HOME
| UTORprotect |
DOCUMENTATION
|
AMS/ROSI
|
SERVICES
|
CONTACT
AMS/ROSI

Access Control Guide

 

Purpose

This documents outlines the responsibilities of Access Control Representatives.


Scope

Access Control Representatives are designated by each Department for the purpose of coordinating access control requirements for users within their department only. However, where the number of users within a department is too small to warrant the designation of one staff member to act as Access Control Representative, a Division may decided to designate one individual to act as Access Control Representative for two or more departments.

It is recommended that a backup to the Access Control Representative be designated in order to ensure that there is no interruption of service when the primary representative is away or unavailable to assist users.


Responsibilities

The Access Control Representative’s primary responsibility is to coordinate access control requirements for users within their department.

Responsibilities include:

  • Ensuring that users complete the required access request forms when requesting access to administrative systems.

  • Ensuring that access requests are completed correctly and that proper authorizations for the access request has been obtained.

  • Authorizing access requests as delegated by management.

  • Helping users with access problems, including:

    • contacting Computer Security Administration on behalf of users who forget their password or PIN (Personal Identification Number)
    • contacting Computer Security Administration on behalf of users if their User ID or SecurID card is suspended by the system
    • helping new users with logon procedures
    • helping users with the SecurID logon procedure when first assigned a SecurID card

  • Informing Computer Security Administration when any of their users leave the department or terminate their employment with the University.

  • Deleting access when users are terminated or when they leave the department (if so authorized).

  • Keeping copies of access request forms on file for review by audit and Computer Security Administration staff when necessary.

  • Distributing security guidelines and other documents provided to them by Computer Security Administration.

  • Ensuing that users are aware of security requirements, procedures and policies.

  • Acting as the primary contact with Computer Security Administration and other Computing & Networking Services staff on matters relating to computer security and access control services on behalf of users within their department.

  • Reviewing user lists provided by Computer Security Administration in order to maintain the security databases and tables current.
©2013 - University of Toronto Information + Technology Services, All Rights Reserved.