Certified Master Anaplanners

Experts in Anaplan thought leadership, technical expertise, and Connected Planning evangelism.

Information on the Certified Master Anaplanner program

Recent articles for Certified Master Anaplanners

Less granular, more accurate: The "granularity = responsibility" principle in FP&A
Author: Taichi Amaya, Certified Master Anaplanner, and Financial Planning and Analysis Specialist at Pasona Group, Inc. Reading time: approximately 5-6 minutes. "We need more detail in our forecasts. Let's have each sales rep submit their numbers individually — that way, we'll be more accurate." Sounds reasonable, right? But here's what actually happens: Fifty sales reps, each second-guessing their pipeline, each hedging slightly on the conservative side. By the time these forecasts roll up, that collective caution becomes a systematic bias — one that no amount of detailed analysis can fix. This isn't a hypothetical scenario. It's a pattern I've seen repeatedly in FP&A practice. In this post, I'll challenge the "more detail = more accuracy" assumption and share a principle I've developed through years of FP&A practice: granularity = responsibility. You'll learn: * Why coarser planning often produces statistically better forecasts * How granularity amplifies bias in predictable ways * A practical framework for determining the right level of detail Actuals vs. plans: different purposes, different granularity Let me be clear: I'm not arguing against detailed data in general. For actuals and historical analysis, more granularity is almost always better: * Enables deeper drill-down analysis * Helps identify trends and anomalies early * Supports advanced analytics and machine learning But planning is fundamentally different. Planning involves human judgment, organizational accountability, and inherent uncertainty. And in this context, I've learned that intentionally choosing a coarser granularity than your actuals often leads to better outcomes. Why? Three interconnected reasons. Why coarser plans are more accurate 1. The law of large numbers: statistical stability through aggregation The more granular your planning units, the more statistical noise you're trying to predict. [Figure 1: The Law of Large Numbers in Action] Figure 1 demonstrates this pattern using real data from our organization: at the Total level, outcomes consistently align with statistical models (R²=0.945). At the Detail level, predictability varies widely — some units maintain reasonable correlation (R²~0.80), but many show weak or unreliable patterns (R²=0.21-0.45). Individual variations cancel out at higher levels of aggregation. This is precisely why driver-based planning — using ratios, trends, and relationships — works more reliably at coarser levels. The drivers themselves become more stable and predictable when applied to larger populations. 2. Bias accumulation: the "safety margin" effect When you ask 50 people to forecast individually, each person makes a small, rational adjustment: "Better to be conservative — I don't want to miss my target." Those individual safety margins don't stay individual. They compound. When we consolidated input points — moving from individual contributors to team leads — the chronic conservative bias we'd been fighting largely disappeared. Not because team leads were better forecasters, but because there were fewer points where bias could accumulate. While I don't have perfect before/after data to quantify this precisely, the pattern is consistent across organizations: more input points means more opportunities for systematic bias to creep in. 3. Information freshness: faster cycles, more relevant data Even with Anaplan's powerful capabilities, our initial planning cycles were taking over a month. The bottleneck wasn't the tool, it was the hundreds of granular input points we'd designed into the process. When we optimized granularity and reduced input points, we dramatically reduced input time: 2 weeks for Budget, 1 week for Forecast. This isn't just about efficiency — it's about accuracy through timeliness. A forecast based on week-old information is inherently more accurate than one based on month-old information. Market conditions change. Customer signals evolve. Competitive dynamics shift. Fewer input points meant faster cycles. Faster cycles meant our plans could reflect current reality, not last month's reality. When market conditions change rapidly, this agility becomes a significant competitive advantage. The granularity = responsibility principle So how do you determine the right level of granularity? My guiding principle: Plan at the level where accountability naturally sits. If a Business Unit leader is responsible for BU performance, plan at the BU level — not by product, not by customer segment. If a Regional VP owns a region, that region should be your planning unit. This alignment serves two purposes: * Statistical: Matches the level where you have meaningful sample sizes and where biases are minimized. * Organizational: Ensures the person inputting the plan can actually explain and defend the numbers. Three questions to find the right granularity: * Does the person have specific knowledge at this level? If a sales manager is guessing at individual deal probability, the granularity is too fine. If they can speak credibly about team pipeline trends, that's the right level. * Can they explain the assumptions behind the number? If the answer is "I just copied last year and adjusted by 5%," you're asking for too much detail. Good planning requires thoughtful assumptions — which requires appropriate scope. * Will decisions be made at this level? If no one will ever look at "Product SKU 47829 in the Northeast," why are you planning it separately? Plan at the level where decisions actually happen. When these three questions align with an organizational accountability level, you've found your optimal granularity. In Anaplan terms: design your input modules at these accountability levels, not at the maximum granularity your data model can support. Let driver-based logic handle the detailed breakdowns for analysis — but keep human judgment at the level where it's most reliable. Conclusion Anaplan's flexibility allows us to design at any level of granularity, which makes choosing the right level even more critical. Three interconnected forces — statistical stability, bias mitigation, and information freshness — all favor coarser planning granularity aligned with organizational accountability. I've seen this pattern hold across multiple implementations. Apply the granularity = responsibility principle to your planning process. The improvements in forecast accuracy and planning agility are real and measurable. I'd love to hear your experiences. Let's discuss in the comments below. …………… About the Author: With 13 years in FP&A and 9 years of hands-on Anaplan experience, Taichi Amaya has been a Master Anaplanner since 2019. He works on the customer side, designing and building enterprise-wide FP&A models and learning daily from the intersection of planning theory and business reality.
Certification practice exams to be dynamic with more questions
The practice exam should be a bank of questions so that when you take the practice exam(s) you are not getting the same 10 questions. Writing more practice exam questions would not be difficult considering the amount of content that could be tested in each of the exams. This is also a feature that most professional certifications have and one that I would hope that Anaplan adopts as it seeks to further enhance the exams.
Accessible by design: Our new accommodations for certification exams
Taking a proctored exam can be intimidating, even for the most seasoned professionals. While certification validates a learner’s skills and expertise, the exam environment itself can sometimes pose unnecessary barriers. Our goal is to test your ability, not your endurance. That’s why we’ve made significant updates to make our exam experience more inclusive and less stressful. You can now utilize a range of accommodations, including extended time, assistive technology, comfort items, and access to resources like Anapedia, to create an environment that helps you perform your best. The goal of the recent modifications we championed was simple but meaningful: to ensure that Anaplan certification exams focus on measuring skills and knowledge, not how well someone navigates a test under pressure. By introducing thoughtful accommodations into the standard exam experience, we’re creating a more inclusive, equitable, and learner-centered certification journey. Why these modifications matter We know that a proctored environment can create discomfort, distractions, and stress. Our vision is to make sure that every learner, regardless of their personal circumstances or needs, can approach the exam with confidence and focus on demonstrating what they know. The changes are designed to minimize avoidable friction during the exam process, support accessibility, and ensure that we uphold the integrity of the certification while honoring diverse learning and testing needs. What’s now part of the standard certification exam experience The following accommodations are now available to all learners taking an Anaplan certification exam: * Access to specific Anaplan learning resources like Anaplan Planual, Anaplan Community, and Anaplan Anapedia. * Physical whiteboard usage is allowed with clear security protocols: no pen and paper, and the board must be shown erased before ending the session. * IMPORTANT: Please note that pens and paper are not allowed during exam taking to prevent any questions from leaking and to protect the integrity of the exam. * Extended exam times for those who need more processing time * Use of medical devices, ensuring health needs don’t become barriers * Music or ambient sounds in the background to help ease anxiety * Leniency with eye-tracking requirements, recognizing natural movements and accessibility needs * Breaks as needed * Comfort items (will be coordinated with the proctor during exam taking) * Comfort or service animals to support learners with disabilities * Drinks and water, so staying hydrated isn’t a privilege * Permission to move around/stretch, reducing physical strain during long sessions * Screen reader or text-to-speech support for those who benefit from auditory processing * Assistive technology such as magnifiers, dictation tools, or alternative input devices Putting learners first while protecting exam integrity Each accommodation was carefully considered to balance accessibility and security. This ensures that candidates have the flexibility they need without compromising the credibility of their certification. This change isn’t just operational; it’s cultural. It reflects our commitment to meeting learners where they are, fostering trust in the certification process, and empowering every candidate to succeed based on merit. Looking ahead These modifications are just the beginning. As we continue to evolve the certification program, we’ll keep listening to feedback, removing barriers, and driving improvements that make the experience fair, inclusive, and supportive for all. Certification should reflect what someone knows, not how well they adapt to discomfort. And now, we’re one step closer to making that a reality.
