Contents
- Introduction
- Eligibility
- Application and approval process
- User responsbilities
- Approver responsibilities
- User Account Review (UAR) audit
Introduction
Scope
This policy outlines the rules relating to authorising, monitoring and controlling access to accounts and privileges for Student Information System (‘CamSIS’), including how new users are authorised and granted appropriate privileges, as well as how these are reviewed and revoked as required.
It is intended for internal use only.
Purpose
Confidentiality, Integrity and Availability are fundamental aspects of the protection of systems and information and are achieved through physical, logical and procedural controls. It is vital that authorised users who have access to University systems and information are aware of and understand how their actions may affect security.
- Confidentiality – Ensuring that data is only able to be accessed by authorised individuals, with access that is commensurate with the level at which they require to do their job.
- Integrity – Ensuring that data is accurate, complete and safeguarded from unintended changes that affect data quality.
- Availability – Ensuring that systems are physically secure and accessible by authorised individuals when required, and able to be suitably controlled using a robust access and security model.
Responsibility for Confidentiality and Integrity sits with data owners, whereas the responsibility for Availability sits with the Service Provider – in this case, University Information Services (‘UIS’) and the Student Information Systems team.
Data governance
The Student Information System (‘CamSIS’) is the University's comprehensive system for handling student information, records and transactions. As the official repository of a student’s record from application all the way through to graduation, it is used by staff, students and alumni to manage and extract student data. It is also the source of statutory governmental reports that secure the University’s funding. Data processed within the Student Information System (‘CamSIS’) is jointly owned by the University and Colleges of Cambridge, with the exception of College-specific fields which are owned solely by the relevant College. The University and Colleges are together responsible for keeping the data in CamSIS up to date.
Data accuracy
The University submits a number of statutory returns, and each one calls for a different set of student record data fields. Student Registry and the Business Information and Strategic Insights (‘BISI’) team oversee data quality assurance procedures to find and fix any data problems that can affect the filing of these returns to ensure accurate reporting.
Data protection
Data stored within CamSIS is subject to relevant Data Protection legislation. Information and guidance on Data Protection and how student data may be used is available at https://www.information-compliance.admin.cam.ac.uk
User security
User security is applied to users of CamSIS on a per-user basis and consists of three separate types - Role, Permission and Row-level security.
- Roles are the highest level of access and group together sets of Permissions to allow users access to specific pages within the system
- Row-level security allows users to see specific sets of students and in some cases, specific data fields on each page
Data stored within CamSIS is complex, and as a result the security model is also complex. For this reason we have created comprehensive documentation known as the User roles access matrices to help users understand the types of roles available and what security access each role is given. Roles are allocated after consideration of the business requirement, and approval by nominated approvers so that access is only given to the extent needed. This is reflective of the "principle of least privilege" in which users are granted the minimum level of access to the organisation's data that is required to perform their job.
Training and procedural guidance
Employees of the University and Colleges, as well as Students, can access CamSIS training on Moodle as well the Guideline to maintaining the student record produced by the Student Registry. This training provides step-by-step guides on how to carry out data entry in CamSIS, explain their necessity, and specify who has the authority to archive or remove student information.
Eligibility
Who can access CamSIS?
Full access is available for staff in University Central Offices, with staff in Colleges and Departments granted a restricted view according to their College or Department affiliation. Applicants, Students and Alumni are also granted access based on their current status with the University.
Criteria
The user must either be a current matriculated student, alumni, postgraduate offer holder, or a member of staff supervising students or working in a relevant administrative role for a specific business requirement. Aside from self-service activities, only relevant and trained staff will be eligible and are subject to approval by nominated approvers in each separate institution.
User accounts are protected by two-factor authentication ('2FA') and it would be unsuitable for someone to gain access who has no need to look at student records, or those who do not hold a University Account.
Application and approval process
University, College and Departmental staff
A user wishing to access CamSIS should complete the online form and submit it for authorisation before it is sent to the CamSIS team for processing. The form must be authorised by the approver in order to meet the requirements of the Data Protection Act. This is an automated process handled by the University's internal helpdesk software.
There are a number of prerequisites needed before a user will be granted access to CamSIS:
- a valid CRSid
- an active University account
- a completed CamSIS User Request form with confirmation that the user has completed any relevant training for their role
- approval by a the approver responsible for CamSIS access within the Office, College or Department
Once the CamSIS account is created, further amendments or account cancellations must be processed through the same form and approval process.
To request, amend or cancel an account please visit CamSIS accounts, which is also where you can find out who the approvers are.
