Setting up authorizations, by task
Below is a summary of the set of authorizations needed to perform specific business functions. In addition, there is an explanation of the Profit Center and Fund Center hierarchies. Finally, there is information on the timing of authorizations going into effect. (See also Instructions for Departmental Authorizers and Guidelines for Primary Authorizers.)
|If a person wants to:||S/he must have the following Authorizations:|
|Create requisitions in SAP or SAPweb||
|Verify credit card purchases in SAP||
Contact the VIP Card office at x3-8366 or send e-mail to at email@example.com.
|Approve invoices (paper only)||
|Approve Travel Documents (paper only)||
| Create journal
(move charges from one
account to another)
Create manual reservations
(reserve funds on a cost object for anticipated expenditures)
|See reports (statements) on specific Cost Objects or Profit Centers from SAPgui, without salary subtotals||
|See reports (statements) on specific Cost Objects or Profit Centers from SAPgui, with salary subtotals||
Same as above, but add:
|See reports (statements) on specific Cost Objects or Profit Centers from the Warehouse||
One of the following:
(Which should you chose?)
|Approve requisitions electronically (using SAPgui)||
|Approve (sign) paper requisitions||For signing all requsitions
under Model 1 or low-dollar amount requisitions under Model 3:
For all other release strategies:
When you use the Roles application to add, delete, or update authorizations, the changes may go into effect immediately or the next day, depending on which authorizations you are changing. The following table summarizes the timing for various authorizations.
|Changes made to...||take effect...|
|Most SAP authorizations||the next morning (Monday through Friday) at 5 AM.|
|Authorizations for approval of requisitions via the SAPgui
(e.g., APPROVER MOD x LEV y)
|usually within one day. (These are the only SAP authorizations in the Roles Database whose entry into SAP still involves a manual step.)|
|Authorizations for paper documents, including
|Meta-authorizations for creating or viewing authorizations in the Roles application or RolesWeb||immediately.|
When you create an authorization, the qualifier type must agree with the function, and sometimes you don't have any choice. When you do have a choice, it is often between a custom Fund Center (e.g., FC_BIOLOGY) or a standard Fund Center (e.g., FC100108). In general, you should choose the custom Fund Center, use higher-level groups where appropriate, and be consistent. The short answer leaves out some important considerations, however, so read on...
An Authorization in the Roles Database consists of three parts, a person, a function, and a qualifier.
Qualifiers are of different types, including Spending Groups, Funds and Fund Centers, Cost Objects and Profit Centers. When an authorization is created, the type of qualifier specified must match the function; for instance, a CAN SPEND OR COMMIT FUNDS authorization must have as its qualifier a Fund Center or Fund.
All of the qualifiers of a given type are organized into a hierarchy or tree. When assigning an authorization, we recommend that you pick the qualifier at the highest level in the tree that is appropriate to describe "where" the user should be allowed to perform the business function. For example, if you want the user to be able to perform the function on all Funds within a Fund Center, pick the whole Fund Center .
The following three hierarchies (discussed below) are separate but related:
|Profit Center hierarchy||In the Profit Center hierarchy, the "leaves" or smallest objects are
individual Cost Objects (cost centers, internal orders, and WBS elements
In some cases, a WBS element may also have other WBS elements as children. Bunches of Cost Objects are grouped together into Profit Centers. Profit Centers have been defined at MIT to group cost objects together for the purpose of reporting. (In many cases, the Profit Center is equivalent to the MIT department number from legacy systems.) Bunches of Profit Centers are also grouped together into layers of Profit Center nodes, the objects beginning with the prefix "0HPC".
|Fund Center hierarchy (Standard branch)||In the Fund Center hierarchy, the "leaves" or smallest objects are
Funds are 7-digit objects that usually represent the same thing as the corresponding 7-digit Cost Object. (The exception is in the Sloan School, where one Fund can be associated with several Cost Objects.)
Funds are grouped together into 6-digit Fund Centers. Fund Centers, in turn, are grouped together into bigger Fund Centers. At MIT, Fund Centers have been set up for the purpose of controlling spending (e.g., requisitioning). Terminology in the titles of Fund Centers, e.g., FC101112 GO-AUDIT DIVISION, reflects their purpose: GO for "General Operating", "GNO" for "General Non-Operating", DH for "Department Head" and "PI" for "Principal Investigator".
|Fund Center hierarchy (Custom branch)||For the purpose
of controlling who can Approve requisitions, Fund Centers are grouped together
in a different way.
In the custom branch of the Fund Center hierarchy of the Roles Database, you will find objects that start with 'FC_', such as FC_BIOLOGY. Such an object, called a "custom Fund Center," represents an organization or a subset of an organization. (See note for SAP systems administrators.) Custom Fund Centers group together standard Fund Centers, and their component Funds. For many Departments, Labs, and Centers, the custom Fund Center hierarchy groups funds (cost objects) according to the way they do business.
Spending Groups begin with 'SG_'. They also represents organizations or subsets of organizations. (See note for SAP systems administrators.) Each 'SG_' object in the Spending Group hierarchy, e.g., SG_BIOLOGY, matches an 'FC_' object in the custom branch of the Fund Center hierarchy. The Spending Group hierarchy contains only Spending Groups; it has no Fund Centers or Funds.
There are technical reasons for storing Spending Groups and Custom Fund Centers in separate hierarchies with different names. (We'll skip the technicalities here.) For most purposes, you can think of them as representing the same thing.
Using the Roles Database, you have some options for how you define reporting authorizations.
First, there are two separate functions: REPORT BY CO/PC and REPORT BY FUND/FC. Second, if you use the REPORT BY FUND/FC function, you have two ways of specifying a qualifier, with standard Fund Centers (FCnnnnnn) or custom Fund Centers (FC_xxx...). All of these ways of defining reporting authorizations apply to exactly the same reports in SAP and the Warehouse.
Each Department, Lab, and Center should choose one way of defining reporting authorizations and be consistent. Choose the hierarchy that is most convenient for you: Which hierarchy represents the best way to group Cost Objects together for your department, to make it easy for you to define and understand reporting authorizations? The choice is not important for authorizations for individual cost objects, but it can save you a lot of time when you are granting reporting authorizations for groups of cost objects, using either Profit Centers, standard Fund Centers, or custom Fund Centers.
|Ways to define reporting auths||Define authorizations this way if:|
|REPORT BY CO/PC||Profit Center node, Profit Center, or Cost Object||
|REPORT BY FUND/FC||custom Fund Center, subordinate standard Fund Center or Fund||Most departments prefer this option.
|REPORT BY FUND/FC||standard Fund Center or Fund||