Certified Master Anaplanner Exam Study Guide: Essential Anaplan Topics
Certified Master Anaplanner Exam Study Guide: Essential Anaplan Topics The best way to hone your expertise is practical experience. Being a certified solution architect is the first step, but we recommend one or more years of hands-on experience using Anaplan to uncover all you can do with the platform. Training can also help you advance your technical skills and learn best practices for working with Anaplan. In addition to our required training, the following materials can help you get a well-rounded understanding of the platform. Learn how you can grow your knowledge in the areas within this study guide for the Certified Master Anaplanner Exam. The exam format is a combination of multiple-choice and multiple selection questions. There are 60 questions in the exam that need to be completed within 90 minutes (1.5 hours). The passing score is 45. There are knowledge-based questions which reference the review topics and application-based questions that check the learner’s experience using the Anaplan. To reiterate, it advisable that those planning to take the exam have sufficient model building and project implementation experience. Other helpful links regarding the exam: * Requirements to register for Certified Master Anaplanner Exam * Exam FAQs CMA Exam Topics Data Hubs * Data Hubs: Purpose and Peak Performance Center of Excellence * Building a Center of Excellence * Introduction to Centers of Excellence * Selecting Center of Excellence Governance Structures * Center of Excellence Roles and Responsibilities * Why Do I Need a Center of Excellence? Data Integration * Data Related Training Classes * Get Started with Imports * Exports from Anaplan * Overview of Private and Default Files * Import Data Sources * Data Integration * Anaplan Connect * Guide to Data Integration using Anaplan REST API * Anaplan API Guide and Reference Anaplan Extensions * Excel Add-in Version 4.0 * Third-party Data Integration Application Lifecycle Management (ALM) * ALM Overview * Revision Tag Best Practices * Save Incomplete Changes when Synchronizing in ALM * Production Lists Overview * Structural Information Reference Model Building Best Practices * Best Practices for Module Design * Formula Optimization in Anaplan Knowledge * Time Range Application * Reduce Calculations for Better Performance * PLANS–This Is How We Model Shared Best Practice * Add Notes Formulas and Functions * Calculation Functions * YEARTODATE Function * Formula Structure for Performance * SELECT Function * RANK Function Dynamic Cell Access * Dynamic Cell Access * Dynamic Cell OR Selective Access * Dynamic Cell Access Learning App Selective Access * Selective Access (Anapedia) * Selective Access (Academy) Time Ranges * Time Ranges * Introduction to Time Ranges * Time Ranges–The Basics Dashboard Filtering * Filter (Anapedia) * Filter Best Practice The Anaplan Way * The Anaplan Way - OnDemand (Learning Center)
Five new Anaplan features you may not be using
Author: Misbah Ansari is a Certified Master Anaplanner, Anaplan Community Moderator & Community Boss, and CEO/Founder at Miz Logix. Anaplan has come a long way as part of its product development. We have seen so many features being released over the past few years which has not only helped Anaplan carve a place for itself in the market among its competitors, but is being called out as a leader by most of the third-party surveys. But did you know that there are some features which are priceless and still go unnoticed? Here are some of the latest features that Anaplan released in the past few months which has made a difference in how we approach our model development. * Move Pages across Apps We all have been there when we complained about having to duplicate the changes on the dashboard, first in the lower environments for testing and then to Prod App (only once the tag has been pushed to Prod Model). Now, you can just move the page from one app to another ideally by duplicating the page in the app of lower environment (QA/Test/Pre-Prod), make required changes on the page and push/move the page to Prod App. Note that there are other factors that need to be taken into consideration as well while working on this, like App management (single vs multiple), UX page access, removing the redundant pages etc. * Assign landing page to the roles This feature comes handy while routing users to their respective landing pages. It is simple to set up and can be used to assign landing pages to multiple roles across multiple models in a single pane. * Changing all occurrences in one go It could be model builders’ savior when there is a lengthy and complicated formula written especially when there is a repetition of modules and line items used. You