The following message was sent to Approvers on Professor Graham Virgo's behalf on 29 January 2018 by the Project Manager, Audrey Leyland.
Dear colleague,
I write as Chair of the Student Information Systems Committee which recently approved the CamSIS Policies and Procedures for User Access, which detail the responsibilities of CamSIS User Access Approvers, of whom you are one.
A recent internal audit raised concerns about our control processes. These need to be both more efficient and more secure. In response, and as of last August, requests for access to CamSIS are now managed by CamSIS User Access Approvers (two within each College, Central Office, Department or Faculty) rather than the CamSIS Helpdesk at UIS.
You will be aware of the project within the CamSIS Improvement Programme which aims to simplify CamSIS user roles so that staff using the system who have similar jobs within similar organisations within the Collegiate University have standardised levels of access. This will simplify the processes for setting up and monitoring staff users’ access to CamSIS. The project is also improving the processes involved in providing new users with access to CamSIS, and allowing existing users to request new or changed access. As part of this work, we have also created a tool to enable you, as an Approver, to audit (that is, to verify) those users you approve. Online training material is available that explains why the audit tool is necessary and how to use it.
Approvers’ responsibilities
Every six months (in March and September each year), you will need to complete an audit of users’ access to information on CamSIS relating to your area of the institution. The audit is to verify that all users associated to your organisation still require access to CamSIS. If user access is not appropriate, you need to inform CamSIS Helpdesk through the registration form. (see CamSIS Policies and Procedures for User Access).
If the audit is not completed in March and September each year within one calendar month, unaudited (that is, unverified) accounts will be locked in order to ensure the University continues to be compliant with its data protection duties. The CamSIS Service Manager will monitor audit activity.
I thank you again for the user audit(s) you have already completed to date. If you have questions, please see the information about the User Roles and Approvals project on the CamSIS Improvement Programme website. This includes a number of FAQs.
Best regards,
Professor Graham Virgo
