• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
Single Sign On Help
Logo, Texas A&M University System, Office of Information Technology
  • Home
  • Getting Started
  • Roles
  • Key Concepts
  • Security
  • FAQs
  • SSO News
    • Release Notes
  • Governance
  • Office of Information Technology
    • Services
    • Contact the Office of Information Technology
    • Search OIT
Home / Help System / Key Concepts / Security / Security Administration / SSO Role Review – Member Responsibilities / Department-level Role Review Process

Department-level Role Review Process

On the 1st of the month of the review period, a reminder is emailed to the system members’ Application Security Officer(s) and Application Role Reviewer(s) reminding them to perform this required security review.

Application Role Reviewer Responsibilities

The review consists of using the tools below to verify that the Central Administrative roles are properly assigned for their location(s):

  • The “SSO Roles by Application” report for Department-level (Adloc) roles.  This report lists a location’s administrative roles for a given application.  Click here to learn more about this report.
  • The “Employees with SSO Roles” report.  This report can list users for a specified location who are no longer active employees.  Click here to learn more about this report.
  • The “Employee Monthly Position Changes” report. This report lists users who have had a position change during the date range specified and can help identify individuals whose position or responsibilities have changed. Click here to learn more about this report.
  • The Guardian User List spreadsheet provided to the Application Role Reviewers by the Workday Services team.  This spreadsheet lists users for a location who have an active account in the Guardian I-9 application.

These reports should be reviewed to confirm that only active employees are users of System applications and that their security access level is appropriate.

After completing the review(s), the ARR must record the results of the review in the SSO Role Review application.

Application Security Officer Responsibilities

When all of the ARRs have done their reviews, the ASO must verify the role reviews for which he/she is responsible to ensure completeness.

The department-level role reviews must be completed by the 10th day of the review cycle; therefore, the ASO should ensure that the ARRs are completing their role reviews in a timely manner.

Automatic Reporting

On the 11th day of the review period, the System-wide SSO Department-level Role Verification Report will be sent to the Application Owner and the System Chief Information Security Officer.

Consequences for Missing or Incomplete Reviews

Missing reviews may lead to the loss of administrative role authorizations for the member institution’s  ASOs, ARRs, and/or administrative role holders at the institution.

Additional Documentation

For a visual description of the role review process, view the Security Review Process flowchart.

Primary Sidebar

Contact

Find Your Support For SSO

Related Topics

  • Application Security Officers (ASOs) for SSO Web Applications
  • Daily Security Review Process
  • Application Role Reviewers (ARRs) for SSO Web Applications
  • Member-Level Role Review Process

More Information

Copyright © 2023 Texas A&M University System All rights reserved.

301 Tarrow Street, College Station, TX 77840 | MAP | Phone: (979) 458-7700 | email: support@tamus.edu
State of Texas | Texas Homeland Security | Texas Veterans Portal | Statewide Search | Risk, Fraud & Misconduct Hotline | Privacy | Web Accessibility | State Link Policy | Campus Carry

Texas A&M University System