need to be in the formula editor mode and click on the key word/statement that you want to change, right click on it (or Press CMD+F2 or CTRL+F2). * UX Page dependency data Remember “Used in Dashboards” column in modules view which used to be mostly blank if you are not using Classic Dashboards and using UX? Well, there is good news for all the model builders. Recently, Anaplan has released a feature which is a game changer for model builders. Now model builders can see which UX pages are linked to each module, improving visibility into dependencies so that you can make informed decision about the modules. Note : This feature is only available in beta experience of modules view. * Enforce unique naming in imports Do you know that this feature can be used if there is a unique code in our data structure but not the unique names? Most of us straightaway think about numbered list if we have such a data structure. But if the naming convention of the list items don’t matter to you, this feature can be used in such cases. Make sure that the import is set on “Code Only” while setting up the import and “Enforce unique naming” flag is checked too. This will generate the names with appended “~1,2,3 etc. “in your lists: Note: Before using this feature, please talk to your solution architect about it as this can lead to performance issues if the data volume is high. File: Anaplan: Let me know about if there is any feature that you think is priceless and went unnoticed or is not getting its due credit. Leave a comment!
Practical lessons from building Anaplan Centers of Excellence
As part of the Anaplan Eastern Europe & Middle Asia User Group, Certified Master Anaplanners Anton Mineev (@AntonMineev), Anton Suslov (@AntonS_*9173), and Dmitrii Mamaev (@dmitrii.mamaev) shared hands-on experience in creating and maturing Centers of Excellence (CoEs). This article summarizes their key insights from the discussion. You may find it helpful if your role involves CoE strategy today — or if you're preparing to establish one in the future. Why a CoE matters A Center of Excellence acts as the foundation for scalable, sustainable Anaplan success. It builds internal capability, enforces architectural discipline, and accelerates delivery. The session explored what works, what doesn't and why there's no single universal formula for building a successful CoE. The maturity journey The group examined how companies determine the ideal structure and governance approach for their CoE. Each approach reflects different priorities around ownership, alignment, and model governance: * Stage 0 – No CoE: All work is done by external partners. Fast to start, but limited scalability and high dependency on outside resources. * Stage 1 – Single specialist: One dedicated resource handles administrator tasks and small updates, learning from partners along the way. * Stage 2 – Centralized CoE team: Builds new models, manages integrations, and enforces standards. Independence from partners is achieved. * Stage 3 – Hybrid model: As a central team grows, proximity to the business may decline. A hybrid structure maintains centralized governance while embedding members into business functions or use cases. This keeps standards and training consistent while ensuring close alignment with business needs. A company's CoE structure can shift over time — not only progressing forward but also reverting to earlier models — depending on organizational priorities, resourcing, and the strategic role of Anaplan within the enterprise. Organizational placement: IT verses the business When establishing a CoE, determining its position within the organization is a strategic decision that shapes governance, influence, and impact. The discussion explored common structures and their trade-offs: * IT-led CoE: technically strong and stable but often distant from end users. May compete with other IT initiatives or resist change ('If it ain’t broke, don’t fix it'). * Business-led CoE: agile and close to decision makers, but risks ad-hoc solutions and loss of architectural control. * Hybrid model: formally part of IT but with embedded business resources. This combines centralized governance and technical standards with local ownership and agility — a balance that often delivers the best results at scale. Roles and talent in a CoE A CoE's success depends heavily on the right mix of roles and skill sets as it matures. Key positions commonly found within an Anaplan CoE include: * Key user / business administrator: Filters requests, aligns stakeholders, and ensures quality of requirements. Deep model-building skills aren't required, but understanding Anaplan principles, data flows, and interdependencies is essential. In stable models (for example, standardized reporting), a Key