Clayton State University Human Resources

Human Resources

General
Policies/Guides
Forms Library
News
Discount Program
Employee Self Service
Employee Self Service Login
Employment
Jobs
Student Jobs
Continuing Education Positions
Faculty Positions
Employment Benefits
Health Insurance
Dental
Life
Retirement
Flexible Spending
Leave
LTD
Misc Benefits
Compensation
Salary Policy
Job Specifications
Compensation by Grade (Hourly)
Compensation by Grade (Monthly)
Student Compensation
Position Questionnaire
Special Programs
Training Portal
Families First
HIPPA Presentation
Contact
Department of Human Resources
STC-218
678-466-4230

Welcome to the Department of Human Resources

POLICY: Access Privileges

Date Posted: 07/29/2002

Purpose
Definitions
New Employee Hires
Employee Terminations
Employee Transfer
Contractors and Consultants
Other Non-University Affiliates
Timing of Access Change
Common Access Privileges

Purpose

The purpose of this policy is to clearly define the responsibility managers and other Clayton State University (CSU) officials have to authorize appropriate access privileges to employees, contractors, and others working under their direction or sponsorship and to modify or revoke those privileges when individuals transfer to another job within CSU or otherwise no longer need these privileges.

Definitions

For the purpose of this policy, “manager” is defined as the individual to whom an employee, contractor, or consultant directly reports and “CSU official” is defined as the individual (e.g. vice president, dean, department head, executive
director, director, manager) who is sponsoring the work of non-CSU affiliates, such as visiting faculty.

New Employee Hires

When an employee is hired into a department, it is the responsibility of the employee’s manager to authorize only appropriate access privileges for the employee. Examples of such privileges are purchasing cards, parking permits, telephone numbers, computer accounts, and the LINX card.

Employee Terminations

When an employee terminates service with the University, it is the employee manager’s responsibility to ensure that all access privileges are revoked and all keys, badges, and other physical items (such as notebook computers) are collected from the employee in accordance with the relevant policies. (See Administrative Data Security Policy)

Employee Transfer

When an employee transfers from one job to another, it is the responsibility of both the employee’s previous and new managers to modify the employee’s access privileges as appropriate for the employee’s new job situation.

Contractors and Consultants

It is the responsibility of the manager to whom a hired contractor or consultant reports to authorize only appropriate access privileges for that individual. Further, it is that manager’s responsibility to ensure that all access privileges are revoked and all keys, badges, and other physical items are collected from the contractor or consultant when that individual’s engagement with the manager ends.

Other Non-University Affiliates

Visiting faculty, research collaborators, government officials and other non-CSU affiliates may be granted access privileges to certain CSU resources in accordance with the relevant policies. It is the responsibility of the CSU official who sponsors a non-CSU affiliate to authorize only appropriate access privileges for that individual. Further, it is that official’s responsibility to ensure that all access privileges are revoked and all keys, badges, and other physical items are collected from the non-CSU individual when that individual’s affiliation with CSU ends.

Timing of Access Change

Access revocations should generally be effective and physical items should be collected on the day these are no longer required by the individual and no later than the day after that individual transfers to another job within CSU, terminates from CSU or otherwise no longer needs these privileges. This also includes situations where the employee is no longer expected to perform duties that require access, e.g. education leave of absence, leave of absence, suspension, detailed assignment. Managers and other CSU officials, as described in previous sections of this policy, are responsible for notifying privilege-granting departments or external privilege-granting providers of needed changes sufficiently in advance of the effective dates to allow the department to process these changes in a timely manner.

Common Access Privileges

Common access privileges are listed in the following table along with specific departments to whom requests for addition, modification, or revocation of access privileges should be made. The list is not all-inclusive.

Access Privilege	Data Owners	Data Custodian
Login Authority for Specific Computer Applications: e.g. PeopleSoft, HRMS	OPB
PeopleSoft, Financials	OPB
Banner	OITS
Accounts on Departmental-maintained Computers	Employee’s Department
Notebook Computers	OITS (The HUB)
Purchase Card	Purchasing
Long Distance Calling Card	Employee’s Department
American Express Card	Employee’s Department
Parking Permits	Public Safety
Building & Room Keys	Public Safety
Linx Card	Auxiliary Services