230 likes | 333 Views
Coordinating Identity Management – a partnership between HR and IT. Western Carolina University; Cullowhee, NC Diana Catley Patti Johnson Stan Hammer. Background. History ~1400 permanent faculty and staff ~9000 students Motive
E N D
Coordinating Identity Management – a partnership between HR and IT Western Carolina University; Cullowhee, NC Diana Catley Patti Johnson Stan Hammer
Background • History • ~1400 permanent faculty and staff • ~9000 students • Motive • IT – who’s who? when to terminate accounts? accounts for new employees – when? for whom? for how long? • HR - Implementation of Banner HR/Payroll
Challenges • Silos of outdated HR/IT procedures and policies • IT – account policy dated 2000; signature required – but who signed? • HR - needed new forms and processes to accurately enter data into Banner
Challenges, cont. • Determining balance and needs of stakeholders • HR / Payroll / Budget • Academics • Administrative (departments) • Student portal and LMS systems (Blackboard) • Information Technology • Guests / volunteers
Challenges, cont. • When to grant / revoke access? • How to handle in-between periods? Ideal world Last Work Date Last Access Date
PEATMVF - Employee Termination who is active in PEAEMPL but terminated Job Record Challenges, cont.
Challenges, cont. – Early/Late Access • Non-returning leave-earning EPA non-faculty, using up some earned leave • Non-returning instructors - contract ends with some students in incomplete status • Re-hired / returning instructors (having space between end of previous access, begin of current access)
Outcomes - Approach • Joint ownership of problems and solutions between HR and IT • Only stakeholders involved in the beginning (HR/IT) • Evolution of design – continuing to evolve • Now: reaching out to more stakeholders
Outcomes – Business Processes • Forms and processes – university policies drive processes • Reports and usages – HR and IT Help Desk can answer questions from campus on access • Application & Data integration between systems • Role-based security
Outcomes - Goals • Easy to figure out problems and solutions • Wide application for use campus-wide PeopleAdmin
Outcomes – Goals / Synchronize EMail/Active Directory/Outlook Values updated/sync’d from Database of Record, Banner
Outcomes – Goals / Selection of groups WITH BB_Users AS (SELECT * FROM TABLE (wcuidm.f_group_members ('E')) UNION SELECT * FROM TABLE (wcuidm.f_group_members ('35')) UNION SELECT * FROM TABLE (wcuidm.f_group_members ('SA')) UNION SELECT * FROM TABLE (wcuidm.f_group_members ('8'))) Group Codes
Outcomes – Goals, cont. • Precise understanding • Stability / error reduction • Single source of data • Accountability for both hiring supervisor and employee • no access until all compliance paperwork has been completed • termination takes place on predetermined dates
Outcomes – Goals, cont. • Auditable • Banner data drives group membership • Banner data drives access control
Outcomes – Goals, cont. • Auditable, cont. • Banner data drives access control
Conclusion • Audit defensible system • Revising policies to meet auditor and WCU business practices • Clarifying early access / late access based on stakeholders/audit requirements • Created efficiencies • Provide timely service to campus • Accountability
Conclusion, cont. • Future direction: • Completely automating the process • Further training & communication • Exceptions, exceptions, exceptions – how to handle exceptions to group membership based exclusively on HR data vs. organizational vs. adhoc
Conclusion – Future directions, cont. General Groups Faculty Instructor Student Employee Automated Groups Organizational Groups Department Head Dean Department Functional Groups Financial User Travel Administrator Work Order Requester Manually Managed
Questions? • Diana Catley – dcatley@wcu.edu • Patti Johnson – pjohnson@wcu.edu • Stan Hammer – shammer@wcu.edu