User can manage versions and perform simple updates. * Model builder: develops and maintains models. A motivated junior with more learning time can often outperform an overloaded senior. * Solution architect: defines standards, manages complexity, and ensures performance. This role can be developed internally or sourced externally. * Workspace admin: Manages environments and access — often combined with other roles, especially as automation reduces manual administrator effort. External partner verses internal CoE The panel also discussed the key differences and trade-offs between relying on external partners and developing internal CoE capabilities: * Licensing considerations: External and internal accounts may be treated differently. Always confirm with your Anaplan representative. * Data security: Partner access expands the exposure surface — implement additional safeguards. * Sensitive data paradox: HR or payroll data often remains restricted from external partners — a best practice in many organizations. The key is to ensure that any sensitive information, whether shared internally or externally, is managed with appropriate governance, caution, and confidentiality. Efficiency and effectiveness From their collective experience, the panelists observed several factors that influence efficiency and long-term success when comparing internal and external models: * Internal team members often complete tasks faster due to deeper context and fewer administrative steps. * External involvement introduces hand-offs, paperwork, and re-onboarding overhead. * Partner availability and continuity can vary — context loss is common after long gaps. * Knowledge transfer is consistently more reliable within an internal CoE than between internal and external resources. Key takeaways To close the session, the panel summarized several universal lessons for organizations at any stage of their CoE journey: * There's no single formula for CoE success — design depends on scope, scale, and the strategic role of Anaplan. * CoE members should actively engage in community discussion forums and learning events to stay aligned with best practices and platform evolution. * Even small organizations should designate at least one Key User to retain model and process knowledge — a critical safeguard against data and continuity risk. Questions? Leave a comment! …………… Article contributors: Anton Mineev, Anton Suslov, and Dmitrii Mamaev — Certified Master Anaplanners and members of the Anaplan Eastern Europe & Middle Asia User Group.
🧩Mixing Numeric & Percentage Line items in Line-Item Subsets (LIS) - Use Ratio summary
When working with Line-Item Subsets (LIS) in Anaplan, you might’ve noticed something tricky - LIS works beautifully when your report mixes numeric values like Revenue and Cost, but the moment you introduce a percentage-based line item (like Margin %), things start breaking at the summary level. Recently, while building a financial report, we got this idea: 📊 The Situation My LIS included the following line items: * Revenue * Cost * Margin % At the month level, everything looked perfect. But when I rolled up the data to the quarter level, my Margin % started showing incorrect results —because the line item summary was set to SUM. Essentially, Anaplan was summing the monthly ratios instead of recalculating them using the quarterly totals. Even though the original formula was: Margin % = (Revenue - Cost) / Revenue the quarterly summary became misleading — it was simply adding up percentages instead of deriving the true ratio from aggregated values. 🧠 The Fix — Using Helper Line Items for Correct Aggregation To address this, I had to separate the calculation logic and introduce helper line items within my LIS module. Here’s how I solved it 👇 * Created two helper line items:* Margin % Numerator = Revenue - Cost * Margin % Denominator = Revenue * Set both helper line items’ summaries to SUM(so they aggregate correctly across time and hierarchy) * Set Summary method = Ratio in my target line item:* Ratio Numerator: Margin % Numerator * Ratio Denominator: Margin % Denominator Now, the model recalculates Margin % dynamically at Quarter and Year level —no more inflated or misleading ratios 🎯 💡 Key Takeaway Whenever you’re working with Line-Item Subsets that combine numeric and percentage-based metrics: * Use helper line items to separate numerator and denominator logic. * Set the summary method to Ratio instead of SUM or Formula. * Always validate calculations at higher levels of hierarchy to ensure data integrity. Accurate ratio aggregation is critical in FP&A, reporting, and modeling and this small design tweak can save you from big interpretation errors in your executive dashboards. Never sum ratios. Always recalculate them.
