Topics Map > HRS Security > Approvals
HRS Access Guide - Approving Requests - Divisions and OHR
This document provides instructions for reviewers at the division and OHR levels to review HRS access requests.
Requests to add access require review by authorized division approvers (called the "Dean/Director" approval group in HRS) first, then OHR HRS Data Custodians. Requests to remove access only require OHR HRS Data Custodian review. Use the link below to check authorized approvers for each UW-Madison division.
To make changes to authorized division approvers, please email the OHR HRIS team.
Division and OHR approvers look for the following things in their reviews:
- If new row security level is requested, it is appropriate for the user and the position.
- Requested roles are appropriate for the user and the position.
- Requested roles do not unnecessarily create Separation of Duties conflicts.
- Requested roles are not redundant with each other or existing access (for example, adding HR View Only when user already has HR Administrator (Update HR) or adding both sensitive and non-sensitive UWBI/OBIEE roles.)
Each approver group must review the request within 6 calendar days after receiving the email or the request will be automatically cancelled and a new request will need to be submitted.
- Approvers will receive an email from UWSystemHR@uwss.wisconsin.edu with subject "Action Required: [Dean/Director or Data Custodian] Approval for Request [request number]".
- Click the Click here to review/approve link to open the request in HRS.
- For the Employee and Role Information sections, pay attention to the following fields:
- Empl ID provides the Employee ID # and user name for the selected user.
- Empl Record provides the Empl Rcd # and Business Title for the selected position.
- Department ID provides the UDDS and department name for the selected position.
- If Row Security Perm. List displays a value, check the new row security level requested. If the new row security level is appropriate for the user and position, leave the Row Security Approved toggle set to "Yes", otherwise click the toggle to change to "No".
- Click the View Employee Roles link to check the user's current access.
- If the request was submitted as Add Security Template, the selected templates will be listed in the Templates section. Ensure that the selected templates are appropriate for the position (for example, you might want to ask the requester for clarification if they are requesting a Division Finance template for a Graphic Designer position.) Note however that roles can be changed from what's included with templates, so you still need to review the requested roles even if the selected templates are appropriate.
- Review each requested role to ensure that it is appropriate for the selected user and position, doesn't create an unnecessary Separation of Duties conflict, and isn't redundant with other roles in the request or in the user's current access. If you don't know what a specific role does, click the View Role Details link to go to a description of the role in HRS or refer to the UW-Madison role catalogs. If the role is appropriate, leave the Approved toggle set to "Yes". If the role is not appropriate but all other requested access is appropriate, click the Approved toggle to switch to "No". Any roles with Approved set to "No" will not be granted even if you approve the request.
- Write a comment confirming what you did and did not approve and why. If you are denying or pushing back the request, explain the reason for denial or the questions/changes for the requester.
- Click the button for your review decision:
- Deny - completely cancels the request and does not apply any of the requested access. This is typically only used if after discussing the request with the requester it is agreed that the user doesn't require any changes to HRS access.
- Push Back - returns the request to the requester to make changes. Be sure to specify in the comments what changes you need the requester to make.
- Approve - approves the requested access (excluding row security or roles that have been set to "No"). If a Dean/Director selects Approve, the request will move forward to the OHR HRS Data Custodians. If an OHR HRS Data Custodian selects Approve, it will complete the request and the approved access will be applied during the next scheduled security provisioning batch process (typically about once per hour.)
Can't find the approver email? Follow the UWSS Approving HRS Security Role Requests in HRS KB document to look up the request in HRS.