Student Information System (SIS+) Access and Security

Accounting and Safeguarding of Assets

40.09         Student Information System (SIS+) Access and Security                             Issued: May 15, 1998


1.     Access

        1.1   Employees requiring access to SIS+ must request access by completing a Data
                Security Request Form (Attachment 1) and processing it through their Data Security
                Officer, the respective Custodial Data Security Officers (owners of the respective
                screens/data), the University Data Security Officer to the Chief Information Officer.

        1.2   If the employee approved for access is a new user, the University Data Security
                Officer will require them to attend the SIS+ Training Class and sign a Statement of
                Responsibility (Attachment 2) prior to issuance of a User ID and Password.

2.     Security

        2.1   Allegation of Security Breach

                An allegation of a security breach will result in the suspension of access pending an
                investigation of the facts. If an allegation of a security breach is substantiated, additional
                actions will be taken.

        2.2   First Offense

                The first offense will result in suspension of access up to 30 days. The offender will
                receive a written reprimand with copies distributed to the appropriate senior level
                executive, Dean or Director of the offender, and the Internal Audit Department. Also,
                a copy of the reprimand will be placed in the employee’s personnel file. Other actions
                may be taken in accordance with the applicable federal and state law (Chapter 33,
                Section 1, Title 7 of the Texas Penal Code), depending on the severity of the security
                breach.

        2.3   Second Offense

                Access will be denied for up to 90 days from the time the breach is discovered. Other
                actions may be taken in accordance with the applicable federal and state law (Chapter
                33, Section 1, Title 7 of the Texas Penal Code), depending on the severity of the
                security breach.

        2.4   Third Offense

                Access will be permanently denied. Other actions may be taken in accordance with the
                applicable federal and state law (Chapter 33, Section 1, Title 7 of the Texas Penal
                Code), depending on the severity of the security breach.

        2.5  Security Reviews

                The Data Security Officers should review access for their respective areas on a
                monthly basis to ensure that only authorized employees have access. The Information
                Technology Services Department will provide the necessary access reports.  

Contact:     University Data Security Officer


 

Was this information helpful? Provide Feedback or report broken links.