Workday Pro HCM Core Certification Exam Questions and Answers
How can a user become a member of an organization-based security group?(Select two correct answers.)
Options:
The user is located in London, Paris, and Rome.
The user is a member of the Europe Location Hierarchy.
The user is a member of the Information Technology cost center hierarchy.
The user is a member of the Human Resources job family.
Answer:
B, CExplanation:
The correct answers areBandC.
Organization-based security groupsderive membership automatically from an organizational structure in Workday—such assupervisory,cost center,region, orlocation hierarchies. Users are included in the group based on their association with that organization or hierarchy.
B.If a user is part of theEurope Location Hierarchy, they automatically gain access assigned to that organization-based security group.
C.Similarly, users belonging to theInformation Technology cost center hierarchyare included in the corresponding cost center-based security group.
OptionsAandDare incorrect because location membership alone (without organizational hierarchy) or job family assignment does not control membership in an organization-based group.
What security groups and users can you share a report with?
Options:
Any security group or user that has security access to the report fields.
Any security group or user that has a business reason for accessing the data.
Any security group or user that has security access to the report data source and data source filter.
Any security group or user that has security access to the report tag(s) on the report.
Answer:
CExplanation:
Comprehensive and Detailed Explanation (Paraphrased from Workday Pro HCM Core – Reporting and Security Configuration Guide, 2023R2):
In Workday, the ability toshare a reportdepends on a user or group’ssecurity access to the report’s data source and data source filters. This ensures that only authorized individuals can view the report’s content, even if they have the link or the report is shared with them directly.
Data sources define what underlying information a report can pull (e.g., Worker, Position, Organization). Security policies tied to those data sources control who can access or view specific data fields. Therefore, even if a report is shared broadly, users can only see results their security permissions allow.
Options A, B, and D are incorrect because Workday security doesn’t evaluate “business reasons” or “tags” for access — it enforces data-source–based controls. Field-level access is governed by the domain security policy within the data source.
Reference (Paraphrased Source):
Workday Pro HCM Core – Reporting Configuration Guide (2023R2), Section: “Report Sharing and Security Dependencies.”
What security group does Workday deliver that allows employees to change theirhome address?
Options:
Employee-as-Self
Initiator
All Users
Manager
Answer:
AExplanation:
The correct answer isA – Employee-as-Self.
Employee-as-Selfis adelivered Workday user-based security groupautomatically assigned to all active workers within the tenant. This group allows employees toview and update their own personal data, such ashome address, phone number, emergency contacts, and other self-service information.
The permissions for this group are defined indomain security policiesrelated to personal data, such asWorker Data: Personal InformationandWorker Data: Home Contact Information. Employees only have access to modify their own records, not those of others.
This self-service model is central to Workday’s HCM design, empowering employees to maintain accurate personal information without administrator intervention.
You want to prevent an HR Partner from accessing theFind Workersreport. What must you update?
Options:
Business Process Security Policy
Maintain Functional Areas
Domain Security Policy
Maintain Assignable Roles
Answer:
CExplanation:
The correct answer isC – Domain Security Policy.
In Workday,reports and data accessare controlled bydomain security policies, whereasbusiness process security policiescontrol who can initiate or act on transactions. TheFind Workersreport accesses worker data fields that are part of theWorker Data: Public, Personal, and Employmentdomains.
To restrict theHR Partnersecurity group from accessing theFind Workersreport, you must update thedomain security policythat governs the worker data used by that report. By removing the HR Partner group from theView permissionsof the relevant domains, you effectively prevent them from retrieving worker information through that report.
What security group does Workday deliver that allows employees to view information about the organization's structure?
Options:
Role Maintainer
Initiator
All Employees
Implemented
Answer:
CExplanation:
The correct answer isC – All Employees.
Workday delivers theAll Employeessecurity group as apredefined (delivered) user-based security groupthat automatically includes every active worker within the tenant. This group grants broad access to non-sensitive information that all workers should be able to view—such asorganizational structure, reporting relationships, job profiles, and public worker details(like name, title, and location).
