Peoplesoft Security: Session Learning Objectives

PeopleSoft Security
Andreas Faruki
Scott Jorgensen
Deloitte & Touche
ISACA Spring Conference

April 28, 1999
Session Learning Objectives

PeopleSoft Security
■ To present the security components and audit

considerations within the PeopleSoft environment
■ At the end of this session, the participant should
be able to:
– Understand the control architecture of PeopleSoft in
the client server environment
– Understand the key components of PeopleSoft
security that administrators must consider
– Understand audit considerations of each security
component of PeopleSoft
© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 2
1
Session Topics
PeopleSoft Security
■ PeopleSoft Control Architecture

■ Operator Security
■ Financials Security
■ HRMS Security
■ Query Security
■ Other Reporting Tools
■ Object Security
■ Process Scheduler Security
PeopleSoft Security
PeopleSoft Control Architecture
2
Database System Components
PeopleSoft Security
PeopleSoft stores data in what is known as a Table.
APVENDOR - Table
Vendor # Vendor Name Address State City Bank Account
132 Burns Inc. 2 Main Connecticut Bethel 067543252
133 JPB Co. 47 White Connecticut Stamford 045356772
134 Burns Cons. 15 South Connecticut Hartford 657438792
152 Jim Trucking 77 Maple Connecticut Stamford 749900172

PeopleSoft Security
Column security represents the same data field across all records
in a table. (i.e. Vendor #)
3
PeopleSoft Security
A field on a PeopleSoft screen allows an user to view or

update a column of data in a table.

PeopleSoft Security
Row security represents all fields within a specific record.

(i.e. all rows of data for vendor 132)
4
PeopleSoft Security
Financials and HRMS offer row level security. Row security can
restrict an user’s access to a subset of records based upon a value
within a field in the record. (i.e. all rows of data for Ledger Budget)

PeopleSoft Security
Field security represents a value for a field within a record in

a table. (i.e. Bank Accounts should not be displayed on the default Panel)
5
PeopleSoft Security
Field security is implemented by:
• Modifying Panels to remove a specific field

• Adding PeopleCode to a record definition to perform
a certain action based upon the value in the field or the
Operator performing the action.
PeopleSoft comes with no Field level security.
PeopleSoft Control Environment

PeopleSoft Security
Network Security
PeopleSoft User Authentication 7
Financials HRMS Reporting & Query Objects

Query PS/nVision SQR
Menu Security 7 Menu Security 7

Trees Menu Security 7
Row Security 7 Tree Security 7
Access
Preferences Preferences
7
Groups Operator Menu Object Groups
Security
Workflow Security 7 Workflow Security7 Preferences
Process
Custom Panels or Custom Panels or Security 7
Scheduler Change Control 7
PeopleCode PeopleCode Records
Database Security
Operating System Security
7 - Denotes Changes in Version 7
6
Network Security
PeopleSoft Security
Network Security
• Standard Network Security found in any client server

environment.
• PeopleSoft does provide a hook to allow a single
sign-on solution.
• Three-tier Application Server provides additional
points of access
Database Security
PeopleSoft Security
Database Security
Single Sign-on RBDMS uses common login user id (connect id)

which results in no audit trail on activity at the
database level.
User Id PeopleSoft Operators require only read access to a

limited number of tables to validate their login.
Server Logon
Security If not enabled users have the ability to change their
password in PeopleSoft and the RBDMS
7
Operating Systems Security
PeopleSoft Security
Operating System Security
No additional security issues based upon a PeopleSoft solution.
Same concerns as would exist in any application.
PeopleSoft Control Environment

PeopleSoft Security
PeopleSoft ID/Password Security

7
Operator ID / Password Unique string of alpha numeric

characters used to identify and
authenticate a PeopleSoft user.
Owner ID / Password Unique string of alpha numeric
characters used to identify the owner
of the PeopleSoft RDBMS tables.
Access ID / Password Unique string of alpha numeric

characters used to identify and
authenticate a user called to the
PeopleSoft tables.
Access Profile 7 Version 7 specific, serves same

purpose as Access ID in v5 &v6.
8
PeopleSoft Security
Operator Security
Configurable Components
PeopleSoft Security
Operator ID String of alpha-numeric characters

which uniquely identifies a PeopleSoft
user.
Operator Class String of alpha-numeric characters

which uniquely identifies a group of
PeopleSoft Operator Ids.
Primary Operator Class The Operator Class which takes

precedence when multiple Operator
class are assigned to an Operator Id.
Operator Password String of alpha-numeric characters

used to authenticate a PeopleSoft
Operator Id.
Session 5 18
9
PeopleSoft Security
Background disconnect Interval Length of time a database connection

will stay active with no activity.
Timeout Minutes Length of time a PeopleSoft session

will remain active with no activity.
Access Profile Database User Id and password used

by PeopleSoft when processing an
Operator’s database calls.
Sign-on Times Days and times that a PeopleSoft

