Access to Information Technology and Reassignment (Procedure 7.0100)
|Based on board policy number and Florida Statutes:
||F.S. 1001.64; 1001.65; F.A.C. 6A-14.0261; College Policies 7.010, 7.020
|Date of Review:
To define and outline the procedure for the timely activation of access to the College's information technology systems as it relates to new faculty and staff and those whose work assignment has changed.
Account - Refers to the computer access account, which is established for each person who is provided with access to the College's information technology systems.
Locked - The information technology system account is considered locked when it is no longer available to the user in any capacity.
Employee Roles - Refers to the computer access provided to employees in order for them to accomplish their duties and responsibilities.
Instructor Roles - Refers to the computer access provided to employees who teach students.
Student Roles - Refers to the computer access available to students of the College. Employees who are students of the College are provided with student roles in addition to any employee roles they might be provided in order to accomplish their duties and responsibilities.
Row Level Security – Specifies the data that a particular user is permitted to access.
Contingent Worker/Person of Interest – Refers to an unpaid worker; can be a volunteer or be paid through a temporary employment agency. The type of worker is not classified as an employee.
- User Access
The functional requirements listed in each job description will provided the basis for determining the type of access and the level of security needed by the employee holding that position. The general user access required will be tracked by position.
Access to information technology production application environments is granted to the User upon receipt by the Computing and Telecommunications Services Department (CTS) of a completed and properly approved User Access Request Form (electronic or hardcopy.) A single form (available online) may be used to add, change, or terminate User access.
Note that if the User requires access to payroll administration, schedule building, or the financials system, the User must attend mandatory training before access will be granted.
Steps to Gain User Access(for faculty, staff, contingent worker/person of interest)
- The User completes all sections of the User Access Request Form.
- The User’s Supervisor signs the form and forwards it to the appropriate Dean or Director.
- The appropriate Data Steward (see Procedure 7.0500 Data Classification, Security, and Roles) signs the form and forwards it to the CTS Security Administrator for processing.
- The Security Administrator sets the User up with the requested access.
- The Security Administrator will notify the User and the Supervisor when access has been established.
- The User will be assigned a Userid and a temporary password to be used to access the system. The Userid is a unique identifier associated with the person assigned to it by Computing and Telecommunication Services. All use of the Userid (or files associated with it) is assumed to be performed by the person assigned to that Userid.
- Upon accessing the system, the User will continue to use the assigned Userid but is required to change the temporary password to a new password known only to the User.
A password is private information and each User is responsible for safeguarding his/her own password. Passwords to restricted data must not be shared and it is against College Policy and Procedure to use another's Users account or file.
Failure to conform to these restrictions may lead to suspension of Userid or other action as provided by the College’s disciplinary action procedure.
- Reassignment and Notification
If a User’s status, job responsibilities, or other related situation changes, the User’s Supervisor must notify the Office of Human Resources as well as CTS, using the appropriate process or form. Such changes may include a change in department, position, supervisor, functional requirements, modifications in the User’s access needs, or even a name change. Such notification should be sent prior to the effective date of the change.
Notification to CTS
The User/Supervisor should complete a new User Access Request Form and follow the steps listed in Section A above to notify CTS and explain the changes needed in the User’s security access.
Within two (2) business days of receiving notice of job assignment change, CTS will review the computer access accounts and take appropriate action which may include removing or reassigning User access; notifying department managers and supervisors; and notifying system functional analysts. CTS will maintain records showing the timely reassignment of employee and Contingent Worker/Person of Interest access to information technology systems.
||President, E. Ann McGee