UNIVERSITY OF PITTSBURGH PROCEDURE \ 10-02-04
CATEGORY: SUPPORT SERVICES
SECTION: Computing, Information, and Data
SUBJECT: Data Administration
EFFECTIVE DATE: January 16, 1990
I. PURPOSE
To define the process for requesting on-line access to
University data.
II. SCOPE
This procedure applies to all departments and responsibility
centers requiring University data access.
III. DEFINITIONS
Data Administrator The individual within the University who
has overall responsibility for managing University data,
maintaining and publishing the Data Element Dictionary,
approving requests for access to University Data, and
establishing University policies regarding the collection,
access, maintenance, use, dissemination, and protection of
University Data.
Data Element Dictionary The document published and maintained
by the Data Administrator which defines data elements that
comprise University data.
Data Element The smallest unit of data that has meaning to
its users.
CIS Security Administration The function within Computing and
Information Services which manages University administrative
data.
Responsibility Center The group of academic or administrative
departments, aggregated by function, which form the primary
cost centers of the University for the allocation of budgets;
e.g., schools, regional campuses, or administrative units
reporting to a senior officer.
University Data The collection of data elements essential in
performing the University mission, as defined in the Data
Element Dictionary.
Need-To-Know Basis An individual's need for access to
University data for the purpose of conducting University
business as required by the individual's specific job duties.
FAIS Account Administrator The individual responsible for
monitoring the departmental budget.
Master User or FAIS Account Administrator The administrator
responsible for allocating on-line transactions to
individuals within their area of responsibility.
ISIS Integrated Student Information System.
ADDS Alumni Donor Development System.
IV. ADMINISTRATIVE RESPONSIBILITIES
The Requester is responsible for initiating the request and
obtaining the necessary approvals required by this procedure
early enough to ensure on-line access by the date needed.
The FAIS Account Administrator must approve each Request for
University Data Access.
The Data Administrator must approve all requests for access to
University data and is responsible for ensuring that
requesters understand the policies regarding data access
received.
The ISIS Master User must approve all requests for SIGN Access
and is responsible for ensuring that users of the access
receive policies regarding data access and use.
The ADDS Master User must approve all requests for AIGN Access
and is responsible for ensuring that users of the access
receive University Computing, Information, and Data policies
regarding data access and use.
V. PROCEDURE
Responsibility Action
A. Establishing Initial Data Access
Requester 1. Complete and sign FORM 0081, Request for
University Data Access (Exhibit A), as
instructed in the attached Form
Instruction Guide.
2. Forward to the department FAIS Account
Administrator or Master User for
signature.
Master User/
FAIS Account
Administrator 3. Review and approve or deny the request.
4. If approved, sign FORM 0081, Request for
University Data Access.
Requester 5. Retain pink copy of FORM 0081.
6. Forward original (white), and yellow
copies of FORM 0081, to the Data
Administrator.
Data Administrator7. Review the Request for University Data
Access. Approve or deny the request,
in accordance with University policy.
8. Notify the Requester if the request is
denied.
9. If approved, sign FORM 0081 Request for
University Data Access. Forward FORM
0081, to the appropriate CIS Security
Administration for processing.
CIS Security
Administration 10. Process request. Sign FORM 0081, and
retain white (original) copy.
11. Notify the FAIS Account Administrator or
Master User, as appropriate, that on-
line access has been provided by
returning yellow copy of FORM 0081 with
User password. Distribute in a manner
consistent with distribution of
confidential information as defined in
Procedure 10-02-06, Administrative
University Data Security and Privacy.
B. Establishing a new Master User with SIGN/AIGN Access
Master User/
FAIS Account
Administrator 1. Submit a memo to the Data Administrator
identifying the Master User.
2. If the new Master User does not have a
user ID, complete and sign FORM 0081
Request for University Data Access
(Exhibit A) and process as in steps A1
through A11 above.
