ITS Workday Delegation and Approvals Policy

1. Overview

Workday, the University’s Enterprise Resource Planning (ERP) software for Human Resources, Financial Management, and Student Records, allows users to delegate tasks to others and approve actions.  This policy explains which Workday business process items, such as tasks and other inbox items, may be delegated and to whom.

2. Purpose

To define appropriate use of the delegation and approval functions in the Workday system.

3. Scope

This policy applies to all University of Akron employees.

4. Definitions

  • Enterprise Resource Planning (ERP) – An ERP is a type of software system that helps an organization automate and manage core business processes for optimal performance.
  • Business Process (BP) – A business process is a set or series of related tasks necessary to achieve a specific outcome in support of running the organization.
  • Task – An event or step, either standalone or in a business process, that must be completed.
  • Approval – An action in a business process that designated individuals select to progress the event to the next step.  An Approval signifies agreement with the information presented to make the determination to move the event to the next step in the process.

5. Policy

  • An approved Workday user may delegate certain Workday business process items to another user as permitted by this policy.
  • The user’s manager, or higher-level supervisor in the organizational hierarchy, must review and approve delegation requests.
  • A Workday Security Administrator may create, review, cancel, or modify a delegation as necessary to comply with this policy.
  • A user may delegate the creation and/or approval of tasks to another user at a superior, subordinate, or peer level within the organization.
  • An employee or delegate shall not approve actions or tasks on themselves.
  • The “Retain Access to Delegated Tasks in Inbox” box shall be checked for all delegations.
  • The approval of inbox items including, but not limited to leave approval, expense reports, and spend authorizations, may only be delegated as follows:
    • The delegation must be made on a temporary basis, for the minimum duration required, and have an end date.
    • The delegation shall not exceed one year but may be renewed with approval from the user’s manager or higher-level supervisor.
    • A UA Cabinet Member, who is on leave, may delegate the approval of spend authorizations or expense reports to a direct report at the Associate/Assistant Vice President level or higher.
  • It is not the intent of this policy to change approval levels or requirements defined in other UA policies.

6. Compliance

  • Compliance Measurement
    • IT Security Services will verify compliance with this policy through various methods including but not limited to internal and external audits, system reports, and configuration change alerts.
  • Non-Compliance
    • Any employee who knowingly violates this policy may be subject to appropriate disciplinary action or sanctions.

7. Related Documents

University Rule 3359-11-08: Policies and Procedures for Student Records
University Rule 3359-11-10: Acceptable Use Policy
University Rule 3359-11-10.3: Information Security and System Integrity Policy
University Rule 3359-11-10.4: Customer Information Security Policy
University Rule 3359-11-10.6: Social Security Number Use Policy
University Rule 3359-11-10.8: Identity Theft Detection, Prevention, and Mitigation Policy
ITS: Data Access Policy
ITS: Data Classification Standards
ITS: Information Security Incident Reporting & Response Policy
ITS: Secure Access and Data Storage Standards

8. Policy History

Approval Authority: Chief Information Officer
Policy Manager:  Chief Information Security Officer
Effective Date: 12/01/2022
Prior Effective Dates: NA
Review Date: 11/30/2023