Wednesday, January 19, 2022

wq4

 

Workday Security Interview Questions

 

There is no inheritance for business process security policies (true / false)

 

True

 

 

Roles are used to drive business process management (true / false)

 

Yes

 

 

Which type of security groups is optional and customer-defined?

 

Job Based Security Group is optional

 

 

What type of Security Group are these: Report Writer; Setup Administrator ?

User Based Security Group

 

Editing a security policy takes effect immediately? (true / false)

 

False (Need to ‘Activate Pending Security Policy Changes)

 

 

The following are true about User-Based Security Groups

 

Grants access across the system

 

Multiple people can be members if same user-based security group

 

 

Is it possible to activate a previous timestamp while making changes needed to fix present security configuration?

 

  Yes
   

 You may configure securable actions and securable reporting items in a domain security policy.

 

 False

 

 

The following report views permissions the specified user has an action & also security policies and groups that grant access

 

 Security Analysis for Action

 

 

What are the different ways to assign security groups?

By the system based on a process

Manually

 

 Is Report Writer a role-based security group

No

 

 

  Which of the following is not securable area of business process

 

 Create new sub-processes

 

 

 In case a secured item is included in more than one domain security policy, workers who are granted different levels of access permission in different domains get the most access granted

 

  True

 

 

The following report views all domain security policies and business process security policies that use the security group:          

 

      Action Summary for Security Group


  Editing a child security policy does not affect inheritance in any of the others

 

 True

 

 

 Which Security Group is required for you to access custom reports 

 

  Report Writer User Based Security Group

 

 

  Can a role-based security tag to more than one org?

 Yes

 

 

  In Security Breach, whom should you contact?

  security@workday.com

 

 What are the steps to create Role Based Security?

 Steps-Org Role>>Maintain Org Role>>Attach the Role

 

 

 What are the two components of Workday Security?

Domain Security

 

Business Security

 

 

 How to disable Functional area?

Maintain Functional area

 

 

How to activate security policy?

    Activate pending Security Policy

 

 

What determines access to landing page?

Security

 

 

Which Report is used to see the Security Policy?

View Security for Securable Item

      Defined tasks and reports that are functionally similar

      Domains

 

 

This dictates who can view / modify data w/in the domain

Domain Security Policies

 

 

What dictates who can participate in the business process

Business Process Policies

 

 

Type of security group automatically assigned based on user’s job criteria

Job based security group

 

 

   Security policies designate permissions for security groups to view, or view and modify tasks within the domain

      Domain Security Policy

 

 

     Security Policies contain such securable items as initiation steps, step actions, and actions on the process as a whole

      Business Process Security Policy

 

 

Can you reassign a task to anyone?

No (It can be assigned to the users who have relevant security group in BP Security Policy).

 

 

Which dictates who can participate in BP?

Business Process Security Policy

 

------------ are assigned to users  based on administrative responsibility

  User-based

 

 ------------ are found as a related action off worker’s name

  User-based

 

 ----------- are assigned to users are based on criteria selected

  Job based

 

 ------------- are used to only approve business process management tasks; they do not determine task or report access and cannot initiate a business process

Job roles

 

 --------- report views all details about security group membership, security policies in which the group is used, the permissions it has and the functional area

  View Security Group

 

 ------- is automatically assigned based on criteria selected

Job based

 

 ------------- is used to restore inheritance in a child policy

Use Parent Permissions


***************

Reporting Interview Questions

 

What are Advance reports?

Advanced reports enable you to perform many actions on your data from primary and related business objects, including: Counting, Grouping, Summarizing, Totaling.

Output format of these reports can be table and charts.

 

Which filter would execute first? Filter or sub filter?

Sub filter will execute first. Because sub filters are applied on related business object, so it will filter most of the data using sub filters and then remaining data using filters.

 

What is RAAS?

RAAS is a normal report which is web service enabled. Making a report as web service enable will help to call that report in EIB, studio Integrations and BIRT. Otherwise, we cannot call that report in EIB, Studio or BIRT.

 

What are the steps to create a report?

Choose Report type and Data Source>>  Select Objects and Fields>>  Order Columns>>  Sort Output>>  Define Filter Criteria

 

What is Workday Reporting? What are the types of workday reports?

Workday reporting is a tool to gain information on data which is stored in workday. This information can be in table format, chart format etc.

 

Types: There are 2 types of Workday Reports. Custom report, Standard Reports.

Standard Reports are again of two types.

Xpresso Reports:

    These reports are delivered reports. User cannot edit these reports. User can only run reports for which S/he have access to.

 

Report Writer:

These reports are delivered reports. User can not directly edit these reports. User have to copy these reports and then user can edit that report.

