Skip to Search Skip to Navigation Skip to Content

Section 2: Data and Systems Integrity

DEFINE Annual Certification

Effective Date:

06/13/2011

Approved By:

Janet Parker, Associate Vice President, Financial Affairs

Last Revised On:

n/a

For Assistance Contact:

Director of DEFINE Administrative Services

(210) 458-4343

PURPOSE/SCOPE

This guideline describes how UTSA conducts security reviews through an annual certification process of access to the DEFINE Administration system.

AUTHORITY


UNIVERSITY GUIDELINES

Table of Contents

A. Responsibilities of the Electronic Office Manager

Each Electronic Office Manger (EOM) is responsible for validation of security access to the DEFINE Administration system for employees within their organization. Specific responsibilities include:

  1. Approval of DEFINE Departmental User Access forms for employees who have a business reason to access DEFINE to perform their jobs by identifying commands and the functions requested.

  2. Recommendation of access for DEFINE Central Users.

  3. Specification of electronic document routing.

  4. Identification of electronic signers for DEFINE online activities and documents.

See the Financial Information Access and Security - DEFINE FMOG for more information.

B. Responsibilities of the Controller

The University Controller reviews and grants all DEFINE Central User access to assure the integrity of internal controls by employees who can final approve DEFINE electronic documents via the DEFINE Central User Access form.

NOTE: The Controller does not need to approve DEFINE departmental user access as those individuals do not act as final approvers of DEFINE electronic documents.

C. Annual Security Certification of DEFINE Administrative System Access

The Annual Security Certification is the process used to monitor and verify appropriate access to the DEFINE Administrative System. The process begins with an accuracy review of system-generated reports that is certified by the EOM to assure:

  1. Each individual assigned to the electronic desk(s) has a continued business purpose for the access

  2. Verification of command authorization for each electronic desk.

  3. Verification of the authorized signatures for each unit code.

Each EOM receives a report with the following information:

  • Electronic Office Structure:

    • Listing of Manager and Office Delegate(s)

    • Listing of all electronic desks established for each office

    • Listing of all employees assigned to each electronic desk

    • Command authorizations providing employees access to specific functionality within DEFINE

  • Electronic Routing

    • Departmental routing established for electronic DEFINE documents to follow

  • Electronic Signature Authorization

    • Signature authorization for each person authorized to approve electronic documents for the unit codes assigned to the office.

D. Certification Process

After verifying the reports, the EOM must:

  1. Certify that a review of the reports has been conducted for each section of the report, and if changes are necessary, that the appropriate forms have been completed.

  2. Immediately request changes to access by completing the DEFINE Departmental User Access Form or the DEFINE Central User Access form and sending it to the DEFIN Administrative Services Office for processing.

    NOTE: DEFINE Administrative Services forwards all DEFINE Central User Access forms to the Controller for final review and approval.

  3. Sign and return the DEFINE Annual Certification Letter by the required due date.

    NOTE: DEFINE Administrative Services performs a follow-up with each EOM to assure 100% compliance of the annual security certification.


DEFINITIONS

Term

Description

DEFINE Annual Certification Process

The process for each Electronic Office Manager to review DEFINE Access, command authorizations, routing of electronic documents created by the office, and signature authorization for each unit code contained within the office.

Electronic Office Manager (EOM)

The Electronic Office Manager is the Unit Administrator over one or more unit codes with responsibility for the review and approval of employees with end-user access, also referred to as departmental access to the DEFINE Administration system. The EOM has the authority to approve electronic signers for units within their specific electronic office.

Electronic Signer

The electronic signer is an individual who has authority to approve electronic documents at the department level for within each electronic office. Electronic signers are maintained in DEFINE on a 'desk' within each electronic office and approved by the Electronic Office Manager.

Unit Code

A unit code is a seven-digit number that organizes budget groups by function for processing purposes and to establish organizational hierarchy for reporting purposes.

University Controller

The Assistant Vice President or Associate Vice President for Financial Affairs have the responsibility of reviewing that internal controls are established for central users that have the ability to final approve financial documents.

REFERENCES/LINKS

RELATED FORMS/WORKSHEETS

  1. DEFINE Departmental User Access
  2. DEFINE Central User Access

REVISION HISTORY

Date Description

06/13/11

Published new guideline.
In All We Do, We Do With Excellence - Every Person - Every Day - Every Job