The Office of Human Resources maintains a simplified catalog of HR security roles in Workday. A full catalog of all security roles can be found by accessing the UW Security Catalog: Assignable Roles and User Based Groups report in Workday. The Workday report should be regarded as the source of truth for the current security configuration in Workday.
Column Overview
- Assignable Role: The name of the assignable role.
- Description: A description of the assignable role.
- View Access: The business processes that the assignee can view data for. Due to Excel cell height limitations, the entire list may not be visible for some roles. To view the full list, select the cell, then drag down the formula bar until more of the cell contents are visible. Use the scroll bar on the right side of the formula bar, if needed.
- Initiate Access: The business processes that the assignee can initiate or launch. Due to Excel cell height limitations, the entire list may not be visible for some roles. To view the full list, select the cell, then drag down the formula bar until more of the cell contents are visible. Use the scroll bar on the right side of the formula bar, if needed.
- Approve Access: The business processes that the assignee can approve after they have been initiated. Due to Excel cell height limitations, the entire list may not be visible for some roles. To view the full list, select the cell, then drag down the formula bar until more of the cell contents are visible. Use the scroll bar on the right side of the formula bar, if needed.
- Action Level (UW): Indicates the main type(s) of actions that the assignee can perform.
- Level of Operations (UW): Indicates the intended level of operations that the role should be assigned at, such as Campus Transactions or Shared Services roles.
- SOD Conflicts: Separation of Duties (SOD) conflicts occur when one person can perform multiple actions in violation of best practices. If any SOD Conflicts are displayed for a role, the assignee should not be assigned any of the other roles listed in this column.
- Sensitivity Ranking: Indicates the level of sensitivity that must be considered when assigning or performing the role. Roles are categorized as low sensitivity unless otherwise noted. For example, moderate sensitivity roles have access to restricted HR data.
- Paired Roles: Indicates what other role(s) are auto-assigned to the position if this role (base role) is assigned.
- Enabled for Organization Types: Indicates what type of organization the role can be assigned at. Most HR roles are assigned to supervisory organizations, but some may be assigned to other organization types, such as location hierarchies or academic hierarchies.
- Restricted to Single Assignment: If "Yes", only one position can hold this role for the assigned organization. If a second assignment is approved, the original assignee will be removed.
- Access Rights to Organization(s): Provides information about how the role is inherited. For more information, see Guide to Role Inheritance and Access Rights in Workday.
- Access Rights to Multiple Job Workers: Indicates how the access rights of the role are handled for workers with multiple jobs. For more information, see Guide to Role Inheritance and Access Rights in Workday.
- Notes: Indicates any other considerations related to the assignable role. Notes are specific to UW-Madison.
Simplified HR Security Role Catalog
To download a copy of the simplified HR Security Role Catalog, click this link: UW-Madison Simplified HR Security Role Catalog (XLSX).