Securing your planning process: best practices for Anaplan cybersecurity
Author: Tristan Colgate is a Certified Master Anaplanner and Managing Director at Fidenda. This month is Cybersecurity Awareness Month and cybersecurity is an important topic for anyone involved in developing and maintaining Anaplan solutions. We are often storing sensitive information such as financial, employee, customer, commercial, and operational data in our Anaplan models; it’s essential that we take the security of this information seriously. There’s a wealth of information on this topic on the Anaplan website, both in the help, product information and community pages. My purpose is writing this blog was to bring that information together in one place — at a high level — to give an overview of all security considerations. It should be seen as a starting point for anyone tasked with ensuring that their organization’s Anaplan solution is as secure as it can be. Understanding Anaplan's security foundation Before diving into specific security practices, it's important to understand that Anaplan was built from the ground up using the core principles of information security, known as the AIC triad: * Availability: Ensuring that information and systems are accessible when needed by authorized users. Anaplan achieves this through redundant infrastructure, geographically distributed data centers, and robust business continuity measures. * Integrity: Maintaining and ensuring the accuracy and consistency of data throughout its entire lifecycle. Anaplan employs ACID-compliant (Atomicity, Consistency, Isolation, Durability) transaction principles to guarantee data remains in a known, valid state. * Confidentiality: Preventing the disclosure of information to unauthorized individuals or systems. Anaplan implements this through comprehensive access controls, encryption, and secure data transmission protocols. With this foundation in mind, let's explore how organizations can enhance security across different aspects of their Anaplan implementation. User access: The first line of defense The most sophisticated security infrastructure can be compromised by poor user access practices. Here are essential considerations for securing user access within your Anaplan environment: Single Sign-On (SSO) implementation Nowadays almost all organizations use SSO to control user access to their enterprise IT solutions. I strongly recommend expanding SSO coverage to include Anaplan. This brings several benefits. * Streamlined authentication: Users access Anaplan through your organization’s identity provider, reducing password fatigue and creating a more seamless experience. * Enhanced security: SSO supports multi-factor authentication (MFA), dynamic filtering, and customer policy controls. * Centralized control: User access can be immediately revoked through your identity management system when staff leave or change roles. * Compliance support: Simplifies audit trails for access management and demonstrates good security governance. * Reduced administrative burden: Decreases help desk tickets related to password resets and account lockouts. Anaplan's SSO capabilities are SAML 2.0 compliant and integrate seamlessly with major identity providers like Okta, Ping, Entra ID (formerly Azure AD), and other SAML 2.0 identity federation services. Setting up SSO typically requires coordination between your IT security team and Anaplan administrators, but the security benefits far outweigh the initial setup complexity. Set up is performed in the Administrator console. If your organization doesn’t use SSO, then access to Anaplan will be secured through users entering passwords. Rest assured that Anaplan enforces several policies to ensure password security: * Password complexity requirements: Minimum eight characters, at least one uppercase, one lowercase, one numeric. * Password lifecycle management: Mandatory password changes every 90 days. * Account protection: lockout after several consecutive failed login attempts, automatic session termination after a period of inactivity, secure password reset processes. * Admin controls: forcing password resets, audit logging of password-related activities. Endpoint protection Securing the devices from which your end users access your Anaplan environment is equally important. Your organization likely already has policies governing the following, but for completeness I recommend the following: * Device security: Ensure company devices have up-to-date antivirus/antimalware protection. * Patch management: Apply regular security patches and updates to operating systems and browsers. * Browser security: Ensure users are not able to install browser add-ons that have not been verified by your security team. In particular there are browser extensions that advertise features that make Anaplan Model Building easier. I would recommend not using these extensions as, by their nature, they are given access to analyze the content of Anaplan screens and so could have access to sensitive information. I recommend only trusting functionality from Anaplan in this regard. * Mobile device management: Implement policies to secure smartphones and tablets that access Anaplan. * Network security: