PrevPrev Go to previous topic
NextNext Go to next topic
Last Post 07/03/2017 3:28 PM by  thanef
Limiting Who Can Receive a PO
 16 Replies
Sort:
You are not authorized to post a reply.
Author Messages
Brett Townsend
Software Administrator
Brazos River Authority
Basic Member
(10 points)
Basic Member
Posts:6


Send Message:

--
10/26/2011 8:27 AM
    Hi i've read over the PO User Guide a few times, and currently in our lawson system anyone can receive a PO and I want to limit it so that if its not your PO then you cant receive it and release it. Does anyone know how to do this I thought it would be in the PO setup like po0.1.1 on the receiving tab there is a box that says Allow Receive All and its a yes or no box. I flipped in to N in our test environment and was still able to receive a Po that wasnt mine.


    Any ideas?



    Thanks in Advance.
    John Henley
    Private
    Private
    Senior Member
    (9563 points)
    Senior Member
    Posts:3205


    Send Message:

    --
    10/26/2011 8:42 AM
    Moving to procurement forum.
    Thanks for using the LawsonGuru.com forums!
    John
    John Henley
    Private
    Private
    Senior Member
    (9563 points)
    Senior Member
    Posts:3205


    Send Message:

    --
    10/26/2011 8:47 AM
    You would need to use Lawson 9 security, and write rules against the PO30 form.
    However, I would argue that this is exactly the wrong way to do things in an organization for two reasons. Typically, it's the buyer who creates and (sometimes) releases the PO, but it's a different receiving department that does the receipt. More importantly, I'd argue that as a separation of duties, I would not want the same person to create and release the PO and receive the goods.
    Thanks for using the LawsonGuru.com forums!
    John
    Brett Townsend
    Software Administrator
    Brazos River Authority
    Basic Member
    (10 points)
    Basic Member
    Posts:6


    Send Message:

    --
    10/26/2011 9:01 AM
    Thanks for your response on this issue. I will try and reason with the user who wants this to happen.
    Brett Townsend
    Software Administrator
    Brazos River Authority
    Basic Member
    (10 points)
    Basic Member
    Posts:6


    Send Message:

    --
    10/26/2011 9:50 AM
    I received this back from the user, is this different than the question that I asked?

    Currently, anyone in the authority can receive on a purchase order which does not make sense.

    The requester is not the same one who creates the purchase order. These are two different individuals. After the requester has entered a Requisition it goes thru the approval levels, sometimes one sometimes up to as many as four. After the Requisition has been approved, it is reviewed and converted into a Purchase Order by purchasing not the requester.
    John Henley
    Private
    Private
    Senior Member
    (9563 points)
    Senior Member
    Posts:3205


    Send Message:

    --
    10/26/2011 10:44 AM
    It sounds like you just need to limit via security who can access PO30.
    Thanks for using the LawsonGuru.com forums!
    John
    Greg Moeller
    Private
    Private
    Veteran Member
    (3873 points)
    Veteran Member
    Posts:1377


    Send Message:

    --
    10/26/2011 1:31 PM
    John: I agree and disagree. Here's why: If you are talking strictly about doing the receipt in PO30, I agree. If you are talking about using the Receiving link from RQC, I disagree. When you initially click the link from RQC, it pulls up EVERY PO that is eligible to be received. -- Big deal, maybe yes, maybe no. When you pick the PO that you are going to receive by clicking the 'Receive' link you need access to PO30... but really only for the PO Lines that belong to you. So, you'll likely have to do some rule-writing against POLINE/POLINESRC tables. See my latest post in the Security forum.
    Greg Moeller
    Private
    Private
    Veteran Member
    (3873 points)
    Veteran Member
    Posts:1377


    Send Message:

    --
    10/26/2011 4:14 PM
    I got it working!! Here's how:
    On the POLINE table I've written a conditional rule on the LINE-NBR field
    trim(getDBField('POLINESRC','REQUESTER',table.COMPANY,table.PO_CODE,table.PO_NUMBER,table.PO_RELEASE,table.LINE_NBR))==trim(user.getRequesterId())

    Also, on PO30.1 I've written a conditional rule against the actual form PO30.1:
    trim(getDBField('POLINESRC','REQUESTER',form.POR_COMPANY,form.POR_PO_CODE,form.POR_PO_NUMBER,form.POR_PO_RELEASE,form.PT_LINE_NBR))==trim(user.getRequesterId())

