Lawson - Supply Chain Customer Community [READ ONLY]

Join

Procure To Pay: Security Rights/Roles & Responsibilities

Unknown
Unknown
in Social Groups**

It's Policy & Procedure review time for us and the endless stream of "but how do others do it?' is starting!

How do you assign roles and what rights do the roles have for Procure to Pay?

 

  1. Requisition
  2. Approval 
  3. Procurement
  4. Receiving
  5. Accts Payable

We currently do:

 

  1. Requisition
    1. Assign Role: Requesters are not really restricted, they create an IT ticket to get rights but we don't limit them per department or any such thing. 
    2. Rights: They can create reqs and inquire on Status.  
      Some of them that have S3 application rights to see/modify RQ10 and Inquire only on PO20, PO30, AP20, etc  - Anyone else have a need for this?
  2. Approval 
    1. Assign Role: Finance has a Cost Center Owner report and approvers must be on that or have written authorization from the CFO to be an approver
    2. Rights: Inbasket tasks, Lawson Reports for month end finance and they also get
      Is anyone getting end users insisting on needing copies of POs?
  3. Procurement
    1. Assign Role: By Dept/Title - generally this is only the SCM and Pharmacy departments.  There's a role that give Inquire rights to it all though
    2. Rights: Supply Chain and the Pharmacy Buyers get the "buyer" role and all of the above.  Buyers get PO20 full rights but not PO22.  They get MA64/MA66 and some inquire rights to AP10/AP20. SCM Contracts get additional roles to maintain pricing.  System Analysts get all of that and we get the keys to the item master and the RQ99 and PO99 screen. 
      We monitor if anyone creates a PO for something they requested or approved
  4. Receiving
    1. Assign Role: must be a dock receiver or SCM System Analyst
    2. Rights: they can be a requester, but here they are never approvers, we monitor if they receive what they requested.  They get full rights to PO30/MSCM RAD/Receiving Self Service.  They also get a custom version of PO64 that allows them to launch an IPA to ask if the department got their orders.  From there it's just Inquire rights to PO20 and AP10/20.
  5. Accts Payable
    1. Assign Role: Solely locked to the AP Department
    2. Rights: They split AP10 rights from AP20 rights but I'm not sure what else they get.
Tagged:

Comments

  • dechevar
    dechevar Member Posts: 294
    Requisition

    Assign Role: Requesters are restricted by AU, they create an IT ticket to get rights and submit a Requester Form detailing what AUs they will request for and if any previous requesters should be inactivated.



    Rights: They can create reqs and inquire on Status. They also get MSCM Tracking and inquiry access throughout IC/PO/RQ. They can place reqs on RQ10 and have access to the AP90.x screens for inquiry and MM80/MM280. They can use PO54, PO58, and PO64 for PO, Receipt, and Invoice information.







    Approval

    Custom Table maintained by ERP team and a IPA that routes Invoices and Reqs based on our always convoluted approval process



    Procurement

    Assign Role: By Dept/Title - Only Purchasing & Capital Acquisitions can create POs.

    Rights: Buyers get PO20 and PO23. They get MA64/MA66 and inquire rights to AP10/AP20. Buyers are not authorized to create a PO without an Approved Requisition.



    SCM Contracts get additional roles to maintain pricing. System Analysts get all of that and we get the keys to the item master and the RQ99 and PO99 screen.

    We monitor if anyone creates a PO for something they requested or approved





    Receiving

    Assign Role: Only Receiving department staff can receive. Since SCM Analyst can cut POs, we do not allow the to receive to avoid conflicts with SOX.



    Rights: they can be a requester and an approver. They get full rights to PO30/MSCM RAD/Receiving Self Service. From there it's just Inquire rights to PO20 and AP10/20.





    Accts Payable

    Assign Role: Solely locked to the AP Department

    Rights: They split AP10 rights from AP20 rights but I'm not sure what else they get.
  • gtesche
    gtesche Member Posts: 116
    https://community.infor.com/discussion/comment/25836#Comment_25836
    Buyers are not authorized to create a PO without an Approved Requisition.

    Are you able to do this via security?
  • dechevar
    dechevar Member Posts: 294
    https://community.infor.com/discussion/comment/25837#Comment_25837
    We do not. We run an audit report, but I don't see why you would not be able to if a PO44 record didn't exist.
  • Unknown
    Unknown
    https://community.infor.com/discussion/comment/25837#Comment_25837
    We audit PO Line Source where the source code is PO not RQ. If the buyer's aren't filling out the default information for subs or whatnot, we can question them. Mostly we monitor volume.

Categories