Reauthorization in Account Center

Introduction

Chico State's Account Center (link) is used to reauthorize user access to campus applications and systems that contain protected Level 1 or Level 2 data. CSU Information Security Policy ISO Domain 9: Access Control requires that "Appropriate campus managers and data owners must review, at least annually, user access rights to Information Assets containing Level 1 or Level 1 data.  The results of this review must be documented". 

This knowledgebase article outlines the steps which ReportsTo MPPs (managers) will need to follow in order to accomplish that task for their employees who are authorized to access these systems.

Applications Requiring Annual User Reauthorization by Campus "ReportsTo" MPPs:

User access to the following campus applications require annual reauthorization by campus "ReportsTo" MPPs which includes all employees who report to them:

  • PeopleSoft CS is used for student records, Admissions, Financial Aid, class scheduling, student advising, and more.
  • PeopleSoft HR is used for student payroll, absence entry and approvals, state employee job data, state employee self service.
  • PeopleSoft CFS is used for budget and actual transactions, procurement card reconciliation.
  • CR&A delivers academic and student-related data to authorized campus employees in the form of customized reports.
  • Perceptive Content is the university's electronic document management system, which is used for scanning, archiving, and retrieving documents.
  • OnBase allows for scanning, storing, and retrieving paper documents and importing, storing, and retrieving electronic files. It also helps manage workflow by routing documents to custom-designed queues for individual departmental needs.

Actions Required by Campus "ReportsTo" MPPs

Once each campus "ReportsTo" MPP is notified to re-certify user access, the following actions in Account Center will need to be performed:

  • If an employee's job duties have not changed and require them to retain continued access to each campus application and role, the MPP will choose "Allow"

 

  • If an employee's job duties have changed, and no longer require them to be authorized to a campus application or role that they were previously assigned, the MPP will choose "Remove"

If there are any questions along the way, please send and email to cms-cs-anse-notice@csuchico.edu and an analyst on the ISEC team will reach you directly.

Opening the Recertification screen

  1. Log in to Account Center
  2. Click on 'Users' in the menu near the top of the screen, and then click on 'Recertification'

Authorizing access

  1. After you click on the 'Recertification' tab, a list of the users on your team that have access that needs to be reauthorized will be displayed.

  1. Click the triangle on the left side of the row to show the roles currently assigned to that user.  Application roles assigned to a user will display as a "Resource" within this view, and are individually associated to each campus system or application that is in scope of this annual reauthorization campaign (for example, CRA, OnBase, PeopleSoftCFS, PeopleSoft CS, etc)

  1. To see detailed information about a role, click the arrow next to 'Resource' in the list of roles.

  1. For each role, choose whether the user should keep that role ('Allow') or whether access to that role should be removed ('Remove')

  1. When you have made a decision for each role, click the 'Submit Changes' button

  1. If desired, you may enter comments about your choices. Then click the 'Submit' button.

  1. Repeat steps 2 through 5 for each remaining user, until all access has been reviewed.

Details

Article ID: 113666
Created
Tue 11/7/23 4:26 PM
Modified
Wed 11/15/23 11:35 AM