    I've tested (very limited) with a PO with multiple requesters on it --- Since our system is set to combine items if they are the same vendor and ship-to location -- and going through RQC's receiving module, I only see the lines that belong to the specific requester.
    JonA
    Private
    Private
    Veteran Member
    (2766 points)
    Veteran Member
    Posts:972


    Send Message:

    --
    10/27/2011 9:58 AM
    Nice Greg.
    Jon Athey - Supply Chain Analyst - Materials Management - MidMichigan Health
    Greg Moeller
    Private
    Private
    Veteran Member
    (3873 points)
    Veteran Member
    Posts:1377


    Send Message:

    --
    10/27/2011 10:45 AM
    Turns out- I had to allow full access to PO30.1 -- or you'll get a security violation when there are more than 1 requester per PO. The POLINE restriction though takes care of the RQC issue, as it only lets you see the PO's and the lines that are applicable to your requester.
    Bill Ianni
    Private
    Private
    Veteran Member
    (294 points)
    Veteran Member
    Posts:98


    Send Message:

    --
    10/27/2011 11:05 AM
    In nearly all cases, a seperation of duties isolating the receiving function is recomended (if not required) by auditors. The receiving function for RQC may be convenient for some receiving to occur at off-site facilities, but the majority of receiving activity should occur as a dedicated function. LSF9 security rules are needed to restrict the receiving task in RQC and/or PO30 and to enforce a strict schema of who perform the receiving function and the circumstances/conditions which are permitted.

    Keep in mind the accuracy and timeliness of the receiving function impacts several downstream processes in Lawson. If your company utilizes inventory tracking, then receiving updates the Stock on Hand quantities in the IC subsystem so that re-order points are accurately reflected. With non-stock purchases, the receiving function updates the RNI account used to generate the end-of-period accruals. Finally, receiving is a primary input to the 3-way Matching component used by AP. With a dedicated receiving function, the accuracy and timeliness of Inventory, RNI and Matching (and subsequently payment to vendors) are always more efficient. Without a dedicated receiving function, Accounting and MM staff will have to track down receipt status via individual requesters throughout the enterprise which could become a daunting task for the people in those departments.
    Mary Ann S
    Private
    Private
    New Member
    (3 points)
    New Member
    Posts:1


    Send Message:

    --
    11/01/2011 3:55 PM
    Greg,
    Are these rules written for LSF9 security?
    Greg Moeller
    Private
    Private
    Veteran Member
    (3873 points)
    Veteran Member
    Posts:1377


    Send Message:

    --
    11/04/2011 1:36 PM
    Yes, LSF9 security, but just for the RQC role. We only allow people with the RQC role to see RQC, so therefore no search box, no other menus, etc, so that they can't really get to PO30.1... just in the functionality of their RQC ordering.
    JonA
    Private
    Private
    Veteran Member
    (2766 points)
    Veteran Member
    Posts:972


    Send Message:

    --
    11/08/2011 8:14 AM
    That is how we have the RQC role security set up as well.
    Jon Athey - Supply Chain Analyst - Materials Management - MidMichigan Health
    Stephanie
    SCM Practice Manager
    RPI Consultants
    Veteran Member
    (234 points)
    Veteran Member
    Posts:82


    Send Message:

    --
    06/03/2013 11:22 AM

    We are now looking into implementing Receiving Self Service in some of our off site areas instead of using the PO30 form.  Thank you Greg for sharing your security conditionals!   This will be a big help for us to move forward quicker. 

    Stephanie Kowal | skowal@rpic.com
    Jeremy
    Private
    Private
    Veteran Member
    (204 points)
    Veteran Member
    Posts:82


    Send Message:

    --
    12/03/2014 12:59 PM
    I know this is an older post, but it is similar to what we are looking for.

    We are needing the ability to limit what PO's a user can see when they go into receive a PO. We want them to only view PO Lines that pertain to them. Similar to setting up a requester and limiting them to only requesting for certain Accounting Units. We want to be able to setup "receivers" and limit them to certain Accounting Units.

    I have always thought this was a major limitation in Lawson. You don't have a screen to setup a "receiver" like you do a "requester."
    thanef
    Private
    Private
    Veteran Member
    (103 points)
    Veteran Member
    Posts:43


    Send Message:

    --
    07/03/2017 3:28 PM
    Greg, to verify....were you just able to secure by constructing a security rule on POLINE --> LINE-NBR to retrieve the requester ID from polinesrc?  This secures the RQC --> Receiving Self Service bookmark page?
    You are not authorized to post a reply.