• No results found

Data Access Procedures

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Data Access Procedures"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Data Access Procedures

Rev. 1.9.5

Effective Date: November 2, 2005 Last Review Date: February, 2015

Directly in support of the following Policy Document(s): Georgia Institute of Technology Data Access Policy

The following are responsible for the accuracy of the information contained in this document

Responsible University Officer

Associate Vice President / Associate Vice Provost for Information Technology and Chief Information Officer (CIO)

Responsible Coordinating Office

Office of Information Technology (OIT)

1. Executive Summary

This document is in direct support of the Georgia Institute of Technology Data Access Policy and is included by reference in the policy. This document sets forth guidelines and procedures for requesting access to Institute Data, and in particular to Sensitive Data as defined in the Data Access Policy. This document shall be subject to periodic changes and updates, as necessary, independent of the policy document itself.

(NOTE: Phrases shown in italics at their first occurrence in this document are defined in the associated IT Policy Definitions - Standards Document No. 05.GIT.170)

2. Procedures

a. Data Coordinators assist with data classification. Data Coordinators grant access to the data within their purview according to criteria defined for specific access requirements. For example, some types of access require training, the establishment of user accounts, and awareness of federal or State guidelines restricting data access.

b. Authorized Requesters represent a campus unit or group of campus units, and are appointed by someone with at least unit head authority. Every organization determines the best way to assign this responsibility based upon workflow, organizational structure, and job responsibilities.

(2)

represented.

d. Data Coordinators will provide assistance as required to Authorized Requesters to assure that access privileges are granted in accordance with the Policy.

e. The requests are initiated via email or applicable web form, and forwarded to the appropriate Data Coordinator. If the request requires electronic access to data, it is then forwarded to the appropriate Data Administrator for action.

f. Access requests should include the following information:

• Department Name

• User Name

• User ID (if one has already been assigned) • Job Title

• Phone Number

• What Data/Role & Why (Data Coordinators will provide assistance) • Access End Date (some individuals only require temporary access)

• All expected user groups for the data requested (i.e. will the data be released

to third parties?)

Note: Any change or extension to the original intended use of the data requested (as documented in the original access request), such as a new application being developed using data for which access was previously granted, shall require a new access request explicitly documenting such change or extension.

g. All data access requests must have a minimum of three certifications: i) Data User: acknowledging having received the Institute’s Data Access Policy; ii)

Supervisor/Departmental Certification: authorizing data user to access data based on job responsibilities, and verifying the accuracy of the information conveyed on the data access request form; and iii) Technical Certification: approval of the corresponding

Technical Authority for the data user’s department, certifying the technical compliance of

the client and/or server machines to be used by the data user to access the information. Additional certifications may be required by individual department policies and/or systems.

h. If an individual is requesting access to data that has associated prerequisites, such as Banner and PeopleSoft training, or review of Family Education Rights and Privacy Act (FERPA) and/or Gramm-Leach-Bliley Act (GLBA) Sensitive Data Access guidelines, then the Data Coordinator will ensure that the prerequisites have been met prior to approval.

i. Data Coordinators and Data Administrators will maintain electronic archives of all requests. Data Administrators will serve as the point of contact for related audit reviews. j. Data Administrators will maintain a repository of information regarding the data

(3)

Authorized Requester

Initiate request to create, change, or terminate access privileges.

Three signatures required for new requests: User, Supervisor, Technical Certification

Procedure for Requesting Data Access to Institute-wide Systems

(as of February 2015)

Data User

Requires access in the performance of job responsibilities.

(Define access requirements)

Appropriate Data Coordinator Cargill, Shalonda PeopleSoft HR GTDW Employee Data Hayes, Zach Banner Student GTDW* Student Data Gibson, Carol PeopleSoft Financial GTDW Financial Data Mason, Sandy PeopleSoft SPD PeopleSoft Grants GTDW* SPD Data GTDW* Grants Data

Hutchison, Garry (Duane)

Office of Sponsored Programs

Bamburowski, David

Graduate Admissions

Cozzens, Susan

Faculty Data (Non-HR Data)

Data Administrator

Review requests Enable access Maintain authorization records

Data Coordinator

Matches to request

Authorized Requester

Matches to request

Data User

Approve & forward email notification

Annotate & forward email notification

Training required?