Operator Id is authorized to sign-on.
Session 5 19
PeopleSoft Security
Business Process Map Graphical presentation of a business process,
used by an Operator to navigate through
PeopleSoft panels. Does not supercede
Menu/Panel Security.
Process Group Logical grouping of PeopleSoft batch jobs

which is used to restrict which Operators can
submit them.
Menu / Panel Graphical presentation of PeopleSoft fields

which are used in a common business
process or function.
Row Level Security Class The Operator Class which will be used for
restricting an Operator’s row level access.
(Does not work system uses Primary class)
Session 5 20
10
Functionality
PeopleSoft Security
Operator Id or Operator Class Definition
Session 5 21
Functionality
PeopleSoft Security
Background Disconnect & Time-Out Minutes
11
Functionality
PeopleSoft Security
Access Profile
Functionality
PeopleSoft Security
Menu Name / Bar Name / Item Name / Actions / Panels / Display Only
12
Functionality
PeopleSoft Security
Administer Base Benefits / Use / Benefit Program Participation
Functionality
PeopleSoft Security
Benefit Program Participation
13
Functionality
PeopleSoft Security
Within a Panel the following actions can be granted
Add Add current effective dated records only.
Update/Display Insert effective dated rows which are greater than the current
and display current and future effective dated rows.
Update/Display All Insert effective dated rows which are greater than the current
and display all historical, current and future effective dated
rows.
Correction Add, change or delete historical, current and future effective

dated rows. YOU LOSE THE AUDIT TRAIL!!!!
Additionally, you may override an actions by assigning:
Display Only Display only current effective dated records and overrides the
action/panel access.
Functionality
PeopleSoft Security
Sign-on Times
14
Functionality
PeopleSoft Security
Process Groups
Functionality
PeopleSoft Security
Process Group Listing
15
Functionality
PeopleSoft Security
Operator Class / Row-Level Operator Class
Auditability
PeopleSoft Security
■ Ensure that PeopleSoft Operator Ids are valid and

authorized.
■ Ensure that PeopleSoft Operator Ids are restricted to

appropriate days and times of operation.
■ Ensure that PeopleSoft Operator Ids are timed out

after an appropriate period of inactivity.
■ Ensure that PeopleSoft Operator Ids access to Menus,

Panels, Actions is appropriate based upon assigned
job duties.
Session 5 32
16
PeopleSoft Security
Financials Security
Control Environment Components

PeopleSoft Security
Financials
Menu Security 7
Row Security
Preferences
Workflow Security
Custom Panels or PeopleCode
Menu Security Controls the menus / panels which a

PeopleSoft Operator can access and the
actions they can perform. This translates
into controlling the columns of data which
appear on the panel. Multiple Classes
allowed per Operator in Version 7.
17
PeopleSoft Security
Financials
Menu Security
Row Security 7
Preferences
Workflow Security
Row Security Controls which rows of information will

be displayed on the menus / panels which
a PeopleSoft Operator can access. The
row criteria which can be filtered include
Analysis Group, Ledger, nVision,
Project, TableSet, Business Unit, Book
and Pay Cycle. Separate Operator
Class allowed for Row Security.
PeopleSoft Security
Row Level Security