Applicants
Postgraduate applicants will automatically receive access to Postgraduate Self Service once they become an offer holder. For further details please see Tracking and managing your application.
Students
New students gain access to Student Self Service via the Student Registration process. For further details please see Student registration - new students.
Alumni
Alumni are able to access Extended Self Service (ESS) by using a simple registration and verification form. For further details please visit the Extended Self Service section of the University website.
User responsibilities
Responsibilities
As a user of the system you will be asked to agree to the Terms and Conditions. This will include agreeing to the following policies:
Users should also ensure that they have received appropriate basic training according to the needs of their role. For further details please see our CamSIS training courses on Moodle.
Breaches of compliance
In most cases, the approach to breaches will be to provide supportive guidance and educational material. However, users should be aware that consequences of a breach could include temporary or permanent removal of access to University information services. In addition, each policy has its own set of outcomes that will apply under certain circumstances, up to and including the initiation of discplinary procedures and ultimately, dismissal.
Any user found to be committing unlawful activity may be reported to the police or other law enforcement agency.
Approver responsibilities
Responsibilities
All approvers must have access to CamSIS in order to carry out User Access Review ('UAR') audit. Alongside the normal responsbilities of a user as stated in the section above, approvers therefore have additional responsibilities:
| Responsibility | When |
|---|---|
| Complete the CamSIS Approval and Audit training | On appointment and recommended every two years |
| Ensure their organisation has a minimum of two approvers at all times * | As required |
| Requesting amendments to approvers at their organisation using a CamSIS User Request form | As required |
|
Approving CamSIS User Request forms for
|
As required |
| Completing User Access Review ('UAR') audit on all users with CamSIS accounts in their organisation | Every six months, per user |
| Remain a subscriber to the uis-camsis-approvers mailing list (all new approvers will be auto-subscribed) | As required |
* If an organisation is unable to have at least two approvers at all times, please inform the CamSIS Service Desk.
Breaches of compliance
In most cases, the approach to breaches will be to provide supportive guidance and educational material. However, approvers should be aware that consequences of a breach could include temporary or permanent removal of CamSIS access and the ability to approve CamSIS User Request forms for their organisation.
Serious breaches may force us to temporarily suspend all CamSIS user accounts held by an organisation until we are satisfied that approvers are able to fulfil the requirements of their role. We will communicate with affected approvers first if we are planning to enforce this part of the policy.
User Access Review (UAR) audit
Overview
A user access review (UAR) audit, also referred to as a user access review or user access certification, is a systematic process designed to ensure that individuals within an organisation have appropriate access privileges to systems, applications, and data. The primary objective of a UAR audit is to review and verify the user access rights and permissions, ensuring adherence to the principle of least privilege and compliance with the User access and audit policy.
The responsbility for completion of the UAR audits sits entirely with the approvers nominated for each organisation. The list of approvers can be downloaded from the CamSIS website.
We recommend that UAR audits should be completed on a rolling basis - meaning that in order to remain 100% compliant, approvers would be best reviewing user accounts more frequently than is required by the minimum stated in this policy.
Note that approvers cannot audit themselves. This is a core reason why at least two approvers are required per organisation.
What we mean by "compliant"
A compliant audit is where a specific role for a user has been audited within six months of:
- the date at which an active role is deemed as started (the "Start Date"), or
- the date of the last recorded audit for an active role
Compliance is therefore not determined as a cumulative look at all a users' roles. Rather, it is determined on a role-by-role-by-user basis.
Training
We provide mandatory training and a useful user guide for all approvers via our training site on Moodle. All new approvers are required to complete this training as a condition of their approver access being granted. We also recommend that existing approvers review the guide every two years to keep their knowledge fresh and up to date.
Monitoring
All activity related to the UAR audit is closely monitored by the CamSIS team to ensure each organisation and approver is compliant with the policy - particularly when it comes to the minimum audit requirements stated in the approver responsibilities section.
In order for approvers to understand their current audit status and complete the audit according to the minimum audit requirements, we have* provided two tiles:
| Tile name | Details |
|---|---|
| User Audit Monitor | Gives approvers quick visual feedback about audit compliance |
| User Audit Tools | Gives approvers quick links to tools that help them complete and monitor the audit - including a new User Audit Report |
* These tiles will be available to approvers to add to their CamSIS homepage from early 2025. Information will be provided.
Breaches of compliance
In most cases, the approach to a breach will be to provide supportive guidance and educational material. If audits are not consistently carried out against the minimum audit requirements then we may have to temporarily suspend all CamSIS user accounts held by an organisation until a UAR audit is completed to our satisfaction. We will communicate with affected approvers first if we are planning to enforce this part of the policy.