November 2005

Security is a critical element in the CMS project, both system-wide and here at Cal State Fullerton. In any business application, an organization would not want every department to have access to all applications. Nor would it be appropriate for all employees within a department to have access to all the functions or all the data of a particular application. Oracle/PeopleSoft provides security features, including components and PeopleTools that are used to secure sensitive application data. The PeopleSoft security approach is tailored for the Internet.

Each campus is responsible for its own security setup in compliance with the campus security policies and practices. Additional advice and best practices are provided by the CMS Technical User Group, campus security committees and CMS Central. The current system-wide guidelines to secure PeopleSoft data offer recommendations regarding strong passwords, authentication processes, updating access rights, use of third party tools and user education.

Afsaneh Hamedani currently serves as the security administrator for the CMS project. She is responsible for analyzing business needs (within Human Recourses, Finance and Student System) to develop best practice security solutions using CMS security suites within PS applications. She is working with campus divisions to define and document CMS security standards, best practices and implementation strategies.

According to Afsaneh, “CMS security is about data integrity. In order to ensure that data is reliable and that the system operates according to design, it is essential that users have access to just the information required for their work—not less, and not more.” The new security page on the CMS website presents an overview of the approval process for HR system access. http://www.fullerton.edu/cms/security.htm. Additional details are found on the process map noted on that page.

While the approval process for HR data access may seem complex and does indeed have many layers including input from HR business analysts, it is the first step in a process that has just one additional step. Approval is followed by a training session for the end users. Training sessions conclude with new system users completing security compliance forms. System access then is activated.

An ongoing challenge for Afsaneh and others involved in CMS security is to continue to accurately define user roles and responsibilities and assign appropriate system access. Security for the yet to be launched CMS Finance and Student Administrations systems will be different than security for the HR system. According to Afsaneh, "A top security priority is to keep the three channels of data appropriately separated in order to guarantee data integrity."

July 2005

Self Service: It’s all About You

Human Resource Services is pleased to introduce to CSUF: Employee Self Service. "Self Service helps employees understand the various HR services,” said John Lynn, Executive Director of Human Resources. “We are constantly looking for additional options where employees are able to access their personal job-related information at their own convenience.”

CMS allows only the individual employee to access their information via Self Service.

Self Service allows employees to:

• View Personal Information - Displays home address, telephone numbers, emergency contact information and other personal information (CSUF ID, and other pieces of information which cannot be changed). This page also contains links to change addresses, telephone numbers and emergency contact information.
  
• View Benefit Elections - Displays health plan summary, dependent information, life and long term disability plan, flexible spending account and tax sheltered annuity information.
  
• View Job Information - Displays CWID, department name, job title, employee status, and salary history.
  
• View Leave Balances (Coming Fall 2005) - Displays state service credits, sick and vacation leave balances, compensatory time off (CTO) balances (if applicable).

According to John, “We are giving employees the ability to manage their own personal HR data electronically. This skillful feature will allow the HR staff to continue concentrating on building effective employees to power our organization.”

You will access Employee Self Service through the portal using your campus assigned user ID and password. Training will be available through classroom training and online tutorials.

And, as a friendly reminder, you should not share your user ID or password. Your ID gives you access to personal information that only you should access.

Users Given Distributed Functionality

As a campus employee you’ve been hearing for many months that “CMS has many benefits” and “CMS will have better reports”. Well, the time has come for CMS to show you just how great it is. On August 18, CMS goes live with the HR application to the campus community. What this means is that all employees will have access to Employee Self Service and a few pilot departments (users) will have distributed functionality access to student workers and/or part time faculty (PTF).

Q: What is Student Worker functionality?
A: It allows users to hire, reappoint or enter pay rate changes for student workers.

Q: What is Part Time Faculty functionality?
A: It is almost identical to student worker functionality. Departments appoint a part time faculty employee through CMS and are then able to generate a contract once the appointment has been approved. The contract can be e-mailed, or a hard copy can be generated and given to the part time faculty employee. Each part time faculty employee is required to sign and return their contract. This new functionality will help streamline the existing processes for temporary part time faculty.

So, when will you be trained? Don’t panic, training is on-the-way. CMS Training and Support has determined a ‘just-in-time’ training approach that will fit user needs. Training will be given to pilot departments during August 9-19. When access to other departments is rolled out, CMS Training and Support will coordinate training sessions with each user.