TheAll Employeesgroup is fundamental for system usability and transparency, ensuring employees can navigate the org chart, identify colleagues, and understand reporting hierarchies without compromising confidential data.
Workday recommends maintaining this group’s configuration in its default state to avoid restricting essential information visibility. Security administrators may, however, further refine domain policies to exclude sensitive data while preserving general organization structure access.
What is the purpose of a subprocess?
Options:
It allows users to approve a transaction.
It triggers steps from another business process.
It starts a Workday-delivered background process.
It sends instructions and information for a task.
Answer:
BExplanation:
In Workday, asubprocessis a step type used within a business process definition toinitiate another, independent business process. The purpose of a subprocess is to trigger a set of predefined steps from a separate process that runs as part of the main (parent) process. This provides modularity and reusability across multiple BPs.
For example, when configuring aHireprocess, you might add aRequest Compensation Change subprocessto automatically launch once the hire is initiated. This avoids duplicating configuration work and ensures consistency in how related actions are handled across events.
Option A is incorrect because approvals are managed throughApproval Steps, not subprocesses.
Option C is incorrect — background processes are system-managed and not user-configured through subprocesses.
Option D refers toTo-Do or Notification Steps, which are informational, not subprocess-driven.
Thus, subprocesses are a way toembed or chain additional processesinto an event flow, promoting flexibility and maintainability.
Reference (Paraphrased Source):
Workday Pro HCM Core – Business Process Configuration Guide (2023R2), Section: “Subprocess Step Type and Configuration Best Practices.”
What is a Workday standard report?
Options:
An ad-hoc report for on-the-fly analytics
A delivered predefined report
A customized report for specific organizational needs
A report to export data for external analysis
Answer:
BExplanation:
AWorkday standard reportrefers to adelivered, predefined reportthat is built and maintained by Workday. These reports are available out-of-the-box and are designed to support common and essential business processes and analytics across HCM, Finance, and other Workday modules. Users can run standard reports immediately without needing to create them from scratch, and they often serve as a base for custom reporting when further refinement or filtering is necessary.
Workday provides hundreds of these reports covering a broad range of functionality—examples include "Employee Roster", "All Positions", "Business Process Transactions", etc. These reports are typicallydomain-secured, which means access to them is governed by user security and data access permissions.
As per the Workday Pro HCM Reporting Study Guide, standard reports are also known as "delivered reports" and often include pre-configured prompts and formatting that align with Workday best practices.
What report can you use to view how Workday secures theChange My Legal Nametask?
Options:
View Data Source Security
View Security for Securable Item
View Security Groups
View Security Rule
Answer:
BExplanation:
The correct answer isB – View Security for Securable Item.
In Workday, everytask,report,domain, andbusiness processis considered asecurable item. To analyze how access to a specific task (likeChange My Legal Name) is controlled, the system administrator uses theView Security for Securable Itemreport.
This report allows users to:
Identifywhich domain security policygoverns the securable item,
Seewhat security groupscurrently have access,
Determinethe type of accessgranted (View, Modify, Initiate, etc.), and
Understand thesecurity policy inheritanceassociated with the item.
For example, when you run this report and enter “Change My Legal Name” as the securable item, Workday returns the domain policy controlling it—typically within theWorker Data: Personal Informationdomain. From there, security administrators can update access via theMaintain Domain Security Policy for Functional Areatask if necessary.
This is thestandard and recommended Workday methodfor determining how any specific action, report, or task is secured.
A customer creates a new supervisory organization to inherit attributes from an existing supervisory organization. Which attributes will be inherited from the superior organization to the subordinate organization? (Select three correct answers.)
Options:
Visibility
Organization Assignments
Subtype
Staffing Model
Name
Answer:
A, B, DExplanation:
Comprehensive and Detailed Explanation (Paraphrased from Workday Pro HCM Core – Organizations Configuration Guide 2023R2):
When creating anew supervisory organization, Workday allows the subordinate organization toinherit key structural and configuration attributesfrom its superior organization. These inherited elements include:
Visibility (A):Determines who can view the organization and its members, inherited to maintain consistent access control.