Authorization Form User Packet

Email request includes:

1. Department 2. User Name 3. User ID 4. Job Title 5. Phone Number 6. What Data & Why 7. Access End Date 8. List of all intended user groups for requested data (incl. third parties).

Yes

No

Obtain Authorization

Pick up copy *GTDW=GT Data Warehouse

(4)

Banner Student Information Faculty Access System (as of February 2015)

Data Warehouse Employee Data

· HRMS · Payroll

Data Warehouse Financial Services Data

· Chart of Accounts · Ledger Posting Detail · Grants & Contracts Accounting · Salary, Planning & Distribution

Data Steward: Reta Pikowsky, Registrar Data Coordinator: Zachary Hayes Associate Registrar

Data Warehouse Student Data

· General Student Information · Student Major · &· Degree(s) · Transfer Credits

· Student GT Grades

· Student Term Data (Hours · &· GPA) · Course Instructors

· Current / Future Course Schedule(s) · Student Activities

PeopleSoft HR/Payroll Data Steward:

Kim Harrington

Associate Vice President - OHR

Data Coordinator: Shalonda Cargill,

Director HR Information Services

PeopleSoft Financials PeopleSoft SPD Data Steward:

Jim Fortner,

Associate Vice President - Financial Svcs

Data Coordinator:

Carol Gibson, Associate Controller

Data Coordinator:

Sandy Mason,

Director - Grants & Contracts Accts.

Office of Sponsored Programs OSP System

Data Steward: Jilda Garton,

Associate Vice Provost - OSP

Data Coordinator: Duane Hutchison,

Director - OSP

Graduate Admissions Data Data Steward:

David Bamburowski, Director - Graduate Studies

Faculty Data - Non HR Data Data Steward:

Susan Cozzens, Vice Provost

(5)

3. Revision History

Revision Number Author Description

1.9.5 Jimmy Lummis Updated Data Stewards and Coordinators

1.9.4 Jimmy Lummis Updated Data Access Request diagram

1.9.3 Herb Baines Updated Data Stewards diagram

1.9.2 Richard Biever Updated Data Coordinator contact information

References

Download now ( PDF - 5 Page - 228.98 KB )

Related documents

waste-Bansal-Classes-Study-Core-Material-MODULE-3-IIT-JEE-2012 (1).pdf

- computers, digital audio tapes (DAT), digital cameras etc. Information on a CD is stored in digita l format. There are no harmonic and intermodulati on distortions. Free from wow

2014 Eye Care Provider Directory

If you have questions about South Country Health Alliance or require assistance in selecting a primary care provider, please call Member Services at the number on the inside

PeopleSoft Enterprise Electronic Data Interchange 9.1 PeopleBook

File Layout Definition: SALES_QUOTE_LOAD Message Name: SALES_QUOTE_LOAD Queue: SALES_QUOTE_LOAD Handler: SalesQuoteLoad Batch Publish Rule: N/A File Rule: SCM_INBOUND_EDI

PeopleSoft FSCM 9.2: Electronic Data Interchange

"Understanding Sales Order and Quotation EIPs in PeopleSoft Order Management (PeopleSoft FSCM 9.2: Order Management)" File Layout Definition: SALES _ORDER_LOAD Message

ENTERPRISE APPLICATIONS REQUEST FOR PROPOSAL Enterprise Data Encryption

o Be sure to address encryption of data at rest in Oracle DBMS v10 and higher, running in a client-server environment for PeopleSoft ERP systems (HR, Student Administration,

PeopleSoft Enterprise Mobile Time and Expense 9.0 PeopleBook

PeopleSoft Expenses is used to define time and expense report control data for download to PeopleSoft Mobile Time and Expense, and PeopleSoft Mobile Time and Expense is used

ImageNow Document Scanning and QA Created on 8/15/ :38:00 AM

When using the ImageNow Printer capture profile in Single Mode, you must have PeopleSoft open to allow ImageNow to link the appropriate student data to the document being

The cloud-radiative forcing of the U.S. landfalling atmospheric rivers

along with the ARs in satellite imagery (e.g., Luo, 2013), and persistent ice clouds are found in the WCB simulations (Madonna et al., 2014), it remains unclear how they influence