■ Seven fields can be used to implement security at
the ID or Class level.
– Business Unit - determines the tables of information that can be
accessed.
– SetId - determine the set of accounting structures and rules (chart
of accounts) that can be accessed.
– Ledger - determines which general ledgers can be accessed.
– Book - determines asset books which can be accessed.
– Project - determines which project trees can be accessed.
– Analysis Group - determines what resource transactions can be
processed in project costing.
– Pay Cycle - determines the vendors which can be accessed.
Session 7 36
18
PeopleSoft Security
nVision Security Row level security provided by

creating combinations of
Business Units and Ledgers
and assigning Operator ID /
Class.
Session 7 37
Control Features
PeopleSoft Security
Row Level Security Options
Session 7 38
19
Control Features
PeopleSoft Security
■ Business Unit Security
Session 7 39
Control Features
PeopleSoft Security
■ nVision Security
Session 7 40
20
PeopleSoft Security
Financials
Menu Security
Row Security
Preferences 7
Workflow Security
Preferences Controls the default values of some key

fields which a PeopleSoft Operator can
access and some actions they can perform.
(i.e. Voucher Amount Limits)
PeopleSoft Security
■ Operator Preferences
– Payables
– Purchasing General Defaults
– Requisition Authorizations
– Purchase Order Authorizations
– Receivables Data Entry
– Vendor Maintenance
Session 7 42
21
Control Features
PeopleSoft Security
Payables
Session 7 43
Control Features
PeopleSoft Security
Purchase Order Authorizations
Session 7 44
22
Control Features
PeopleSoft Security
Vendor Maintenance
Session 7 45

PeopleSoft Security
Financials
Menu Security
Row Security
Preferences
Workflow Security 7
Workflow Controls can be implemented to require

messaging or approval verifications based
upon pre-defined system events. When a
PeopleSoft Operator updates an invoice
amount, workflow can cause an approval
limit check to occur and a message to be
routed to a manager if limits are
exceeded. Version 7 enhanced
functionality and usability of product.
23
PeopleSoft Security
Financials
Menu Security
Row Security
Preferences
Workflow Security
Custom Panels
or PeopleCode Default menus / panels can be modified to
remove specific fields. Additionally,
PeopleCode can be written and attached
to a field to cause specific processing to
occur based upon the Operator performing
the process or a value in the field.
PeopleSoft Security
Field Security
PeopleCode Security can be added by writing
PeopleCode and attaching it to the data
table definition. When the table is access
PeopleCode would be invoked.
Custom Panels PeopleSoft delivered panels can be

customized to not show certain fields. If
this is done all users of the customized
panel are still presented with the same
options. Custom Panels can not be user
specific unless different ones are created
for each user.
Session 7 48
24
Control Features
PeopleSoft Security
Field Security
■ People Code
****************************************************/
if %OperatorClass = "APADM" and
%PanelGroup = "VCHR_STD" then
gray_apprvl_flds();
UnGray(MATCH_STATUS_VCHR);
UnGray(BUSPROCNAME);
UnGray(APPR_RULE_SET);
Hide(BUSPROCNAME);
Hide(APPR_RULE_SET);
end-if;
/***************************************************/
Session 7 49
Auditability
PeopleSoft Security
■ Ensure that users access to financial

information is appropriate based upon
assigned job duties.
■ Ensure that users ability to produce nVision
reports is appropriately restricted based upon
■ Ensure that controls defined within Operator
Preferences is appropriate based upon
Session 7 50
25
PeopleSoft Security
HRMS Security

PeopleSoft Security
HRMS
Menu Security 7
Row / Tree Security

Global Preferences
Workflow Security

appear on the panel. Multiple Classes
allowed per Operator in Version 7.
26
PeopleSoft Security
HRMS
Menu Security
Row / Tree Security7
Global Preferences
Workflow Security
Row / Tree Security Organization Tree controls which rows

of information will be displayed on the
menus / panels which a PeopleSoft
Operator can access. An Operator is
given access to a node on the tree and as
a result all employee records which fall
below that node. Separate Operator
Class allowed for Row Security and a
choice of Tree’s key field.
PeopleSoft Security
Row Security Controls which rows of information will be

displayed on the menus / panels which a
PeopleSoft Operator can access. The row
criteria which can be filtered includes Analysis
Group, Ledger, nVision, Project, TableSet,
Business Unit, Book and Pay Cycle
Hierarchical Single field row access control which allows the

cascading of rights within the field structure.
Department ID is delivered field but can
substitute other single-fields.
Non-Hierarchial Single or multiple field table access which does

not cascade rights.
27
PeopleSoft Security
Hierarchical Structure
HR Row Security Using organizational authority, controls which

rows of information will be displayed on the
menus / panels which a PeopleSoft Operator
can access
Security Tree A security structure that graphically represents

the hierarchy of your organization.
Tree Level Represents a logical division in your business

hierarchy (eg. department, branch or region).
PeopleSoft Security
Tree Node Represents an organizational entity on

the tree.
Department ID String of alpha-numeric characters

which uniquely identifies a
department.
Access Code For trees, the access codes are

