These guidelines are intended to assist a department, office, or individual user in securing the proper access to the Student Information System (SIS) at SIUC. Three basic steps are required to gain access to the SIS. Step 1: Request a NETWORK ID Step 2: System Security Profile (SSP) Step 3: SIS Operator Profile Request (SISOPR) As a part of the application for access to the Student Information System, employees are notified that the Illinois "Computer Crime Prevention Law" (720 ILCS 5/16D) governs the use of computers with respect to their unlawful use. The statute can be viewed on the Web at http://www.infotech.siu.edu/csc/policies/prevent.htm. All information in the Student Information System is considered sensitive and/or confidential. Access to the SIS is governed by the University's Policy on Release of Student Information, which can be viewed at http://registrar.siu.edu/records/inforls.htm. Access to specific student data in the SIS is based on a legitimate "need to know" basis and must be directly related to one's currently- assigned employment duties within the University. It is strongly recommended that each office appoint someone in the office to be responsible for the coordination of employee access to the SIS. The SIS Access Guidelines are more easily accomplished if one person coordinates the access of all office employees.
1.1 Each employee who accesses the SIS must obtain a User
Identification (NETWORK ID) from Information Technology.
(The NETWORK ID used to be known as a KERBEROS ID.) To
obtain a NETWORK ID, use a computer with Internet access
and go to the "Request a Network ID" Web site located at
https://websec.it.siu.edu/util/id_request.html. Employees
who already have a valid SIUC NETWORK (POP E-Mail) ID are
not required to obtain another such ID.
The System Security Profile (SSP) form is used to define system
and data requirements for an individual user. However, the SSP
form can be used with an SIS Attachment to define the requirements
of a group of employees.
2.1 After User "NETWORK IDs" have been assigned to the employees,
the office must submit a System Security Profile (SSP) form.
2.2 Blank SSP forms may be obtained from the Office of Records and
Registration in Woody Hall, and completed forms should be submitted
there as well. To obtain or submit this paperwork, please contact
that office in one of the following ways:
* Mail .... SIS Access staff, Mail Code 4701;
* Email ... SISacces@siu.edu;
* Visit ... Woody Hall room A-110.
* Web ..... http://registrar.siu.edu/sis/sis_forms.htm
2.3 All pertinent employees, including student workers and graduate
assistants, can be listed on the SIS Attachment to the SSP.
The assigned NETWORK ID should be entered on the form under
the heading "LOGONID."
2.4 It is recommended that the access coordinator of an office
prepare the form on behalf of all employees in the office.
2.5 Student workers and graduate assistants must be identified
on the SIS Attachment to the SSP by marking the appropriate
column.
2.6 Access to the SIS through CICS/IDMS will normally be permitted
only between 7:00 A.M. and 8:00 P.M. Monday through Friday.
Special working hours other than this range of hours must be
requested through the SIS Technical Committee (current Chair
is Neal Jones, Financial Aid Office).
2.7 All System Security Profile (SSP) forms and attachments
requesting access to SIS should be sent directly to the Office
of Records and Registration (as noted in Step 2.2). SSPs sent
directly to Information Technology will be forwarded to the
Office of Records and Registration for preliminary processing.
This could result in delayed access to SIS.
2.8 Whenever an employee leaves the employment of an office,
the office must process a System Security Profile (SSP)
form to revoke the SIS access. Revocation of SIS access is
accomplished by submitting an SSP form to the Office of
Records and Registration (as noted in Step 2.2). An SIS
Attachment to the SSP can be used if there are a number of
revocations to process. Offices (the office coordinators)
are responsible for notifying the Office of Records and
Registration (as noted in Step 2.2) whenever an employee
terminates employment in that office.
Even a transfer of positions from one office to another
office will require updating of the employee's SIS
access, and so the Office of Records and Registration
needs to be notified.
2.9 CICS logon passwords should be changed by SIS users frequently.
The CICS system will normally force users to change their
passwords no less frequently than every 60 days, but it is
recommended that users change passwords every month. Current
I.T. policy is that passwords cannot be re-used; i.e., the
system edits prevent you from flipping back and forth between
two passwords when you change.
