Nebraska Information System Home
Nebraska Information System - Collaborate, Integrate, Achieve

NIS Security Administration (back)

 
skip links
Sign on to NIS
Training Manuals
Flash Memos
Available Training
Technical Help
Policies & Procedures
Glossary
Interface & Conversions
Security

NIS users can be categorized into one of two groups:

 

  • Users that must access NIS data and functional areas (accounts payable, accounts receivable, general ledger, HR/Payroll, etc) to perform their duties.

 

  • Users that access the NIS system to view their pay stub and view and update their personal and benefits information through a portion of NIS named Employee Self Service. Employee Self Service has a security profile that allows access to the respective user's pay stub, personal and benefit information.

 

 

Please note: It is an agency decision regarding who within the agency must have access to NIS. Some agency staff must have access to complete their work. Others may not need access at all.

 

The NIS system has its own security components that provide access to NIS data, activities and reports.

 

"Deny all" Principle

An important point to remember is that NIS security is based on the "deny all" principle. The "deny all" principle means that there is no access for a system user to data, programs and reports until access is specifically granted, and then only to that data, those programs and reports. Access is granted through the submission of user security profile parameters following a formally approved procedure.

 

Formal Procedure To Establish
a User Security Profile

A user security profile must be communicated by the agency's security authorized agent to the IMS Help Desk. The security profile information is communicated via the "NIS User Authorization Spreadsheet" that has been provided to each of the agency authorized agents and can be found at http://www.das.state.ne.us/nis/security/.  The IMS Help Desk records the request for a user security profile and sends the documentation to the NIS Security staff responsible for creating the security profile.

 

The "NIS User Authorization Spreadsheet" is the only means to establish a user security profile. Without the agency's specific instructions to grant privileges to each employee, no employee can have access to self-service or the data and functions that they need to do their work.

 

The NIS User Authorization Spreadsheet must be submitted by an Authorized Agent whenever a new employee is hired, when an employee's job functions change and necessitate a different access level, when an employee terminates their position, or when an employee transfers to other duties or another agency.

 

The NIS User Authorization Spreadsheet and instructions for completing the spreadsheet can be downloaded at http://www.das.state.ne.us/nis/security/index_user_authorization.html.    The first page of the NIS User Authorization Spreadsheet contains instructions for completing the spreadsheet. If you have questions about completing the spreadsheet, please contact the IMS Help Desk, who will forward your questions to the NIS Security staff. It may be helpful to add the IMS Help Desk electronic address (HELPDESK@CIO.NE.GOV ) to your e-mail Address Book:

 

Security Profile Parameters

Following are brief descriptions of the security profile parameters.

 

Foundation matrix codes

Detailed information on assigning an agency's employees matrix coding is available in the document "Matrix Coding and Job Function Descriptions" that can be found on the NIS web site. Foundation matrix codes provide access to functional area (accounts payable, accounts receivable, general ledger, HR/Payroll, etc) activities of the NIS. A user can have only one code per functional area.

 

Business units

Data access privileges are determined by Business Units. Business Units allow the NIS security component to provide employees access to data required to do their jobs, based on predetermined security level determined by each agency.

 

There are two types of Business Units used to grant access to Users:  Financial Business Units and Human Resource Security Business Units.  Each employee must be granted access based on the type of work functions that they are responsible for. The first two characters of the financial business units are the agency number - the remainder is agency-determined. The HR security business unit is ten characters and begins with the letter S and the next two characters are the agency number.

 

Batch Management

The batch management parameter provides access to the functions that are executed to enter, approve and post batches. Batch management identifies the relationship of who the preparer of a batch is and the related users who are the approvers or posters for the batch.  Batch management information can also be found on the NIS web site http://www.das.state.ne.us/nis/security/.

 

CIO Help Desk
State of Nebraska
Ask a Librarian
WebSite Design & Development by State of Nebraska,
DAS, Nebraska Information System