Authorized Access Procedure

Version 1.1

For Staff, Guests

Purpose

The purpose of this procedure is to ensure proper governance and control over privileged or heightened administrative access, particularly for "A-" and "TA-" accounts. This procedure establishes a consistent method for requesting and approving privileged access, ensuring that all such requests are processed via ServiceNow and with final approval by the Vice President & Chief Information Officer (CIO).

Scope

This IT security procedure applies to all Information Technology employees, contractors, and affiliates (the "User(s)" or "you") who require privileged or heightened administrative access to the University's IT Resources. It includes all access requests for "A-" and "TA-" accounts.

Procedure Statement

  1. Request Submission
    • All individuals must request Privileged Access via ServiceNow.
    • Include a clear and detailed justification for the required access (to ensure accountability and for future auditing purposes).
    • Document how the requested access aligns with your job responsibilities following the principle of least privilege.
    • Include the required duration of access.
  2. Approval Process
    1. The immediate supervisor (manager or director) receives and reviews requests if approved
    2. The department’s S-Team representative receives and reviews requests if approved and forwards the request to the CISO for review and approval.
    3. The VP & CIO of the Office of Information Technology completes final approval.
  3. Post-Approval Activities
    • Upon approval, the service request is routed to the administrator responsible for provisioning the access.

Definitions

A- Account is an administrative account assigned to employees whose job responsibilities require Privileged Access.

IT Resources include computing, networking, communications, application, telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and any related materials and services. 

Privileged Access is administrative access to systems required for backend operations, such as database management, system configuration, maintenance, management tasks, or application deployment.

ServiceNow is the IT Service Management (ITSM) system for tracking access requests, approvals, and related documentation.

TA- Account is a temporary administrative account assigned to consultants, vendors, or other external personnel who need time-based privileged access for specific tasks.

Related Policies and Procedures

Implementation Information

Review Frequency Annual
Responsible Person Senior Director of IT Security Operations and Assurance 
Approved By VP & CIO
Approval Date October 16, 2024

Revision History

Version Date Description
1.0 10/16/2024 Initial document
1.1 12/16/2024 Updated definitions

Need Help?


Walk-In Centers

McShane Center 266 | RH
Leon Lowenstein SL18 | LC

View Our Walk-In Hours