Configure firewall rules and IP allow listing for Anaplan access. * Public access restrictions: Educate users about the risks of accessing Anaplan from unsecured public networks. * Other: Many organizations implement a secure workspace policy that specifies requirements for devices accessing business-critical applications like Anaplan, including automatic screen locking, disk encryption, and minimum security software requirements. Integration security: protecting data in transit As Anaplan connects with other systems in your enterprise architecture, securing these integrations becomes critical to maintaining your overall security posture. Integration options overview Anaplan offers several methods for data integration, each with specific security considerations: * Manual file upload/download: Simple but requires governance around file handling. Ensure the locations in which files are situated are secured. * Anaplan Connect: Command-line Java executable that can be installed on-premise behind the firewall and connects with Anaplan via the API. Here, ensure restricted access to the Anaplan Connect configuration and executable files on the operating system where they reside to prevent them being adapted to compromise security. I recommend using certificate authorization, rather than storing usernames and passwords in configuration files. * Anaplan CloudWorks: Native connectivity to cloud storage solutions like AWS S3, Google Cloud Storage, and Azure Blob Storage. The security features of these platforms should be used to (a) restrict user access to file locations and configuration and (b) use allow lists to ensure only traffic from Anaplan sites is accepted when invoking services through their API. * Anaplan Data Orchestrator (ADO): An integration platform with standard extractors, transformation capabilities, and loading functionality. As with CloudWorks, this provides access to hyperscaler platforms, with similar considerations around security. ADO also provides access to other platforms such as Snowflake and SQL Server — the same principles as those for hyperscaler access are recommended, with attention to the specific nuances of those platforms. * APIs: Rich suite of APIs for programmatic interaction with Anaplan. See section below for best practice security considerations here. * Third-party ETL tools: Various commercial ETL tools with Anaplan connectors API authentication and authorization When using Anaplan's APIs, I recommend implementing these security best practices: * Certificate-based or OAuth2 authentication: Use certificates or OAuth2 rather than basic authentication where possible. Basic authentication requires usernames and passwords to be stored, which can compromise security. * Least privilege: Apply the principle of least privilege for API access, granting only necessary permissions to the Anaplan user account being used for authentication. Use the role-based authorization functionality of Anaplan to achieve this. * Monitoring: Track API usage for unusual patterns that might indicate security issues. * Error handling: Implement secure error handling that doesn't expose sensitive information. API documentation should be treated as sensitive information, and access to API keys should be strictly controlled through your organization’s secrets management process. Anaplan's built-in security framework Anaplan provides a multi-layered security architecture that organizations can configure to meet their specific security requirements. I recommend careful consideration at the beginning of any project to ensure the set-up of tenants, workspaces, models and user roles supports data security requirements, as well as functional requirements. Below, I go through each level of the framework and explain the key decisions and considerations as regards security. Tenant-level security The Anaplan tenant represents your organization’s dedicated Anaplan environment: * Isolation: Tenants are completely isolated from other customers' environments. This gives you built-in confidence that your data cannot be accessed beyond your organization. * Administrative control: Tenant administrators manage global settings and user access. * Configuration management: Security settings like SSO, certificates, and IP allow lists are managed at this level — ensure these are set to optimize security of your data. * Audit capabilities: Comprehensive logging of administrative actions — I recommend processes to regularly review these logs from a security perspective. Tenant administration should be limited to a small group of trusted administrators with appropriate security training. Workspace structure for security isolation Workspaces provide an additional layer of isolation within your Anaplan tenant. In particular, it enables you to grant user access at the Workspace level. I recommend designing your workspaces with the following in mind from a security perspective: * Sensitive data segregation: Place models with particularly sensitive data in dedicated workspaces. * Functional segregation: Separate workspaces can be used to segregate models and data from a process perspective; this can be helpful in managing different sets of users who access different models within the