HRS Access Guide - Row Security, Roles, and Security Templates

This document provides an overview of the HRS Access Guide - a series of KB documents providing guidance about HRS access for UW-Madison users, including requesting access, finding training, and fulfilling security requirements.

This document provides in-depth information about the Row Security Permissions List, Roles, and Security Templates, which all determine what users are able to do in HRS, EPM, and UWBI.

Row Security Permissions List

The Row Security Permissions List (displayed in HRS as "Row Security Perm. List" and often shortened to just "row security") describes the data that the user can access within the HRS pages they're authorized to use based on their roles. The row security level begins with UW_DP_ and then ends with a business unit or UDDS. For example:

Row security should be the smallest unit that still fulfills the user's work needs. However, a user can only have one row security level, which sometimes makes it necessary to move "up" a level. For example, if a user needs to see job data within A07 and A53, they would need a row security level of UW_DP_UWMSN as the smallest unit that contains both A07 and A53 since they cannot have specific access to A07 and A53 (be sure to explain this in the comments!)

Note: row security does not apply to EPM or UWBI (OBIEE) access, only HRS.

Roles

The sections or pages that a user can see in HRS, EPM, and UWBI/OBIEE are determined by the roles that the user has.

Role Areas

Roles include abbreviations for relevant functional areas, which can help you determine appropriate roles for different needs.

HRS roles

Roles determine the pages and features that the user can access within HRS, with specific data access determined by their row security permissions list. There are many roles and often roles have some degree of overlap with other roles, so working with roles can be confusing and overwhelming. To make it easier, it is recommended to use security templates to set up new users and then request additional individual roles as additional needs are identified.

Download the UW-Madison HRS Role Catalog

EPM roles

Some technical users might also need access to the Enterprise Performance Management (EPM) data warehouse, which stores data entered into HRS to use in custom queries and applications. EPM access requires the EPM ODBC Data Access (UW_UNV_EPM_ODBC_ACCESS) role in addition to specific roles that provide access to different sets of data tables. Learn more about EPM on the UWSS Data Warehouse site (requires NetID login).

Download the UW-Madison EPM Role Catalog

UWBI/OBIEE roles

There are two primary roles for UWBI/OBIEE - non-sensitive and sensitive. Sensitive access includes non-sensitive access, so it is not necessary for a user to have both roles.

Security Templates

Security templates are pre-configured sets of roles designed for common user types. The table below summarizes the update, view, and UWBI/OBIEE access included in each template.

Summary of access provided by HRS Security Templates
Template Name Update Access View Access UWBI/OBIEE Access
Division HR
  • Person
  • Position
  • Job
  • Person Profile
  • Time & Labor
  • Contracts
  • Emergency Contacts
  • Benefits
  • Payroll
  • Non-Sensitive
Division Payroll
  • Absence Management
  • Payroll
  • Time & Labor
  • Benefits
  • Person
  • Job
  • Position
  • Non-Sensitive
Division Finance
  • Funding/budgeting
  • Person
  • Job
  • Position
  • Payroll
  • Non-Sensitive
Department HR
  • Person
  • Jobs (Student Help only)
  • Jobs (all non-Student Help)
  • Position
  • Benefits
  • Payroll
  • Non-Sensitive
Department Payroll
  • Absence Management
  • Payroll
  • Time & Labor
  • Benefits
  • Person
  • Job
  • Position
  • Non-Sensitive
Department Finance
  • Funding/budgeting
  • Person
  • Job
  • Position
  • Payroll
  • Non-Sensitive
View Only
  • None
  • Benefits
  • Funding
  • Person
  • Job
  • Position
  • Payroll
  • Time & Labor
  • None

These templates are the result of many discussions between OHR and HRS users from throughout campus. Selecting a template automatically adds a set of roles to the request that HRS users in that template's functional area identified as universal needs.

Download the UW-Madison HRS Security Templates Guide

We want your input! If you have any feedback about these templates, email the OHR HRIS team!