Accessing Enterprise Resources
Computerized Information Access (CIA) Request forms document, monitor, and manage access to enterprise resources like PeopleSoft, which accesses Human Resources or Student Administration information, and other information systems, like Active Directory and OnBase Document Repository. CIA Request Process, through the use of OnBase Workflow, is the method that:
- Obtains MPP approval
- Documents Security Administrator authorization
- Ensures training requirements are met
CIA Requests are required when new access is needed or people transfer from one department to another.
Creating a CIA Request
As of Monday, November 6, 2017 creation of CIA Requests has moved to a delegated process. Each college, division, and unit selected who would be their CIA Delegate. Please ask your AA/S or ASC who is your CIA Delegate. Then work with your CIA Delegate to create your CIA Request.
New CIA Delegates can be added by sending the person's name, emplid & email address to: firstname.lastname@example.org. Be sure to "cc" the MPP and the individual.
Resources - Instructional Guides
Additional assistance is found in these guides:
- (August, 2018) - latest spreadsheet containing detailed information about the components found in the CIA Request - component descriptions, requirements - both paper and training, security administrators
Here's a list of other guides available in the ITS Knowledge Base.
- CIA Request - Guide for MPP approval process using web or email
- CIA Request - Security Admin Approval via Unity client or web
- CIA Request Process Flow Chart
- Understanding how Computerized Information Access (CIA) Requests are processed
Questions? - contact email@example.com.
There are two types of prerequisites: training and paperwork. All components require at minimum Information Security Training. Many components have additional training requirements. The only components with paperwork requirements are: Absence Management components, both Timekeeper and Approver, Master Pay Warrant Authorization, ProCard and Requisitions, requester, reviewer and approver.
The Information Security training teaches recommended security practices for minimizing risks and preventing leaks of sensitive information. It also provides a review of roles and responsibilities regarding private information by addressing federal law, state law, and university policies, including the Acceptable Use Policy for Electronic Communication.
To sign up for training go to ITS Training Services which is found here: https://www.csusb.edu/its/training
Frequently Asked Questions
- What if the paper CIA form is needed?
Old PDF versions of the CIA form are available by sending a request to: firstname.lastname@example.org.
- What if I have incorrect or incomplete access after a request is completed?
If you believe there was a mistake or that your access is incomplete then email email@example.com. If you're having trouble logging in then contact the Technology Support Center.
- How is access suspended or removed?
An MPP emailing firstname.lastname@example.org with the name, employee ID, and date last physically worked in the unit.
- What if someone transfers departments?
People moving from one department to another will lose their administrative PeopleSoft access. It is recommended that before the transfer takes effect a new CIA Request is submitted. This request should have the information for the new department, the new MPP and new supervisor. Plus the components on the CIA Request should reflect the new duties thereby providing for a quicker and smoother transition of access. De-provisioned access is documented. So, if there are questions about someone's access - an email with the emplid and name of the individual can be sent to email@example.com.
- What happens when someone goes on temporary or permanent leave of absence, or temporary reassignment?
When such an event occurs, supervisors must notify human resources and email firstname.lastname@example.org with the name, employee ID, include start and end dates of absence. The Security Administrator will revoke the appropriate access and notify the Supervisor upon completion. These actions are done because Supervisors are responsible for protecting the confidentiality, integrity, and availability of sensitive information for personnel transferred to other positions, granted temporary or permanent leave of absence, or terminated from employment.
To reinstate access, returning personnel will need to submit a new CIA Request form.