tenant. * Development/test/production: Separate production models from development and testing environments. This enables wider access being granted to development and test environments that can be populated with ‘dummy’ data so that productive workspaces can have tighter user security to control access to sensitive company data. A well-designed workspace structure balances security considerations with usability, ensuring appropriate data isolation without creating unnecessary silos. Model security configuration Anaplan’s model-level security settings represent a sophisticated framework for ensuring that users can only access the data and functionality they are entitled to. I recommend not leaving configuration of these settings until the end of the implementation project. Rather, the architecture of the Anaplan solution should be designed from the ground up with security considerations in mind — this will have an impact on the structure of lists, modules, and app screens. * Model roles: Create specific roles based on business function or data access requirements — design of your model roles should go hand-in-hand with the process design you perform during Foundations. Good process design will include a definition of the actors in the process, their roles, responsibilities, and data access needs. * Module access: Control read/write/none access to specific modules within a model. Being specific about access at this level ensures that user access defined at the app level cannot be bypassed by users accessing the underlying model. * Selective access: Restrict access to specific lists and list items on a user-by-user basis. As well as ensuring data security, sophisticated use of selective access to risks enhances the user experience by ensuring that users only see relevant data in drop-downs and reports. * Dynamic cell security: Implement cell-level access control for highly granular security. This is particularly useful in detail examples where, for example, granular data (e.g. employee salaries) should be masked from certain users, perhaps with aggregates being visible. * App security: Access to apps and individual pages should be set through the user roles. Not only does this enhance security, but it simplifies the user experience by only exposing functionality relevant to the user and their role. Sensitive data protection Beyond access controls, consider these measures for sensitive data: * Data masking: Mask sensitive personal data when displayed in dashboards. * Aggregation: Use aggregation for reporting on sensitive information to prevent identification of individuals. * Data classification: Implement a classification system for data within Anaplan to guide security controls. * Minimum necessary: Apply the principle of minimum necessary data, importing only required fields. * Retention policies: Establish clear data retention and archiving policies aligned with regulatory requirements. Monitoring and governance Maintaining security requires ongoing vigilance and governance processes: Audit and monitoring * Log review: Regularly review Anaplan audit logs for unusual activity patterns. * Access reconciliation: Periodically verify that user access matches authorized levels. * Activity monitoring: Monitor system usage for anomalies that might indicate security issues. * Integration monitoring: Track the performance and security of integration processes. * Alerting: Implement alerts for critical security events requiring immediate attention. Security governance * Regular reviews: Conduct periodic security reviews of your Anaplan implementation. * Access recertification: Implement regular access recertification processes. * Policy enforcement: Ensure adherence to organizational security policies. * Documentation: Maintain current documentation of security controls and configurations. * Training: Provide regular security awareness training for Anaplan users and administrators. Ensure that your COE has clear responsibilities for establishing Anaplan security governance. Conclusion As we mark Cybersecurity Awareness Month, it's worth remembering that security is a shared responsibility. Anaplan provides robust security foundations — from data encryption to granular access controls — but effective implementation requires thoughtful configuration and governance by your organization. By implementing these best practices, you can ensure your Anaplan environment remains secure while continuing to deliver the planning insights your business relies on. Security should be viewed not as a barrier to effective planning but as an enabler that provides confidence in the integrity and confidentiality of your planning processes and data. The most effective approach to Anaplan security combines technical controls with clear policies, ongoing governance, and user awareness. By addressing security holistically across your Anaplan implementation, you create a foundation for trusted planning that supports your organization’s strategic objectives. Questions or anything to add? Leave a comment!

Connect with Stacey!

Questions?

For questions about the program, recertification points requirements, or your involvement please reach out to MasterAnaplanners@anaplan.com!

StaceyB