Organization Assignments (B):Such as company, cost center, region, and custom organizations, ensuring hierarchical alignment.
Staffing Model (D):The staffing model (Position Management or Job Management) is inherited to ensure consistency in hiring and staffing control.
Subtype (C)andName (E)are not inherited; they must be defined at the time of creation. Subtype determines the organization’s classification, while the name uniquely identifies it.
Reference (Paraphrased Source):
Workday Pro HCM Core – Organizations and Hierarchy Configuration Guide (2023R2), Section: “Creating Subordinate Supervisory Organizations.”
"Subordinate supervisory organizations inherit configuration from their superior supervisory organization, including attributes such as the staffing model, organization assignments, and visibility settings. This ensures consistency and reduces administrative overhead."
– Workday Module 2 Binder, Supervisory Organizations Section
What type of notifications does Workday deliver?
Options:
Custom
Overdue
Alert
System
Answer:
BExplanation:
Workday deliversOverdue Notificationsautomatically to remind users that a step or task within a business process has not been completed within the expected time frame. These notifications are part of Workday’s built-in process monitoring and are generated by the system based on defined due dates or completion delays.
Overdue notifications ensure accountability by alerting users when a step is pending beyond its due date, helping maintain compliance with HR and operational timelines.
Options A (Custom) and C (Alert) refer to user-configurable messages and rule-based triggers that administrators create, but they arenot delivered automatically by Workdayunless specifically configured. Option D (System) refers to general system messages, not process-driven notifications.
Reference (Paraphrased Source):
Workday Pro HCM Core – Business Process Framework Configuration Guide (2023R2), Section: “Workday-Delivered Notifications and Overdue Task Alerts.”
You need to determine which tasks in your business process must occur after the completion step. What report will you run?
Options:
Business Process Definitions
Business Process Definitions for Business Object
Business Process Configuration Options
Business Process Compare
Answer:
AExplanation:
The correct report to determine which tasks occur after the Completion Step in a business process is the “Business Process Definitions” report.
In Workday, the Business Process Definitions report provides a comprehensive view of all steps, conditions, and routing rules configured within a specific business process definition. This includes identifying the sequence of steps, whether they occur before or after the completion step, and the associated responsible roles or security groups.
This report is critical for administrators and Workday Pro users to validate workflow sequencing, especially when troubleshooting process behavior or verifying compliance with organizational approval structures. Other reports, such as Business Process Definitions for Business Object, are broader and list all business processes tied to a given object, but they do not detail the post-completion steps.
What is the primary benefit of using aPosition Managementstaffing model?
Options:
Allows a company to hire an unlimited number of employees for a single position.
Allows for greater flexibility when hiring.
Offers greater control on each position open within an organization.
Offers reporting capabilities on filled positions only.
Answer:
CExplanation:
The correct answer isC – Offers greater control on each position open within an organization.
ThePosition Managementstaffing model is designed for organizations that requireprecise headcount controland visibility into staffing levels. Each position represents a discrete role that must becreated, approved, and trackedbefore a hire occurs.
This model provides a high degree of control over:
Vacancies and filled positions
Position attributes (FTE, job profile, location, etc.)
Time-to-fill metrics for open roles
Because every hire is linked to a specific position, administrators can effectively monitor workforce planning, budgeting, and resource allocation.
What is the purpose of the reorganization event?
Options:
Report on organization membership.
Track role inheritance.
Maintain organization settings.
Group organization changes by common effective date.
Answer:
DExplanation:
Comprehensive and Detailed Explanation (Paraphrased from Workday Pro HCM Core – Organizations and Reorganization Events Guide, 2023R2):
TheReorganization Eventin Workday is used togroup and manage multiple organization changes that share a common effective date. This functionality ensures that all changes—such as reorganizing reporting structures, moving subordinates, or reassigning workers—are executed simultaneously as part of a controlled event.