3. Complete and sign FORM 0086 Request for
SIGN Access, (Exhibit B), or FORM 0087
Request for AIGN Access, (Exhibit C) as
instructed in the attached Form
Instruction Guides.
4. Retain pink copies of FORM 0086 or 0087.
Forward white (original) and yellow
copies to the Data Administrator.
Data Administrator5. Review and approve or deny the request
in accordance with University policy.
6. Notify the FAIS Account Administrator or
Master User, as appropriate, if the
request is denied.
7. If approved, sign FORM 0086 or FORM 0087
and forward to the appropriate CIS
Security Administration for processing.
CIS Security
Administration 8. Process request.
9. Notify the FAIS Account Administrator or
Master User, as appropriate, that on-
line access has been provided by
returning yellow copy of FORM 0086 or
FORM 0087 with ISIS/ADDS Group IDs and
passwords. Distribute in a manner
consistent with distribution of
confidential information as defined in
Procedure 10-02-06, Administrative
University Data Security and Privacy.
C. Modifying Data Access
Master User/FAIS
Account
Administrator 1. Complete and sign FORM 0081 Request for
University Data Access (Exhibit A), for
each individual user.
2. Retain pink copies of FORM 0081.
Forward white (original) and yellow
copies of FORM 0081 to the Data
Administrator.
Data Administrator3. Review the request for University Data
Access. Approve or deny the request in
accordance with University policy.
4. Notify FAIS Account Administrator or
Master User, as appropriate, if request
is denied.
5. If approved, sign FORM 0081 Request for
University Data Access. Forward the
white (original) and yellow copies of
FORM 0081 to the appropriate CIS
Security Administration for processing.
CIS Security
Administration 6. Process request. Sign FORM 0081, and
retain white (original) copy.
7. Notify the FAIS Account Administrator or
Master User, as appropriate, that on-
line access has been provided by
returning pink copy of FORM 0081 with
User password. Distribute in a manner
consistent with distribution of
confidential information as defined in
Procedure 10-02-06, Administrative
University Data Security and Privacy.
D. Modifying SIGN/AIGN Access _
FAIS Account
Administrator 1. Complete and sign FORM 0086, Request for
SIGN Access or FORM 0087, Request for
AIGN Access, as instructed in the
attached Form Instruction Guides.
2. Retain pink copy of FORM 0086 or FORM
0087 and forward the white (original)
and yellow copies to the Data
Administrator for processing.
Data Administrator3. Review the request for modification of
SIGN/AIGN access. Approve or deny the
request in accordance with University
policy.
4. Notify FAIS Account Administrator/Master
User of the decision.
CIS Security
Administration 5. Return yellow copy of FORM 0086 or FORM
0087 to FAIS Account Administrator with
notification of request completion.
6. Retain white copy of FORM 0086 or FORM
0087.
FAIS Account
Administrator 7. Notify Master User of request
completion.
E. Reestablishing Expired Access
CIS Security
Administration 1. Advise Master Users of accounts that
will expire in two weeks.
2. Generate report at mid-month indicating
user IDs which have not been used in 75
days.
3. Submit the report to the Master User for
review.
Master User 4. Indicate on the report those IDs which
should be continued and return the
report to the CIS Security
Administration within two weeks.
NOTE: If the report is not returned to
the CIS Security Administration within
two weeks, all users listed will be
deactivated.
CIS Security
Administration 5. Deactivate those user IDs marked as
instructed by the Master User.
VI. EXHIBITS
- Exhibit A, FORM 0081, Request for University Data Access.
Form Instruction Guide.
- Exhibit B, FORM 0086, Request for SIGN Access.
Form Instruction Guide.
- Exhibit C, FORM 0087, Request for AIGN Access.
Form Instruction Guide.
VII. REFERENCE
- Policy 10-02-04, Data Administration.
- Procedure 10-02-06, University Administrative Data Security
and Privacy.
- Procedure 10-02-01, Computing and Information Services
Service Requests.