1) Objectives
This document is to describe the user accounts administration process for the Hyperion Planning/Analyzer applications currently operated in the company. This document will be updated and maintained by IT department as required.
2) Applicability
This procedure is applicable for all employees who wish to apply for an access to the Hyperion Planning system located in the company.
3) Responsibility
| Persons | Responsibilities | |
| Requestor | Any one in the company | Complete the application form and submit it to Systems Owner for approval. |
| Systems Administrator | xxx | Add/Change/Delete users & assign security rights as approved by the Systems Owner. |
| Systems Owner | xxx | Review user accounts applications and the requested access rights, and approves or disapproves the request. |
4) User Security Profile
Hyperion uses the Windows Logon ID as the ID for logging into various components of the systems including:
o Planning,
o Reports, and
o Analyzer
Each of the components will have its own access control, and security level in respect to the functionality and the data held on the system.
A user security profile is a set of pre-defined access rights attempting to fulfill certain needs of an individual. Should a requester requires access falling out of these pre-defined access rights, he or should has to contact the Systems Administrator to formulate a custom profile.
4.1 Planning/Reports
| Profile | Brief Description | Access Rights | ||
| Planning | Reports | Essbase | ||
| Administrator | User Maintenance | Admin | Admin | Admin |
| Application Owner | Define models & maintenance of data | Owner | View + Design Rpt | Update |
| Super User | View and update data | Planner | View Rpt | Update |
| Ordinary User | View Data only | Planner | View Rpt | Read |
4.2 Analyzer
| Profile | Brief Description |
Access Rights |
| Administrator | User account maintenance | 1. Administrator rights. |
| Super User | 1. All rights of ordinary users plus update of the reports created in the public folders | 1. Read access to the assigned DB2. Owner access to the assigned public report groups/folders. |
| Ordinary User | 1. Create private reports and share it for public view.2. Navigate/view authorized reports | 1. Read access to the assigned DB and the report groups/folders |
5) Processes
5.1) Add/Change User Accounts
5.1.1 Requester obtains a copy of the User Accounts Maintenance Form from the Systems Administrator. Fill in the following information and submit it to the Systems Owner
o Personal Details
o Application
o Data Base
o Selected Security Profile
o Reasons/business justification
5.1.2 On receipt, the Systems Owner reviews the requested profile, and the justification, and approves/disapproves the request.
5.1.3 Approved request should be forwarded to the systems administrator for processing. Any disapproved request should be sent back to the requester stating the reasons of disapproval.
5.1.4 Systems Administrator, on receipt of the approved request, use the admin id and password to logon to the application and make the changes
5.1.5 Print out the screen where it shows the new setting or changes
5.1.6 File the screen print together with the request form.
5.1.7 Email the requester and copy to the systems owner of the completion of the request together with the login information/instructions.
5.2 Delete user Accounts
5.2.1 Once a month, the systems administrator should check with the HRM of each site as to whether any active users have left the organization.
If HR confirms a user as “left”, the systems administrator complete the Hyperion User Maintenance Form and send to the system owner via email.
On receipt of the approval from the systems owner, the systems administrator removes the accounts from all systems components and informs the systems owner of completion. File all of the communications.
5.2.2 At times, Site HR or Site IT may inform the Systems Administrator of the employee termination, same process as described, should be followed.
Appendices A
Hyperion User Accounts Maintenance Form
(A) Requester Information Action: Add/Change/Delete
| Name: | Location: |
| Department: | Position: |
| Phone Ext: | Windows Logon ID: |
(B) Access Rights
Planning/Reports
Please circle the selection.
| Applications: | Hyperion |
| Database: | Db |
| Security Profile | 1. Ordinary User |
| 2. Super User | |
| 3. Application Owner | |
| 4. Systems Administrator |
Analyzer
Please circle the selection.
| Applications: | Hyperion |
| Database | Db |
| Report Groups/Folders | Please specify the report group/folder you wish to access |
| Justification/Remarks:Use this to specify the reasons for requesting the new id and/or changes |
(C) Approval Process
| Requested by:Name:
Date: |
Approved/Disapproved by:Name:
Date: |
Processed by:_______________________Name:
Date: |