Vendor Secured Fields

In some organizations, employees and potentially high-profile individuals such as elected officials are paid as vendors. Aside from the process of paying these vendors, the organization needs to be able to block the display of their contact (including bank account) information for their protection. The system allows field-level security to be applied to the vendor contact information.

Field-Level Security

Maintenance > new world ERP Suite > Security > Field Level Security

Field-level security can be defined for several pieces of the vendor contact information. First, the vendor needs to be set up as able to be secured. Select Bidder/Vendor in the Subject Area field and select the Secured Vendor check box. This will enable the Secured check box on the vendor record.

Field-level security can be defined for five pieces of the vendor contact information. Field-level security for vendors falls into two categories: non-conditional and conditional. Non-conditional secured fields will be applied for all users for all vendors when the fields are secured; the SSN, Tax ID, and Bank Account come under this category. Conditional secured fields will be applied to all users but only for selected vendors; the Mailing Address, Email Address, Phone/Extension, and Fax information come under this category.

Select Vendor Contacts in the Subject Area field. Select the check box next to each piece of information that needs to be secured:

  • Mailing Address.
  • Bank Account (including routing number).
  • Email Address.
  • Fax Number.
  • Phone Number (including extension).

For each piece of contact information selected above, the system will use the security settings on the user and the vendor records to determine which information may be displayed.

Vendor Security

The Vendor contact information needs to be secured on a vendor-by-vendor basis, as most vendors will not require this type of security.

User Security

Maintenance > new world ERP Suite > Security > Users

Security components are now available for each item in the Vendor Contacts section of the Vendor record. From the User List, select the user you want to work with and click the Permissions button. Search for the vendor permissions in the Non-Company Applications Permission Type. Find the six components that start with "Vendor Contacts," including the one called only Vendor Contacts.

Users can be given Change and/or View authority to these permissions. Users with Change authority to a field will be able to determine whether that piece of the vendor’s information will be secured. Users with View or no security to the field will be unable to access the field.

Vendor Record

Maintenance > new world ERP Suite > Procurement > Vendor Service

The General page on the Vendor record includes a Secured check box. This check box is present and enabled if the Secured Vendor check box is selected in Field Level Security. This flag applies the conditional field-level security to a specific vendor.

Rights to the conditional Contact fields (Mailing Address, Email, Phone/Extension, and Fax) are based on each individual user’s security:

  • If the user has Change authority to the field, the field is displayed and enabled.
  • If the user has only View authority to the field, the field is displayed but disabled.
  • If the user has no authority to the field, the icon is displayed instead of the field.

Note: Note The Secured check box does not apply to the bank account and routing number controls.

Vendor Service Display

Maintenance > new world ERP Suite > Procurement > Vendor Service

To properly secure the vendor information, modifications have been made to incorporate the Secure Vendor Contacts value into the existing security component security for the mailing address fields. The mailing address fields are now secured as follows:

  • If the Secure Vendor Contacts check box is not selected, ignore any user-based field-level security defined for the vendor contact mailing address fields.
  • If the Secure Vendor Contacts check box is selected, apply the user’s field-level security defined for the vendor contact mailing address fields:
    • If the user has Change authority to the field, display and enable the three mailing address lines, Zip Code, City, and State fields.
    • If the user has only View authority to the field, display but do not enable the fields.
    • If the user has no authority to the field, display the icon rather than the fields.
Click show me to view an example where the user has no authority to vendor contact information.

Other Displays

The changes to Vendor security will be reflected in other areas of the software.

Processing/Entry pages

The vendor contact security will apply to a number of pages in Financial Management. Reports are listed in the next section; other processing pages where vendor contact security is considered are listed below:

  • Accounts Payable Invoice Approval.
  • Accounts Payable Invoice Batch.
  • Accounts Payable Invoice Entry.
  • Accounts Payable Invoice Import.
  • Asset Maintenance - Insurance.
  • Asset Maintenance - Lease.
  • Change Purchase Order Approval.
  • Change Purchase Order Entry.
  • Payment Inquiry.
  • Payment Transaction Inquiry.
  • Purchase Order Approval Display.
  • Purchase Order Entry.
  • Requisition Entry.
  • Template Accounts Payable Invoice.
  • Template Purchase Order.
  • Voucher Entry
  • Voucher Approval Display

The General and List work flow pages on an Invoice Batch indicate if vendor contact information is secured. When a vendor is selected on the General work flow page, “Not Authorized” will display in the for the address lines of the Remittance information.

If the user clicks on the Remittance hyperlink (the control name label), the Vendor Contacts pop-up will display. Secured fields will display the icon. When the user hovers on the Invoice Number hyperlink on the List workflow page, the hover will suppress the address information if the user does not have security authorization.

On the Invoice Entry page for both regular and quick invoices, hovering over the Remittance value will show a hover. If there is no security to the vendor information, only the name will display.

Reports

The output for the following reports/listings will use the new security for vendor contact information:

  • Vendor Listing.
  • Requisition Edit Listing.
  • Purchase Order Edit Listing.
  • Change Purchase Order Edit Listing.
  • Template Purchase Order Listing.
  • Voucher Edit/Post Listing.
  • Accounts Payable Edit Listing.
  • Template Accounts Payable Invoice Listing.
  • Accounts Payable Check Register.
  • Payment Batch Register.
  • Asset Maintenance Insurance Listing.
  • Asset Maintenance Lease Listing.

If the user does not have security to a particular piece of information, "Not Authorized" will appear in its place on the report output.

Inquiry

On inquiry displays for transactions involving Vendors, Requisitions, Purchase Orders, Change Purchase Orders, and Accounts Payable, the icon will display for any vendor information to which the user does not have permission.

The Vendor Inquiry will also display the icon if the user is not authorized to the information.

On a vendor Payment Transaction Inquiry for a check payment, the remittance address does not display if those fields are secured.