Information Technology Division
Computing & Communications Center

Data Access Qualification Standard

Purpose

The purpose of this standard is to ensure each person has an adequate understanding of the areas to which access is granted. Proficiency in said areas is to be determined/measured by the department or department responsible for stewarding the table or form in question.


Goals

To minimize the risk associated with the misuse of data at Worcester Polytechnic Institute.


Scope

This standard applies to all Banner Database Environments (Banner Web or Oracle Form Based as well as through reporting tools), the ODS (Operational Data Store) the EDW (Enterprise Data Warehouse) and any third party system that has direct access to Banner Data.

Additionally, this standard mandates that all statutory, regulatory, internal policy and technical requirements are clearly defined by the Data Steward and Data Owner responsible for granting access.

Finally, this standard will be applied equally to all Constituents with access to data at Worcester Polytechnic Institute.


Standard

Data Stewards and Data Owners should use the following guidelines and process when conducting the Annual Access Audit:

Data Stewards and Data Owners should use the auditing tools provided (Banner Self-Service Security Menu).

All changes will be recorded in the database with a date stamp indicating the last time the Class or Role was adjusted. Audits following the initial audit using the web tools will only involve Classes and Roles where some element has changed (members, objects, types of access, etc.)


Revisions

Changes to this standard must be approved by the WPI Governance Committee based on recommendations of WPI Information Technology and the WPI Data Access Working Group.


Revision History

Maintained by itweb
Last modified: Oct 19, 2009, 11:07 EDT
[WPI] [CCC] [Top]