations the user may transact
to. Access to the fund, activity, and root segments are limited by cross-validation
rules, which control what orgs may be used with these segments.
Applications Responsibilities Naming Convention
Application Administration follows standardized naming conventions when creating
new responsibilities. These standardizations assist end users in identifying the
application and the level of access each responsibility provides. These naming
conventions consist of 5 to 6 separate elements as outlined in the diagram below
or on the Responsibility
Naming Conventions page on ABLE.
 |
|
Sample General Ledger Responsibility Name: | HRVD^GL^CADM^55630^BIE |
Sample Budget Tool Responsibility Name: | HRVD^BUD^CADM^S5563^IE-S |
|
Sample Accts Receivable Responsibility Name: | HRVD^AR^CADM^55630^INV |
|
The Object portion of the naming convention contains codes that reflect the
object code security rule that has been assigned to the responsibility. Click
here
to download an Excel file with the current codes used in General Ledger and Budget
Tool responsibilities and the ranges of object codes that they permit.
Some central administrative units my require broad University-wide access. For those responsibilities the Tub Acronym portion of the name will have the characters “UNV”, designating a University-wide responsibility. University-wide access requires authorization from the the General Accounting and Finance office.
User Security for Self-Service Applications
 Self-Service
responsibilities control user access to Harvard’s custom Self-Service
web applications. These Self-Service applications have a different look-and-feel
than the standard Oracle applications and also operate on a slightly different
security model. The same generic responsibilities are assigned to all
users to access these web applications.
Security for Web Voucher and Web Reimbursement is based upon the use of Approval
Groups. Approval Groups define the CoA values an Approver may approve. As in the
other Oracle transactional applications security is restricted to the org and
object code segments. Standard object
code restrictions apply to all Approval Groups. Approval Groups are assigned
directly to individual users.
There are two types of Self-Service users:
Preparer Preparers may enter vendor invoice payments
or business-related reimbursements, and submit them for approval to an
Approver. The Preparer can enter any amount and any valid 33-digit combination
of CoA values and then forward the completed Web Voucher or Web Reimbursement
to their Approver.
Approver Approvers approve vendor invoice payments or business-related
reimbursements submitted to them for approval by Preparers. Approvers ability
to approve transactions is based on the Approval Group assigned to them. Approvers
may also prepare vendor invoice payments and business-related reimbursements.
Reporting Responsibilities
 Harvard
Data Warehouse (HDW) responsibilities control user access to Harvard’s
suite of custom financial reporting applications, such as AWS2 and HUDINI
as well as Ad Hoc reporting environments like FinStar.
Each HDW responsibility is uniquely configured with the following elements:
- Menus which define which reports will appear on the user’s
Navigator screen
- Flexfield Security Rules (FSRs) which define the
CoA values a user may report on. In reporting responsibilities the 33-digit
code combinations on which a user may report are restricted by object
code and any combination of 2 of the following segments, Org, Fund,
Activity or Root.
- Access
Flags which allow access to additional information on some
standard reports and to special “zones” of information in the Ad Hoc
reporting environments.
HDW Responsibility Naming Convention
Application Administration follows standardized naming conventions when creating
HDW responsibilities. These standardizations assist end users in identifying the
level of access provided by the responsibility. The naming convention for HDW
responsibilities consist of 5 separate elements as outlined in the diagram below
or on the Responsibility
Naming Conventions page on ABLE.
 |
Sample HDW Responsibility Name: |
HDW^CADM^O55630^BIE^PSH |
Sample HDW Responsibility Name: |
HDW^HMS^O45340,R65519^BIE-S^PSH |
Sample HDW Responsibility Name: |
HDW^FCOR^F016150,A600330^BIE^PS |
The Object portion of the naming convention contains codes
that reflect the object code security rule that has been assigned to the responsibility.
Click here
to download an Excel file with the current codes used in HDW responsibilities
and the ranges of object codes that they permit.
The Other portion of the naming convention contain Access Flags that reflect
the “zone” of information or level of detail to which the responsibility
grants access. Click here
to download an Excel file with the current access flags and their zone descriptions. |