 

Custom reports:

These are the custom reports created by user using report writer tool. The task to create custom report is “Create custom report”. The person who create the report is owner of that report.

 

How to make report as web service enable?

There are 2 ways to make a report as web service enable.

While creating an advance report, you can find a checkbox to make report as web service enable.

After creating a report, you can also go to advance tab and select web service enable checkbox. This way you can also disable report as web service, so it cannot be used in EIB, Studio and BIRT. 

 

What is difference between advance reports and simple reports?

Simple reports will not have option to sub filter, prompts and will have less functionality, wherein advance reports will have these features.

Also, simple reports cannot be used as web service.

 

The Tab on the Report definition allows you to control the order in which data will be presented and grouped is

Sort

 

Which Report cannot publish Web service?

Simple

 

What is the task to convert a report from simple to advanced?

Related action >> custom report >> Change to Advanced Report type

 

How do you compare the WD reporting with Relational DB?

Data Source           - View 

Object                    - Table 

Related Object       - Child Table 

Class Report Field - (CRF) Column 

Instance                 - Row

 

What is Matrix Report?

Matrix reports are similar, but not identical to, pivot tables and cross-tabs found in other systems. You group data in a row group and optionally a column group. Values in the matrix cells display aggregate values scoped to the intersection of the row and column groups to which the cell belongs.

 

What is RAAS?

You may create custom reports and enable them as a web service to be used in an Outbound EIB (Enterprise Integration Builder) as a data source. If you select this option, then you must also define Column Heading Override and Group Column Heading values on the Columns tab, and provide Label Overrides for all prompts on the Prompts tab.

 

What is Worklets?

A worklet is a report that can be displayed in a "tile" on the Workday "landing pages", which are: My Workday, All About Me, and My Team, and the Dashboard slide-out. Worklets provide users quick access to frequently referenced data and tasks common to a specific functional area.

You can create your own worklets by using the Report Writer and specifying either the advanced or the matrix report type, and then selecting Enable As Worklet on the Output tab. If you choose to share a worklet, it becomes available for authorized users to select when configuring their Workday landing pages.

 

What is Trended Worker Data source?

Trended Worker Data source encompasses a number of fields that fall into 3 general categories: 

Monthly worker snapshots. This type of data includes data about  workers as of the last day of the month, including compensation data, headcount numbers, and biographical information. 

Staffing events. These include hires, terminations, transfers, promotions, changes in position, addition or deletion of additional jobs, move events, and international assignments. 

Calculated metrics. These are calculations ,we can make based on the trended data, such as turnover rate and span of control. 

Workday automatically updates the Trended Workers data source at the end of each month. Data is collected for the last 36 months (that is, data is collected for as many months that are available in Workday, up to 36 months). Any data older than 36 months is automatically purged from the data source. Additionally, any retroactive changes that have been made to a worker in the last 3 months are automatically incorporated into the trended data.

 

What is Trending report?

Using Trending Report, Workday enables to report on and analyze trends in worker data such as headcount and attrition through a number of Workday delivered standard reports. We could create custom Trending report types that use trended data. By using either standard reports or custom reports, we can analyze important trends in our workforce directly in Workday, without the need for a third-party analytical tool. 

At the core of all trending report types is the Trended Workers data source. 

 

What is Indexed Data source?

Indexed data sources are a special type of data source optimized for performance, aggregation, and faceted filtering on large volumes of data.

 

Can custom  field be used in Report?

Yes.

 

What are the different types of custom reports? 

Simple, Advanced, Matrix, nBox, Search, Simple, Transposed, Trending.

 

What is the difference between Filter and Sub-Filter?

Filter is used to provide filter condition for Primary Business Object and Sub-Filter is used to provide filter condition for Secondary Business Object

 

 

 

Additional Reads

 

Workday Standard Reports

Workday Custom Reports

Workday EIB Interview Questions

Workday Security Interview Questions

Workday Core Connectors Interview Questions

at May 09, 2020 

Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

Labels: Interview QuestionsWorkday Core HCM Interview QuestionsWorkday Interview questionsWorkday ReportingWorkday Reporting Interview Questions

Location: Gachibowli, Hyderabad, Telangana, India

Friday, 10 April 2020

Security

 

Security Terms


Security Groups -
A collection of system users used to grant access to Workday. Security Groups are added to security policies to give members permissions to secured items in Workday. Group of users who need to perform actions or access data

Domain Security Policy-
Rules that dictate which security group can view or modify data within the domains

Components of Configurable Security:

Security Groups

Domains

Domain Security Policies

Business Processes

Business Process Security Policies


What are the 3 types of security constraints?

