Security Groups and Security Roles
Security Groups define a subset of people with specific responsibilities and permissions. When a business process runs, the role for each step includes all of the workers in that role in the business process target organization.
Security Groups enable support to what an administrator can do, what they can see and where they can do/see it. An administrator may have multiple Security Groups to allow them to support different roles.
A role-based Security Group specifies one organization role and includes workers in job positions defined for that organization role.
Request Security Role Changes
To make changes to Security Roles, send an email to HRWMS@uw.edu and include details about the change. A member of the WMS team will create a UW Connect ticket in order to track the request and will follow up with you for additional details, if necessary.
When your organization needs to change Security Roles, your Supervisory Organization’s HR/Academic Partner should submit the form at the link below.
- Security Roles are assigned at a Supervisory Organization level.
- A separate form must be submitted for each individual who requires a change to their Security Roles.
- Any required internal department/unit approvals should be completed prior to submitting the form.
- All required training must be completed prior to submitting the form.
- If the role assignment is a result of a job and/or position change (i.e. promotion, transfer), confirm the Job Change is completed in Workday prior to submitting the form.
View only security roles provide access to details into staffing, compensation, and costing across the university. Security roles that can perform actions in Workday are limited to the user’s supervisory organization. In contrast, view only roles extend access beyond one’s supervisory organization for specific data around staffing, compensation and/or costing.
Similar to departmental security roles, view only roles will be collected during the Supervisory Organization Validation process.
Obtaining a View-Only Role
A view only role will be assigned to individuals already having a security role which allows them to perform business processes in their own organizations. Levels of view only roles and the security roles to which they are assigned are summarized below.
|View only role||Description||Assigned to|
|VO-STAFF||Provides visibility into staffing (e.g. worker, job and position, academic appointments, and organization details.)||
|VO-STAFF-COMP-COST||Provides visibility into staffing, compensation, and costing.|
Employees who do not have a departmental security role (who are not performing business processes) may be assigned a view only role. Employees who only need a view only security role may be:
- People who don’t need to DO
- People who frequently access HEPPS or Opus for research to support:
- Finance, budget analysis
- Research, grant applications or management
- Departmental or unit decision making
- People who understand the implications of having access to this information.
Viewing Security Role Assignments in Workday
Academic Partners and HR Partners – To view a worker’s role assignment, from the Worker’s profile, select Related Actions > Security Profile > View Role Assignments for Worker Position.
Employee as Self – If assigned an elevated security role, run the My Supporting Roles report by typing “My Supporting Roles” into Workday’s search field. (Note that your search will be successful only if you have an elevated role; if you do not have an elevated role, the My Supporting Roles report will not appear in the search results.)
All Workday users – To see who is supporting you and in what capacity, click on any supervisory organization or academic unit, then click the Roles tab.
Required training depends of the type of the Security Role. Certain roles may require in-person training.