Skip to content
We are now part of City St George's, University of London. This website contains information relating to our Tooting campus. Please visit our new website to learn more about what we offer across all our campuses.

Introduction

The purpose of these guidelines is to

  • detail the policy and principles that govern the use of security in iTrent, including the creation and maintenance of user accounts and surrounding user access, user data management,
  • ensure that all security information held in iTrent is accurate and that the security controls are structured so that the University’s obligations and responsibilities with regard to general data protection and information security are met.

System Information

iTrent is the cloud-based human resource and payroll management system that the University has selected to hold shared and centralised information on its staff.

System Security Users

Access to iTrent is granted to individuals on the basis of roles with specific function access.

The two main two categories:

Security AccessDescriptionAssignee

Employee Self-Service Access

 

Employee Self Service, accessible by all who are PAYE staff, to request transactions such as annual leave, view payslips

 

All PAYE staff

Manager Self-Service Security Access

 

Available to all specific managers of staff, as opposed to resources, to access staff details and all staff related tasks e.g. ability to add/authorise amend leave etc.

 

All People Managers

In addition, there are specific functions that have been assigned to University staff engaged in specific transactional process to maintain and support the system.

Security AccessDescriptionRole

Payroll Cleardown

 

This profile contains the function of clearing down the payroll at the end of each month This function has been removed from all other payroll profiles

 

The Payroll Manager

 

A Payroll Administrator

Payroll Administration

 

Day to day activities for payroll, including the ability to run and process the payroll.

 

 

Payroll Administrators

Payroll Manager

 

Day to day activities as above plus the ability to set up new pension schemes, elements, payroll configuration etc. as required.

 

 

Payroll Manager

HR Administration

 

Day to day activities for the HR team across the full employee lifecycle and all HR modules covering recruit-to-exit processes.

 

 

HR Professionals

HR Information & Systems

 

Additional activities to HR Administration concerning user access, conditioning HR values, workflow and maintenance of the HR environments, with access to  reporting in iTrent

 

 

HR Information & Systems Officer

 

Head of HR Services

News Configuration

 

The role enables the allocated users to change parts of ESS, like adding news for the organisation. 

 

HR Information & Systems Officer

 

Head of HR Services

Finance/JREO

 

Restricted read only view for day to day work.  Change access for costings

 

Finance staff that require access (Finance Managers, AR, Agresso) and JREO (Research Grants)

 

Institute Access

IMBE/I&I/MCS/PHRI

Allocated to areas who have a responsibility for full staff within their area.  Profile restricted to their Institute and read only access to certain parts of the system

 

RIMS

Senior Management

System Administrator

St George’s is hosted by MHR and system administrator will provide super user support to all users and modules in iTrent and for the number of interfaces that depend on iTrent data, applying controls and updates across the TEST, TRAIN and LIVE environments, running security and audit.

Head of HR Services

 

Payroll Manager

Single Sign-On

As part of our specification of requirement, access to iTrent will be configured to allow user access to iTrent without seeing the traditional logon form containing the user name and password fields. The above list of roles and additional security information are presented to the user for completion, if they were part of the users’ normal login process. The network team in IT Services are responsible for exploring the automated creation and maintenance of iTrent user accounts in conjunction with the HR team.

Permission for additional security access

If a user or department identifies the need for additional security access or amendments, a request should be made via email to the HR team via hrsystems using the New User/Amendment Form (Excel). Should the additional access be deemed acceptable and authorised, the change will be made to the account and confirmed to the user with an update to the user’s access permissions by the HR team. If the request is denied for any reason the HR team will write to the user to explain the decision.

Leavers and Dormancy

When leavers’ IT accounts are closed, this is expected to automatically remove iTrent access for users. The network team will remove leavers’ names from the list of authorised iTrent users. Twice a year the HR Information Officer will data cleanse and disable any self-service user accounts no longer required.

Audit, Security and Misuse of the System

Audit is run daily as an automated function within iTrent to account for all actions in the system. If misuse or unacceptable use of the system is suspected or detected the system administrator may disable the user’s account, pending further investigation. In such an instance the user and their line manager will be informed of this along with an explanation. If appropriate, resumption of access may be considered after any investigation has concluded. Misuse of the system may be dealt with in line with the University’s regulations governing the use of computing facilities. On a monthly basis the Payroll and HR super users will conduct audits and log.

Data Access Requests

Any data access requests will be completed by HR as requested by the Data Protection Officer.

 

Find a profileSearch by A-Z