Read/Write Access or No Access.
Tree Effective Date Date which Trees are effective for row
security.
28
PeopleSoft Security
Tree Manager A PeopleSoft tool that

provides a visual means to
build a hierarchy of security
for all organizational
entities.
Functionality
PeopleSoft Security
Hierarchical Security, Department Tree
29
Functionality
PeopleSoft Security
Hierarchical Security, Tree Structure Definition
Functionality
PeopleSoft Security
Hierarchical Security, Department Table
30
PeopleSoft Security
HRMS
Menu Security
Tree Security
Global Preferences 7
Workflow Security
Global Preferences Controls the screen functionality

associated with global panels / menus that
a PeopleSoft Operator can access.
Functionality
PeopleSoft Security
Global Security, Installation Table 3(Which Global Security

to Implement)
31
PeopleSoft Security
HRMS
Menu Security
Tree Security
Workflow Security
Workflow Controls can be implemented to require

messaging or approval verifications based
upon pre-defined system events. When a
PeopleSoft Operator updates an invoice
amount, workflow can cause an approval
limit check to occur and a message to be
routed to a manager if limits are
exceeded. Version 7 enhanced
functionality and usability of product.

PeopleSoft Security
HRMS
Menu Security
Tree Security
Workflow Security
Custom Panels
or PeopleCode Default menus / panels can be modified to
remove specific fields. Additionally,
PeopleCode can be written and attached
to a field to cause specific processing to
occur based upon the Operator performing
the process or a value in the field.
32
Auditability
PeopleSoft Security
• Ensure that Global Security Panels are

appropriately restricted.
• Ensure that access to HR data is authorized

and appropriate based upon assigned job
duties.
PeopleSoft Security
Query Security
33
PeopleSoft Security
Query
Trees
Access Groups
Profiles
Security Record Definitions 7
Query Trees Graphical representation of Tables to

which you wish to control query access.
Access Groups Nodes in Query Trees where you would

group Operators and assign them access to
all tables under the node.
Functionality
PeopleSoft Security
Query Tree
34
Functionality
PeopleSoft Security
Operator Id Access Groups

PeopleSoft Security
Query
Trees
Access Groups
Profiles
Security Record Definitions 7
Query Profiles Controls what query options or functions

are available to an Operator.
Security Record
Definition Set as part of the record definition and
performs row level security filtering.
35
Functionality
PeopleSoft Security
Query Profile
Functionality
PeopleSoft Security
Query Security Record
36
Auditability
PeopleSoft Security
■ Ensure that Query Operator Preferences are

appropriate.
■ Ensure that data which an Operator can access

through the use of Query is authorized and
appropriate based upon assigned job duties.
■ Ensure that Operator Ids with access to Query

Menus / Panels / Activities are valid and their access
is authorized and appropriate based upon assigned
job duties.
PeopleSoft Security
Other Reporting Tools
37
PeopleSoft Security
PS/nVision
Operator Security
Operator Security Operator Ids are granted access to

Business Units and Ledgers.

PeopleSoft Security
SQR
Menu Security
Process Scheduler

appear on the panel.
Process Security Groups Logical grouping of process definitions
for the sole purpose of assigning access
rights. One process definition can belong
to multiple Process Security Groups.
Operators are made members of these
groups.
38
PeopleSoft Security
SQR
Menu Security
Process Scheduler
Process Scheduler PeopleSoft automated process scheduling tool.
Process Definitions Defines processing characteristics of the SQR
Operator Profile Defines processing capabilities of the Operator.
PeopleSoft Security
Object Security
39
PeopleSoft Security
Objects
Menu Security 7
Object Groups
Change Control 7

appear on the panel. The introduction of
Application Designer has included
functionality to control access to
various object types.
PeopleSoft Security
Object PeopleSoft entity created using

