Empowering Adaptive Planning Security: Crafting Robust Access Rules for Enhanced Control

In the dynamic landscape of modern business management, Workday Adaptive Planning has emerged as a powerful tool for financial and operational planning. As businesses increasingly turn to sophisticated solutions for their planning needs, securing sensitive data becomes a top priority. This includes not only safeguarding data from external threats but also managing internal access to ensure that users only see information relevant to their roles.
Adaptive Planning secures data by Users Permission and Levels and provides even greater control on user’s access using “Access Rules”. Access Rules allows further secure data using a combination of Levels, Accounts, Account Attributes, and Dimensions.
While Access Rules offer powerful ways to secure data, they can sometimes lead to unintended disruptions in how financial statements are viewed, particularly when certain accounts are restricted. In this blog, we’ll explore a common issue with Access Rules and provide a solution that maintains data security without compromising the integrity of your financial reporting.
One of the common issues for Adaptive Planning clients where Access Rules are used to further secure data is that it sometimes disrupts the users view on financial statements. Let’s take an example to talk about the issue faced and then through this blog we will discuss the solution which addresses it, without compromising on the data security.
The Access Rule Dilemma
Consider a scenario where your organization’s security matrix looks like this:
- Admins with full access
- Users with no access to Personnel sheet to see Salary details, but can see the overall salary posted to GL
- Users with no access to Personnel sheet or to overall Salary posted to GL, but can see the other GL accounts in the Income Statement
The access rule setup for the first 2 rows – Admins and “No Personnel – All Income Statement” groups are straight forward.
For Group “No Personnel – All Income Statement except Salary)”, if you create a typical Access Rule for securing access using Account Attributes for Model Access, it might look something like this:
For users in the “No Personnel – All Income Statement except Salary” group, who do not have access to the Salary and Wages account on the Income Statement (IS), the IS structure may appear distorted. This happens because removing the Salary and Wages account disrupts the hierarchy, affecting rollups and subtotals in the P&L statement.
The Solution: Using a Dummy Dimension
To address this issue while maintaining the integrity of your financial data, consider using a “Dummy Dimension” specifically for Access Rule control. This dummy dimension helps manage access rules without impacting the overall account hierarchy and subtotals in your financial statements.
Here’s how you can set up the Access Rule using the Dummy Dimension:
In this revised Access Rule:
- The rows highlighted in blue indicate the addition of the Dummy Dimension using the dummy dimension “Access Control”
- Have all GL accounts include this apply dimension filter and apply this dummy dimension value of “Access Control” for personnel related GL accounts so that they are not granted access to.
- This approach ensures that the Income Statement displays all relevant accounts, preserving the hierarchy and subtotals without exposing any additional sensitive data.
Conclusion
By implementing a Dummy Dimension for Access Rule control, you can effectively manage data security in Workday Adaptive Planning without disrupting the structure of your financial statements. This solution allows users to view all necessary accounts while keeping sensitive information protected, ensuring that your financial reports remain accurate and comprehensive.
Have you faced similar challenges with Access Rules in Workday Adaptive Planning? Contact us today to share your thoughts, experiences, or ask for support with your next Adaptive project!