Course Deadline Extended
Old and New Payroll Clerks
Gina, an administrative assistant in the Department of Chemistry, vacates her position in the department to take a new position in the Office of the Comptroller. Gina has been the department's payroll clerk for a number of years. The department chair chooses his executive assistant, Marcus, to take over as payroll clerk for the department. As payroll clerk, Marcus will need access to sensitive payroll information about non-exempt employees in the department, but will not need access to faculty salary information or student records. The department chair logs into an access management system and designates Marcus as the new payroll clerk for the Department of Chemistry. In so doing, he grants Marcus a collection of rights within various financial applications appropriate for a departmental payroll clerk in his department, and Gina (who is still employed by the university and still recognized by the authorization system as a user) has her payroll clerk privileges for the Chemistry department revoked.
Actors in this use case:
- Gina, the current Chemistry payroll clerk.
- Marcus, the new Chemistry payroll clerk
- Sally, the Chemistry Payroll Supervisor
How this scenario might be represented by KIM:
Principals
Gina, Marcus, and Sally are all defined as principal entities in the KIM system.
As entities, KIM has various fields defined for each of them including
- Name
- Principal ID
- Primary Home Department Code
Name
Principal ID
Entity Type
Home Dept.
email address
Gina
100
Person
Chemistry
gina@ucsd.edu
Marcus
101
Person
Chemistry
marc@ucsd.edu
Sally
102
Person
Chemistry
sally@ucsd.edu
Group Definitions:
Suppose the following groups have been defined.
Group Type Name |
Group Namespace |
Group Name |
Active |
Departmental |
Staff |
Finance Admin Assistants |
Y |
Departmental |
Staff |
Executive Assistants |
Y |
Departmental |
Staff |
Business Officer |
Y |
Departmental |
Staff |
Department Chair |
Y |
KIM Types:
The KIM type identifies the set of qualifier attributes (fields). These qualifiers are used to separate different instances of types of group.
In this case, each of the above groups has a KIM type of "Departmental".
The Departmental Group Type defines a single attribute
- DepartmentCode
This separates these groups by department. For example: Chemistry payroll clerks from Medical Center payroll clerks.
Group Assignments:
Group Assignments at the beginning of this scenario could be as follows:
Namespace |
Groupname |
Type |
Member ID |
Name |
Active From |
Active To Date |
Staff |
Finance Admin Assistants |
Principal |
100 |
Gina |
6/30/1998 |
|
Staff |
Executive Assistants |
Principal |
101 |
Marcus |
01/01/2009 |
|
Staff |
Business Officer |
Group |
Dept. Chair |
-- |
04/01/1990 |
|
Staff |
Dept. Chair |
Principal |
102 |
Sally |
10/10/2002 |
|
Gina is assigned to the Finance Admin Assistants group.
Marcus is currently an executive assistant.
Sally is assigned as a Dept. Char and is also included the Business Officer group. (This is not pertinent to the use case, but was included here to demonstrate that groups can be assigned to groups)
Roles:
Two roles are defined in this scenario: Payroll Clerk, and payroll supervisor.
The roles, and the relevant permissions and responsibilities are shown here.
Payroll Clerk
- Type: Departmental
- Permissions:
- Can View Payroll: Non-Exempt
- Responsibilities:
- Approve Document: Timesheet
Payroll Supervisor
- Type: Departmental
- Permissions:
- CanViewPayroll: All
- MakeOrganization Group Changes
- Responsibilities:
- FYI Document: Timesheet
Role Assignments:
In this example, the groups are assigned to the roles.
Namespace |
Role Name |
Type |
Member ID |
Name |
Active From |
Active To |
Staff |
Payroll Clerk |
Group |
Fin. Admin |
n/a |
01/01/2000 |
|
Staff |
PayrollSupervisor |
Group |
BusinessOfficer |
n/a |
01/01/2000 |
|
Permissions / Responsibilities
Permissions and Responsibilities use templates to define the related attributes.
Approve Document Responsibility
ApproveTemplate
Type: Departmental
Qualifiers:
Document Type: Timesheet
Route Status: Enroute
FYI Document Responsibility
FYI Template
Type: Departmental
Qualifiers:
Document Type: Timesheet
Route Status: Approved&
CanViewPayroll:Non-Exempt Permission
CanViewPayroll Template
Type: Departmental
Qualifiers: Employee Exempt Status: Non-Exempt
CanViewPayroll:All Permission
CanViewPayroll Template
Type: Departmental
Qualifiers: Employee Exempt Status: Exempt, Non-Exempt
Use Case Action:
To replace Gina with Marcus, the department chair:
- Modifies Gina's Group Assignment, by setting the "Active To Date" with her end date.
- Adds Marcus to the FinanceAdminAssistants group with his start date as the "Active From" Date
Namespace |
Groupname |
Type |
Member ID |
Name |
Active From |
Active To Date |
Staff |
Finance Admin Assistants |
Principal |
100 |
Gina |
6/30/1998 |
12/31/2009 |
Staff |
FinanceAdmin Assistants |
Principal |
101 |
Marcus |
01/01/2010 |
|
Alternate Implementations
This model could have been created in a number of ways.
For example, it is not necessary to use groups at all, Gina and Marcus could have been assigned directly to their roles, instead of implicitly through their group assignments. If this were the case, it would be the role assignments that would be added/changed instead of the group assignments.
Dorm Access for Residential Advisors
Professional Organizatioins and Federations
Drug Restocking Approval
Nurse Wilson notices during a routine inventory review that the Oncology ward's drug cabinet is running low on a particular anti-emetic drug. The anti-emetic is a scheduled substance, so her request to the Pharmacy for restocking requires approval by both her supervisor and an attending physician in Oncology. The Pharmacy system detects the approval requirement and routes the request to the head Oncology nurse, then to the on-call Oncologist for approval before filling the order.
*A possible Kuali Rice solution:*This use case could be achieved within Kuali Rice by using a combination of the KEW workflow module and the KIM identity management module. Suppose a Pharmacy Purchase Requisition Workflow document has been defined.
The route path of the document has been defined as: