Member Institution Review Activities
The system members’ designated Application Role Reviewers (ARRs) have responsibility for overseeing access to many of the enterprise applications accessed from the SSO menu. This responsibility requires they regularly review their location’s administrative roles in each of the enterprise applications.
When changes must be made to employees’ application access, updates to an employee’s Departmental-level roles for an application can be made by the SSO Central Administrator(s) at the member institution.
Similarly, updates to an employee’s Member-level (“Central”) roles for an application must be initiated by emailing SEA Support at firstname.lastname@example.org to request the changes.
Role Reviewers are also responsible for providing their institution’s Application Security Officers (ASOs) with the results of their central and department role reviews in a timely manner.
Daily Security Review Process
The Daily Security Review Process is the first line of defense against unauthorized access to the System’s administrative applications. Click here to learn more about the Daily Security Review Process.
Member-level Role Review Process
The Member-level Role Review Process is required and essential to the process of maintaining administrative control over Member-level (Central) role authorizations in SSO’s delegated security model. Click here to learn more about the Member-level Role Review Process.
Department-level Role Review Process
The Department-level Role Review Process is required and essential to the process of maintaining administrative control over Departmental-level role authorizations in SSO’s delegated security model. Click here to learn more about the Department-level Role Review Process.
Application Security Officer (ASO) Review Process
|Daily Review||Daily, automated|
|Member-level and Application Security Officer Review||Quarterly (January 1st, April 1st, July 1st, October 1st)|
|Department-level Review||Semi-annually (January 1st, July 1st)|