PeopleTools.
Object Type A classification code used to differentiate

the objects which can be created.
Object Groups Collection of one or more objects that form

a logical group for security purposes.
Object Security Rules Set of rules which dictates how the system
interprets object security settings.
40
PeopleSoft Security
PeopleTools PeopleSoft’s utility and development

software.
Application Designer PeopleSoft’s development utility
Change Control PeopleSoft’s system development control

software.
Upgrade PeopleSoft’s development tool to perform

application upgrades.
Tree Manager Utility for creating trees and tree structures.
Import Manager Utility for creating import definitions.
PeopleSoft Security
12 Object Types
Import Definitions (I) Specifications for importing files

Menu Definitions (M) Menus used by users
Panel Definitions (P) Panels used by users
Panel Group Definitions (G) Logical group of related panels
Record Definitions (R) Tables
Trees (E) Trees for defining data relationships
Tree Structure Definitions (S) Logical structure of a tree
Projects (J) Logical groups of other objects
Translate Tables (X) Table layouts used to import data
Query Definitions (Q) Queries
Business Process Maps (U) Menus linked into a logical order
Business Processes (B) Links business process maps into one process
41
PeopleSoft Security
Object Security Rules
1. Is the Object assigned to any object group? If not anyone has update
access to it; access is granted.
2. Is the Object a part of an object group assigned to the operator’s

security profile? If not, the system denies access and displays a access
not allowed message.
3. Do all of the object groups, of which the object is a member, have the
display-only option disabled? If not, the system displays a message that
says it is not an object that you are authorized to update. The object is
then displayed with the File, Save option grayed.
(If object is an Application Designer Object then additional security

checks are performed.)
Functionality
PeopleSoft Security
Menu Access
42
Functionality
PeopleSoft Security
Defines whether an Operator can access Application Designer
Functionality
PeopleSoft Security
Within the Application Designer Menu access to Object Types is defined
No Access
Read-only Access
Full Access
Update Translates Only
(Fields only)
Data Admin Only
(Records only)
43
Functionality
PeopleSoft Security
Functionality
PeopleSoft Security
If change control locking is enabled this setting overrides your Object

Type settings.
Restricted Access - Operators can only view Application Designer

definitions not create, modify or delete.
Develop Access - Operators can lock and unlock their own locked
objects.
Supervisor Access - Operators can unlock and lock any object.
44
Functionality
PeopleSoft Security
No Access - will disable all of Application Designers Tools, Upgrade

menu items. Users can still view and modify the upgrade settings but
can not run any upgrade process.
Functionality
PeopleSoft Security
No Access Operator cannot access the Build menu items or the

Tools, Data Administration menu items.
Build Scripts Only Operators can use the Build dialog, but the Execute
SQL now and Execute and Build scripts options are
disabled.
Build Online Operator can use all Build dialog options but access
to the Tools, Data Administration menu items is
disabled.
Full Data Admin Access Operator can use all Build dialog options and use
the the Tools, Data Administration menu items.
45
PeopleSoft Security
Objects
Menu Security 7
Object Groups
Change Control 7
Object Groups Logical grouping of objects for the sole

purpose of assigning access rights by
operator class.
Functionality
PeopleSoft Security
Creating an Object Group
46
Functionality
PeopleSoft Security
Assigning an Operator ID / Class Access to an Object Group
Functionality
PeopleSoft Security
■ **ALL OBJECTS** Group

– Default “supergroup” maintained by the system,
that includes all system objects.
– Access to this group overrides any other group ID
assignments you make.
– Restricting access to this group has no security
effect.
– Display only mode only applies to the object groups
in the Excluded Group ID list
47
PeopleSoft Security
Objects
Menu Security 7
Object Groups
Change Control 7
Change Control A PeopleTool used to manage and track

development.
Locking Programmers can lock objects to prevent

concurrent changes.
Change Control History Programmers can be required to provide

comments when changing objects.
Stamping Date and Operator ID are recorded on each

object when changed.