Staff who get locked out from accessing CICS will need
to call the I.T. Help Desk (Customer Service Center) at
453-5155 to have them reset their CICS account before they
can access it again. Student workers will need to ask
their department's I.T. liaison to contact the Help Desk
for them to have this done.
2.10 Access to the Student Information System using On-Line
Query (OLQ) may be obtained by submitting a System Security
Profile (SSP) form for each employee. OLQ access to the
SIS is obtained by the normal SSP procedure and is separate
and apart from the process set forth in these guidelines.
The SSP form should specify that "OLQ access to SIS data
is requested" and contain the reason for the request. OLQ
access will also require the approval of all applicable
SIS "offices of record." Send the SSP form to the Office of
Records and Registration (as noted in Step 2.2) to initiate
processing.
2.11 SIS Data Extract Files are available for information retrieval
using Mark IV, SAS, or other mainframe retrieval languages.
Departments who wish to use Mark IV and the extract files for
their ad hoc reporting will be required to submit SSP forms
to secure access to that data file. Submit the form to the
Office of Records and Registration (as noted in Step 2.2)
to initiate the process.
3.1 The SISOPR form, accompanied by a System Security Profile
(SSP) form, must be completed and submitted to the Office
of Records and Registration (as noted in Step 2.2) to obtain
access to the Student Information System. A separate SISOPR
must be completed by each University employee (including
student worker or graduate assistant) who is required to
access the SIS as part of their assigned duties. The SISOPR
form must be signed by the employee and the office head.
3.2 There are 3 options for access to each of the on-line screens
of the Student Information System: Deny, Inquiry, and Update.
An Operator Profile determines which type of access is
permitted for each on-line screen in the system.
Deny (D) - The operator will not be permitted to view
the screen.
Inquiry (I) - The operator will be able to view the data
on the screen but will not be permitted to
update or change the data.
Update (A) - The operator will be able to update or
change data on the screen.
3.3 There are several standard SIS Operator Profiles. Any
University office or employee may request to receive
access to the SIS at Level 00. To obtain SIS access at
Level 01 or higher, the office or employees must demonstrate
that they have a "need to know" the student information in
order to perform their assigned duties. Generally, access
for all personnel in an office will be at the same level;
however, offices may request access for specific employees
which is "customized" to meet their information needs.
Access to financial aid information and billing/receivables
account data is not available through the standard operator
profiles. To obtain inquiry and update access to the
on-line screens in financial aid and billing/receivables,
the office or department must submit SIS Access Form F
and/or Form B with this form.
Level 00 Limited Access. This level permits users to
view only that student information which is
considered to be "directory information" as
defined by the University's Policy on Release
of Student Information. Some on-line screens
which contain directory information are omitted
from this group since they also contain
confidential information.
Level 01 General University Access. This level contains
the on-line screens which can be viewed by most
University user offices, both academic and
non-academic. Users at this level have access
to confidential student information and must
adhere to the University's Policy on Release of
Student Information.
Level 02 Academic Department Access. This level is
tailored to meet the needs of most academic
departments. Student workers and/or graduate
assistants in academic departments may have
additional restrictions.
Level 03 Academic Advisor Access. This level is
tailored to meet the needs of most academic
advisors. Student workers and/or graduate
assistants in academic advisement centers may
have additional restrictions.
Level 04 Customized Access. This level of access will
be customized to meet the needs of specific
offices and personnel. Student workers and/or
graduate assistants in offices which process
student information may have additional
restrictions.
3.4 To obtain a SIS operator profile which deviates from the
standard profiles, the office must receive approval from
the appropriate "office of record." SIS Access Forms A, B,
and F should be used for this purpose. These forms and the
System Security Profile (SSP) form must be attached to this
form and sent to the Office of Records and Registration (as
noted in Step 2.2). Records and Registration will forward
Forms B and/or F to the appropriate office to secure their
approval.
Form A Screens 001 through 299 Records and Registration
Form A Screens 601 through 699 Records and Registration
Form B Screens 401 through 499 Bursar's Office
Form F Screens 301 through 399 Financial Aid Office
*** Last updates 09/29/2000 (sf) and 01/29/2007 (mh) ***
|
Comments: Webmaster Copyright © 2007, Board of Trustees, Southern Illinois University |