UAT Overview for Work Package #4 - Masking PII in FSCM
Purpose: This guide is intended to aid Local Security Administrators and Finance staff engaged in User Acceptance Testing (UAT) the configurations made in the Page and Field Configurator that enable masking of Personally Identifiable Information (PII) in the Financials and Supply Chain Management (FSCM) pillar. These changes impact specific pages in the Accounts Payable (AP), Accounts Receivable (AR), Expenses (EX) and Treasury (TR) modules.
Audience: Local Security Administrators and Finance staff in AP, AR, EX and TR modules.
The Security Administration System Improvement (SASI) Project Information Guide, contains all background details on the requirements and solution design work that lead us to our User Acceptance Testing effort for this new custom ctcLink Security feature.
UAT Kick-Off - Meeting Information
Monday, October 20, 2025 9:00 am and repeated 3:00 pm
MORNING SESSION: 9:00 A.M. Meeting Information:
Meeting Link: https://sbctc.webex.com/sbctc/j.php?MTID=m8f85f5ca8cff75907e58dccc4715f6d4
Meeting number (access code): 2664 401 0798
Meeting password: qKJKsYWy327
Meeting Recording: (to be posted after session)
AFTERNOON SESSION: 3:00 P.M. Meeting Information:
Meeting Link: https://sbctc.webex.com/sbctc/j.php?MTID=m6b0f3514efd8e47cc088fd5c3e222ae8
Meeting number (access code): 2664 753 9975
Meeting password: PTkRiZMm792
Meeting Recording: (to be posted after session)
Join either session by phone:
+1-415-655-0002 US Toll
+1-206-207-1700 United States Toll (Seattle)
Presentation Materials: (to be posted after session)
Overview of Masking of PII Data in FSCM Functionality
To help college testers better understand how the new Masking of PII Data security feature works a Quick Reference Guide (QRG) has also been provided in the ctcLink Reference Center, under the SASI Project Information guide and also below:
Access to the UAT Environment
The PQA Environment, where UAT activities are taking place, was refresh on September 4th, 2025 from Production.
Employee job data and the state of security User Profiles is as of end of business the day before the snapshot, so any changes (onboarding new hires, offboarding separating employees or adjustments to an individual user's security profile made on or after 09/04/2025 will not be in the PQA environment unless replicated there for testing purposes.
To request access to the User Acceptance Test environment (PQA), follow the link below and provide the name, last 4-digits of EMPLID, email, contact phone number and college. Be sure to sign up Local Security Administrators and Finance staff who have the job duty justification to warrant them viewing PII data.
Testing will occur in the PQA environment. Testers will be logging on using their EMPLID. In order to access the impacted pages where the masking feature is applied, testers would need to have one or more of the security roles that enable navigation to these pages.
The following security roles are affected (PII field masking) by these changes:
Accounts Payable:
- ZD Accounts Payable Inquiry
- ZD Purchasing Inquiry
- ZZ Supplier Entry
- ZC Supplier Entry
- ZZ Voucher Entry
- ZZ Quick Invoice Entry
- ZZ Voucher Approval
- ZZ_AP_MANAGER
- ZZ_AP_SPECIALIST
Accounts Receivable:
- ZD AR Inquiry
- ZZ AR Apply Payments
- ZZ AR Collections
- ZZ AR Item Entry
- ZD CC Budget Inquiry
Expenses:
- ZZ Expenses User Admin
- ZC Expenses Support
- ZZ Local Security Admin
Treasury:
- ZD Treasury Inquiry
- ZD Treasury Local Config Inq
- ZZ Treasury Accounting Maint
- ZZ Treasury Approvals
- ZZ Treasury Bank Processing
- ZZ Treasury Local Config
- ZZ Treasury Maintenance
- ZZ Treasury Processing
- ZZ Treasury Reports
- ZZ Treasury Workcenter
This environment rests behind an OKTA instance and therefore you will be prompted to establish a password during activation.
Login Access Link: https://oktapreview.ctclink.us/
NOTE: If access was already granted, it will be noted in the Google sheet linked above with the word "Granted" - check the google sheet to confirm.
Testers who have already activated themselves in the PQA environment for other testing activities (concurrent UAT activities do occur in this environment) will not be required to re-activate as this is a shared environment for all concurrent UAT activities.
Having Issues Logging In? Contact the Security Team. ([email protected])
Don't Forget: You have the ability to reset your own password in Okta. If encountering password issues, try this first. You might be able to self-help quicker!
Also, if you're struggling after regular service hours, feel free to download the Tester Login Reference Guide (below) to see if the answer you need is in here:
Organizational Change Management (OCM) Aids
To support the roll-out of this new feature, the following documents are provided to help engage Finance staff. These communication blocks offer a starting point for drafting initial emails about the upcoming change. If testing assistance is needed, they can also help initiate that conversation.
Test Navigation List with Test Details
To Verify Masking During Testing:
- Masked View: Navigate to the relevant page using a security role with access to view the page with masking enabled. This can be done by assigning the role to yourself or asking a finance staff member with Production access that has that role. Testers without PII access should perform this initial pass to confirm data is masked.
-
Unmasked View: Apply a role that unblocks specific field types (e.g., SSN or bank account numbers) and confirm the data is visible. Only testers authorized to view PII should perform this step using one of the following roles:
- ZZ FS Unmask SSN
- ZZ Finance PII Data
- ZZ FS Unmask Bank Acct
Some of these pages may be less frequently used, therefore a link to a Quick Reference Guide (QRG) that details how to search for and engage with the page is provided.
This test isn't about completing the transaction per the QRG, but using it to navigate to the page and confirm that fields are correctly masked or unmasked:
- In the Search Criteria Lookups (prompt table).
- In the Search Results returned.
- In the specific fields on the page when viewing and adding a new value via Lookup (prompt table).
Issue Resolution During Testing
Still want to submit an issue? Please report your issue via the Service Desk.
Request Type: ctcLink Support > Special Project Activities > SASI Work Group Testing
Subject (begins with): SASI Work Package #4: <add your words...>
Each Issue Will Be Represented by a Title
- Issue Details: Outline of issue reported by another college during testing.
- Research: Security team research notes.
- Resolution: Explanation of the resolution discovered and any retesting needed to validate the solution.
Test Status
Once colleges have fully completed their User Acceptance Testing and are ready to sign-off the ctcLink Point of Contact will be asked to "sign-off" on behalf of the college.
Link to UAT Sign-Off (MS Form): Sign-Off Survey Form [link not yet active]
Sign-Off form will be open Monday, October 20, 2025 until Monday, October 27, 2025 @7pm
For a preview of the words in the sign-off survey, open the document below:
Colleges Confirmed Complete with Sign-Off:
- none
Colleges Awaiting Sign-Off:
- Bates Technical College
- Bellevue College
- Bellingham Technical College
- Big Bend Community College
- Cascadia College
- Centralia College
- Clark College
- Clover Park Technical College
- Columbia Basin College
- Edmonds College
- Everett Community College
- Grays Harbor College
- Green River College
- Highline College
- Lake Washington Institute of Technology
- Lower Columbia College
- Olympic College
- Peninsula College
- Pierce College District
- Renton Technical College
- SBCTC
- Seattle Colleges
- Shoreline Community College
- Skagit Valley College
- South Puget Sound Community College
- Spokane District
- Tacoma Community College
- Walla Walla Community College
- Wenatchee Valley College
- Whatcom Community College
- Yakima Valley College
0 Comments
Add your comment