PeopleSoft Security
Objects
Menu Security 7
Object Groups
Change Control 7
Change Control Security Restricted Access overrides menu security to

provide read only access.
Developer Access provides locking and
unlocking functionality
Supervisor Access can override all locking
and unlocking.
48
Auditability
PeopleSoft Security
■ Ensure that Operator access to PeopleTool Objects

is authorized and appropriate based upon assigned
job duties.
■ Ensure that PeopleSoft Change Control functions are

implemented in a manner which prevents concurrent
changes of Objects.
■ Ensure that Operator Ids with access to

Development tools are valid and their access is
authorized and appropriate based upon assigned job
duties.
PeopleSoft Security
Process Scheduler Security
49
PeopleSoft Security
Process A single run request, such as a COBOL

program or a report.
Process Type A global process definition which allows
related process definitions to share common
parameters.
Process Job A logical linking of processes to accomplish
a task.
Process Security Groups A logical grouping of processes that have
the same security requirements.
Process Request A process that has been submitted to the
process scheduler.
Recurrence Definition A schedule that can be assigned to a
process.
Functionality
PeopleSoft Security
Operator Profile
Allow Process Request Update By defines who can update a process request.
Update Server Status allow a user to suspend, restart or bring down a server.
Override Server Parms allows a user to change the server name and run date/time.
Update Recurrence Definition allows a user to change the time a process occurs.
50
Functionality
PeopleSoft Security
Assign Processes to Process Security Groups
Functionality
PeopleSoft Security
Process Job Definition
51
Functionality
PeopleSoft Security
Process Job Security
Functionality
PeopleSoft Security
Assign Process Security Groups to Operators or Classes
52
Auditability
PeopleSoft Security
■ Ensure that Operator’s access to submit

processes is authorized and appropriate based
upon assigned job duties.
■ Ensure that Operator Process Profiles are

defined in a manner which safeguards the
processing of batch jobs.
PeopleSoft Security
Session Recap
53
Session Topics
PeopleSoft Security
■ PeopleSoft Control Architecture

■ Operator Security
■ Financials Security
■ HRMS Security
■ Query Security
■ Other Reporting Tools
■ Object Security
■ Process Scheduler Security
PeopleSoft Security
Questions
54

Peoplesoft Security: Session Learning Objectives

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Peoplesoft Security: Session Learning Objectives

Uploaded by

Copyright:

Available Formats

PeopleSoft Security

ISACA Spring Conference

Session Learning Objectives

■ To present the security components and audit

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 2

■ PeopleSoft Control Architecture

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 3

PeopleSoft Control Architecture

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 4

PeopleSoft stores data in what is known as a Table.

132 Burns Inc. 2 Main Connecticut Bethel 067543252

133 JPB Co. 47 White Connecticut Stamford 045356772

134 Burns Cons. 15 South Connecticut Hartford 657438792

152 Jim Trucking 77 Maple Connecticut Stamford 749900172

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 5

Database System Components

Vendor # Vendor Name Address State City Bank Account

132 Burns Inc. 2 Main Connecticut Bethel 067543252

133 JPB Co. 47 White Connecticut Stamford 045356772

134 Burns Cons. 15 South Connecticut Hartford 657438792

152 Jim Trucking 77 Maple Connecticut Stamford 749900172

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 6

A field on a PeopleSoft screen allows an user to view or

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 7

Database System Components

Row security represents all fields within a specific record.

Vendor # Vendor Name Address State City Bank Account

132 Burns Inc. 2 Main Connecticut Bethel 067543252

133 JPB Co. 47 White Connecticut Stamford 045356772

134 Burns Cons. 15 South Connecticut Hartford 657438792

152 Jim Trucking 77 Maple Connecticut Stamford 749900172

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 8

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 9

Database System Components

Field security represents a value for a field within a record in

Vendor # Vendor Name Address State City Bank Account

132 Burns Inc. 2 Main Connecticut Bethel 067543252

133 JPB Co. 47 White Connecticut Stamford 045356772

134 Burns Cons. 15 South Connecticut Hartford 657438792

152 Jim Trucking 77 Maple Connecticut Stamford 749900172

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 10

Field security is implemented by:

• Modifying Panels to remove a specific field

PeopleSoft comes with no Field level security.

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 11

PeopleSoft Control Environment

Financials HRMS Reporting & Query Objects

Menu Security 7 Menu Security 7

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 12

• Standard Network Security found in any client server

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 13

Single Sign-on RBDMS uses common login user id (connect id)

User Id PeopleSoft Operators require only read access to a

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 14

Operating System Security

No additional security issues based upon a PeopleSoft solution.

Same concerns as would exist in any application.

© 1998 Deloitte Touche Tohmatsu. All rights reserved. fico.ppt 15

PeopleSoft Control Environment

PeopleSoft ID/Password Security

Operator ID / Password Unique string of alpha numeric

Access ID / Password Unique string of alpha numeric