Unconstrained: members have access to available data instances

Constrained: members will only have access to data for assigned constraints

Mixed: Members have a mix of constrained and unconstrained


User-based security groups-
These groups are assigned manually to individual users to grant tenant wide access in Workday. Usually intended for administrators that needs system wide access.

Two types of Security Policies-
Domain security policies and Business process security policies.

Domain-
Domains are a collection of items that share the same security, including:
- Tasks
- Reports and report fields
- Web service operations

Domain Security Policies control which security groups have access to data in the domain
- View Security for Securable Item Report

Functional Area-
Represent the main grouping of delivered domains and BP types. These groupings are typically for a specific module or area of Workday, such as Procurement, Integrations, or Personal Data. Functional areas can be enabled or disabled.

Functional Area Report-
Functional Areas report is a "top-down" report which allows you to see a top-down view of Workday functional areas and the domains and business process types in each

Business Process Security Processes-
Business Processes Security Policies control which security groups can participate in the business process (initiate, perform actions, approve, cancel, delegate, etc.)
Have to give permission for multiple policies (ex. Approve, review, etc.)
Each business process type has a single security policy that secures all business process definitions of its type

Steps for Configuring Security:
1. Identify users- who needs access to what?
2. Create security groups- identify existing security group or create a new one for your employees
3. Edit Security Policies- grand view/ modify permissions to domains or grant business process permissions (sometimes domain OR business process or sometimes combo of both)
4.Activate Pending Changes to take effect
5. Test Changes to verify changes made provide the expected access (for both those who got access and those who don't need access)

Workday-Assigned Security Groups
These Security Groups grant GENERAL access and are AUTOMATICALLY assigned by the Workday system
- Assigned to a person
- Based on process such as hiring/ terminating
Ex. Employee as self, worker, all employees, all users, manager's manager

User-Based Security Groups-
These Security Groups grant ADMINISTRATIVE access tenant wide- typically for maintenance/admin groups
- Responsibility applies throughout the system (not just supervisory orgs but for entire tenant)
- User-based security groups are manually assigned to a worker
- Multiple people can be members of the same user-based security group
○ Ex. Benefits admin, compensation admin, payroll admin, report writer, HR admin, etc.

Steps for Creating a User-Based Security Group:
1. Create user-based security group
2. Configure security group on security policies
3. Activate pending security policies
4. Assign users to security group
5. Test (user can create an exit interview, testing it on who should be able vs who should not)
*Don't forget to add group for "administered for security groups" like Security Administrator, otherwise they wont be able to access anything

Role-Based Security Groups:
These Security Groups help identify your support or leadership staff
- Membership is derived based on being assigned an organizational role
- Roles are assigned to organizations (or location hierarchies)
- Roles are assigned to positions, NOT workers
- Roles inherit from superior org if not filled (if configured to do so)
- Access can be defined as constrained and unconstrained

Steps for Creating a Role-Based Security Group:
1. Use "maintain assignable roles" to create or modify assignable roles (supplemental book page 34-35)
2. Create role-based security group
3. Configure security group on security policies
4. Activate security policy changes
5. Assign roles to jobs/ positions to organizations
Test

Job-Based Security Group:
Identify members based on a job criterion

Job profile

Job category

Job family

Management level

Work shift

Include exempt jobs

Include non-exempt jobs


Automatic membership, Can be constrained or unconstrained

Membership-Based Security Groups:
     1. Location (meant for more specific location, not US as a whole)

            Grants access to a task based on the location for a worker
            Once created, automatically assigned based on users location
 Example: for initial deployment of time tracking, only London workers enter time on Workday

     2. Organization
             Grants access to a task based on the user's membership in org
             Once created, automatically assigned based on organization assignments
Example: business unit, company, cost center, pay group, USA as a whole, etc.

Combination Security Groups:
    1. Intersection -
            Grants access based on membership in ALL of the included security groups
            Includes only users who meet all of the specifications
    2. Aggregation Security Group -
            Includes users who are in ANY of the selected security groups
            User does not have to be in every included group

Security Domain
A predefined set of related securable items that include reports, tasks, report fields, data sources, and data source filters
- The securable item that make up a domain cannot be changed
- Each domain has its own security policy that controls access to the security items

Which security group is assigned directly to a worker?
User based security-Tenant wide

Role based security group permissions are given to a worker when their position is linked to what?
Support Role

Editing a security policy takes effect immediately
False- Need to activate

Business Process Policies-
Defines which security groups can participate in the business process

Security group that allows self service access?
Employee as self

Groups of users who need to perform actions or access data?
Security Groups

 

 


No comments:

Post a Comment

HTML2

 1. <HTML> <HEAD> <TITLE>RAJ BLOG</TITLE> </HEAD> <BODY> <H1>Raj documents</H1> <H2>Ra...