Lightning Talk on Financial Workflows
at Access Management CAMP in Philadelphia June 15, 2009
Jimmy Vuccolo, Pennsylvania State University
A couple of years ago, I participated in one meeting about workflow at Penn State.
Turned into a lifetime of meetings.
In the financial operations of Penn State most access management mechanisms were hard coded.
When someone resigned or changed departments, there was a need to manually remove them.
This was an expensive solution.
PSU used an LDAP approach to create a better system, using roles to control access. Took the policy and made it into
actual software called WebRAT.
http://ais.its.psu.edu/newsletter/jul_09.asp?page=2
Now we need to figure out how to take WebRAT and make it work for the academic/research community.
Q: Are roles are different for academic than for finance dept?
A: Yes. In academic side we don't have spending limits. Couldn't reuse sane roles.
Tool has to gather info to define roles.
Comment: U-M has a similar situation. Debating if we need to build something to capture
who is everyone's budget approver, etc. Haven't started or scoped the project.
Comment: Data sources are the big problem.