Navigation: NavBar > Navigator > Set Up HCM > Security > Time and Labor Security > Group Creation Security

1. The Group Creation Security search page displays.
2. Enter the Row Security Permission List.
3. Select the Search button.

4. The Group Creation Security page displays.
5. It defines what records and fields are accessible to a particular subgroup in Row Security Permission List.  There are only 6 Record Names to choose from for Time and Labor Security:
   • JOB
   • EMPLOYMENT
   • PERSONAL_DT_FST
   • SCH_ASSIGN
   • TL_EMPL_DATA
   • GP_PYGRP
6. The Row Security Permission List originates elsewhere in the Security configuration.
7. This allows people who have the permission list to create/manage dynamic and static groups to select these records and fields to define dynamic or static groups.

Navigation:  NavBar > Navigator > Set Up HCM > Security > Time and Labor Security > Dynamic Group

1. The Dynamic Group search page displays.
2. Enter the Time Reporter Group.
3. Select the Search button.

4. The Dynamic Group page displays.
5. This page defines how select employees are grouped.
   • Static: Employees are explicitly assigned to a group, and they will not change unless added or removed manually (this is not used by ctcLink).
   • Dynamic: Updates assigned employees automatically when running the Refresh Dynamic Group process or Time Administration based on criteria listed under Select Parameters.
6. Typically, these Dynamic Groups are used to group time reporters to then assign to managers, however a customization (M-034) was introduced to the ctcLink system to allow managers to access Manager Self Service Time and Labor options for direct reports if they are indicated in the Job Data field Supervisor ID for that direct report.
   • Without the M-034 customization all incoming and outgoing managers would need individualized Dynamic or Static Groups, which would all need to be manually maintained.

Navigation:  NavBar > Navigator > Set Up HCM > Security > Time and Labor Security > Refresh Dynamic Group

1. The Refresh Dynamic Group(s) search page displays.
2. Enter the existing Run Control ID or select the Add a New Value tab to create a new one.
3. Select the Search or Add button.

4. The Refresh Dynamic Group page displays.
5. Running this process will make sure new employees who fit the SQL criteria entered into the Dynamic Group are included within the group.
   • Running Time Administration will also refresh Dynamic Groups, so running this process separately should not usually be necessary except in cases where new Dynamic Group members need to be recognized prior to running Time Administration.
6. Enter the Processing Options for:
   • Use Current Date (leave checked, if you uncheck it you will have to indicate an “As Of Date”).
   • Refresh All Dynamic Groups (leave checked).
7. Select the Run button.

8. The Process Scheduler Request page displays.
9. Select the OK button.
10. The Refresh Dynamic Group page displays.
11. Check the Process Monitor for Process Name TL_GRP_RFRSH until it says Success/Posted.

Navigation:  NavBar > Navigator > Set Up HCM > Security > Time and Labor Security > TL Permission List Security

1. The TL Permission List Security page displays.
2. Enter the Row Security Permission List value.
3. Select the Search button.

4. The TL Permission List Security page displays.
5. TL Permission List Security is used to define what Time Reporting Groups a Row Security Permission List can access in Time and Labor as well as the range of time in which they can alter information on the timesheets of those groups.
6. Security by Permission List:
   • Allow Prior Period Time Entry/Days Grace Allowed: This defines the availability of prior pay period adjustments and how many days those prior period adjustments will be allowed before the timesheet is made unavailable to the user (i.e. if the pay period ends on the 15^th, then with 1 day of grace the user will have the 16^th to enter time for the 1^st-15^th and on the 17^th there will be no more entry allowed for that period).
   • Allow Future Time Entry: This defines the availability of future pay period time entry (i.e. ctcLink currently doesn’t allow most users to enter time for future pay periods).
   • Restrict Prior Year Time Entry: ctcLink is not using this feature.
7. Group Access defines time reporters for whom Row Security Users can view, update, and delete time reporting data .
8. Administrators will be enrolled in the college specific “SUPERUSER” list, however most employees will be enrolled in an “ALL” user list for the purposes of the timesheet entry configuration.

9. The review of the processes to understand time and labor security is now complete.
10. End of procedure.