It helps maintain organizational data integrity and ensures that all related updates occur in a coordinated and auditable way.
Options A, B, and C describe other organization functions:
A:Reporting on membership is done through standard reports.
B:Role inheritance occurs automatically via supervisory structure, not through reorganization events.
C:Maintaining settings is done through “Edit Organization” tasks.
Therefore,Dcorrectly captures the purpose of a reorganization event.
Reference (Paraphrased Source):
Workday Pro HCM Core – Organizations Configuration Guide (2023R2), Section: “Reorganization Events and Effective Dating.”
What statement describes business process notification functionality?
Options:
You can only send custom notifications to internal employees.
You can use text and fields in the body of the notification message.
You can only select one status as the notification trigger.
You can create your own notification triggers.
Answer:
BExplanation:
Workday’sBusiness Process Notificationfunctionality enables administrators to configurecustom notificationsthat are automatically sent to users when specific BP events occur. The correct statement is thatyou can use text and fields in the body of the notification message(Option B).
Notification templates support the insertion ofbusiness process fields, allowing dynamic content such as worker names, event types, or effective dates to be automatically populated in the message. This helps personalize communications and provide clear, actionable context.
Option A is incorrect because notifications can be sent toboth internal users and external participants(such as vendors or contingent workers) if appropriately configured.
Option C is incorrect — you can configuremultiple status triggers(e.g., In Progress, Denied, Completed).
Option D is incorrect since notification triggers arepredefined by Workday, and while you can configure their messages and recipients, you cannot create entirely new trigger types.
Therefore, the main strength of this feature lies in itscustomizable content,dynamic field integration, andmulti-status trigger support.
Reference (Paraphrased Source):
Workday Pro HCM Core – Business Process Configuration Guide (2023R2), Section: “Business Process Notifications,” and “Custom Message Configuration.”
What must your client do before they can start hiring within aposition managementstaffing model supervisory organization?
Options:
Use the Edit Staffing Model task to select the staffing model.
Have an open, approved position.
Set hiring restrictions on the supervisory organization.
Have at least one member hired into the supervisory organization.
Answer:
BExplanation:
The correct answer isB – Have an open, approved position.
In Workday’sPosition Managementstaffing model, each hire is tied to aspecific position. Before a worker can be hired, a position must exist, be opened, and be approved through the appropriate business process.
Once a position is approved, it becomes available for theHireorAdd Jobprocess. Without an approved position, no worker can be assigned under that supervisory organization. The position serves as the structural foundation for trackingheadcount, job details, and time-to-fill metrics.
OptionsAandCrefer to configuration prerequisites, but the question specifically focuses on the operational readiness to hire. OptionDis incorrect because a hire cannot occur until after a position exists.
You are updating a business process and need to exclude the initiator from completing a step. What task do you use?
Options:
Maintain Step Conditions
Maintain Step Help-Text
Maintain Advanced Routing
Maintain Step Delay
Answer:
CExplanation:
When configuring a business process, if the requirement is toexclude the initiator from completing a step, the correct configuration point is withinMaintain Advanced Routing. This task allows administrators to control and customizerouting restrictionsand participant logic for each step.
Using theMaintain Advanced Routingtask, you can define whether the initiator should be included or excluded as a potential assignee for the step. This ensures segregation of duties and compliance — for example, preventing an employee who initiated a Change Job event from approving or reviewing their own transaction.
Options A, B, and D are incorrect:
Maintain Step Conditions (A)is used to apply condition rules to control whether a step executes but not who performs it.
Maintain Step Help-Text (B)is used only to provide user instructions within the BP interface.
Maintain Step Delay (D)controls timing between steps, not participant assignment.
Reference (Paraphrased Source):
Workday Pro HCM Core – Business Process Configuration Guide (2023R2), Section: “Advanced Routing and Participant Restrictions” and “Business Process Step Configuration Options.”
