Access to the Shared Financial System is maintained by the SFS Security Team.

Security Processes

Need Access to SFS?

Contact: Campus BU Admins

Other Resources:

Defining User Preferences In SFS 9.2 pdf

Resources for BU Admins

Separation of Duties Matrix xlsx

Who can use the online form?

  • Anyone who has an active job record.

what roles are on the form?

  • All roles available to any user.
  • Some roles are only granted via Jira (e.g. some dynamic roles and service accounts). 

ADDING AND REMOVING ACCESS

  • All roles require User, Supervisor, and BU Admin.
  • High Privilege roles will require additional levels of approval.
  • SFS Team Support roles require SFS Director approval.
  • SFS Technical Team roles requires SFS DoIT Manager approval.
  • All access for any BU Admin requires approval of SFS Director.

SFS Security Processing

  • All * fields on the SFS Online Security Access Request Form must be filled in.

Granting Access (Provisioning)

Approvals:

  • Approvers will receive an email for form approval. The email contains a direct link to Evaluate Security Request. 
  • All roles require approval of User, Supervisor, and Business Unit Administrator via workflow in sequential order.
  • Some roles require additional approval by the UW System Controller, UW System SFS Financial Director and DoIT Technical Director. 

If the requester is a non-employee:

If the requester is an auditor:

  • Treated as a POI.

  • External auditors (LAB, etc.) should be granted the "UW_Base_User" role.

Emergency Removal (De-provisioning)

Multi-Factor Authentication (MFA) was implemented for SFS in June of 2014. Users with core access to SFS are required to provide MFA credentials in addition to the user name and password to gain access to SFS. MFA was implemented to enhance the security of the authentication process for SFS. A One Time Password (OTP) device is used for the additional credentials.

How to Request a One Time Password (OTP) Device:

Requesting An OTP Device pdf

How to Request a One Time Password (OTP) Device When Not Based on a Campus:

DoIT Helpdesk Webpage

Trouble With Multi-Factor/One Time Password?

See the Process Overview