In Workday HCM, it is essential to distinguish between domain security and business process security, as each controls different aspects of system access. Domain security governs data visibility, such as whether a user can view compensation information or run reports. Business process security, on the other hand, controls transactional actions, such as initiating or completing tasks like Create Compensation Package.
In this scenario, the worker is able to run the Compensation Package report, which indicates they have permission to view compensation-related data. However, they cannot access the Create Compensation Package task, which is a transactional action within a business process. This clearly shows the worker has view-only access to the domain but does not have business process initiation permissions.
The correct permission type is View on a domain security policy. This level of access allows users to view data and run reports associated with that domain, but it does not allow them to modify data or initiate related business processes.
Option A is incorrect because Initiate permissions on a business process security policy would allow the worker to start the Create Compensation Package task. Option B is incorrect because View and Modify domain access would allow data changes, which is not supported by the scenario. Option C is incorrect because View All on a business process security policy would relate to visibility within business processes, not report execution.
From a Workday Pro HCM security design perspective, this scenario demonstrates the separation of duties principle: reporting access is granted through domain security, while transactional authority is tightly controlled through business process security. Therefore, the correct and Workday-verified answer is View on a domain security policy.
Submit