Requesting System Access | Financial Management Modernization

This page outlines important information and instructions for requesting access to campus financial systems.

Please note that system access requests can only be submitted by Role Security Administrators (RSAs), divisional control points, or designated Oracle Financials Cloud (OFC) central leads. Any system access requests submitted via the FMM Universal Request form will be closed, and users will be directed to contact the appropriate RSA or central lead for their request.

Not sure who your department’s RSA is? A full list of RSAs across all divisions is available here.

Instructions for Access Requests by System

Campus System	How to Request Access	ServiceNow Catalog
Concur	RSA submits a ticket on behalf of employees, with supervisor/Business Officer approval.	RSA Role Provisioning
Gateway	RSA submits a ticket on behalf of employees, with supervisor/Business Officer approval. Exception: Project Analyst and Project Manager roles are provisioned centrally during project setup.	RSA Role Provisioning
FinHub	Employee or supervisor can submit a request; ticket will be routed to RSA.	FinHub Access Request form
Transfers	Divisional control points will provide a list of users to the FMM Security & Controls team.	N/A
PGM Module	Project Analysts and Project Managers are identified at time of project setup. To request role changes, use the PGM ServiceNow catalog.	Projects & Grants Management
Transfers of Expense (Coming Soon)	RSA submits a ticket on behalf of employees, with supervisor/Business Officer approval. Exception: Project Analyst approval role is provisioned centrally during project setup.	RSA Role Provisioning
Legacy Data Warehouse Tools	Employee or supervisor can submit a request; ticket will be routed to RSA	FinHub Access Request form

Please include the user’s UCSB netid, required roles, and Financial Reporting Units (FRUs) in all access requests.

Note: The system access requests matrix will continue to be updated with additional systems and provisioning processes as needed. Last updated on August 8.

Frequently Asked Questions

I didn’t receive the right access to Gateway and/or Concur when these systems went live. What should I do?

We are aware of some discrepancies with provisioned Gateway and Concur roles and have been working to correct these. If your access is not correct for either of these systems, reach out to your department’s RSA so they can submit a request on your behalf. These instructions are available to help users identify their role assignments in Gateway.

IT and BFS teams have been working to resolve issues with roles and user IDs being synchronized. Please avoid changing your UCSB netid until notified.

How are Project Analyst and Project Manager roles assigned?

These approval roles in Gateway and TOE are derived from Oracle Projects & Grants Management, and are provisioned centrally during project setup in PGM. These roles are not assigned by a department's RSA. Project Analysts assigned to Sponsored Projects must be designated by Research Financial Analysts.

Requests to change assignments on specific projects must be submitted through the Projects & Grants Management service catalog in ServiceNow.

If I’m an RSA, how can I see what roles are currently assigned to users in my area?

Divisional control points were emailed a report of current role assignments across all units on July 30. Please submit an FMM Universal Request ticket or submit a contact form on the FMM website if you have any further questions about this report.

How do I know what roles should be assigned based on a user’s job responsibilities?

There are several resources available to assist departments with role assignments to maintain internal controls and separation of duties:

Gateway Roles Matrix - identifies job functions of each role and where two roles cannot be assigned to the same user within the purchasing system
Concur Role Guidelines - explains the various roles and associated responsibilities in the Concur Travel & Expense Management system

What is the process for establishing a new department RSA?

The “Manage Role Security Administrators” ServiceNow catalog should be used to request the setup, update, or removal of an RSA assignment. Please note that all submissions will be routed to your area’s divisional control point for review/approval. If you are aware of any gaps in coverage or upcoming changes to RSA assignments in your area, please coordinate with your divisional control point and use the form to initiate updates.

Please note that some units currently rely on a single RSA, which may cause a gap in coverage when this person is out and unable to manage role requests. To avoid disruption, we strongly recommend that each unit has at least one backup RSA assigned. Prior to submitting a request for a backup RSA, please consult with your divisional control point to discuss what will work best for your area. In some cases, backup RSAs may already be assigned from outside of your immediate unit.