print friendly version

AUTHORITY TO SUSPEND OR REVOKE ACCESS TO FINANCIAL INFORMATION SYSTEM
Policy ACG0026
Effective Date: 03/17/04


Authority to Suspend or Revoke Access to Financial
Information System

(Policy ACG0026)

I. Purpose of the Policy

The Financial Information System (FIS) is used by authorized FIS users to procure, pay, and account for
goods and services purchased for the benefit of UCSC. It is also used to maintain the general ledger,
produce financial reports, and track inventorial equipment. Authority to access FIS is explicitly
delegated to an FIS user by the user’s supervisor or a service center manager. Occasionally, there are
situations that require that someone other than the user’s supervisor or service center manager be
granted explicit authority to suspend or revoke a user’s access to FIS. This policy provides that authority
to specific campus officials.


Please refer to Section III for the definitions of important terms used in this policy.

II. Detailed Policy Statement

A. General Provisions

The following campus officials are given the authority to suspend or revoke an FIS user’s
access to FIS based on the criteria described in Section II.B. This authority cannot be
redelegated.

1. Chancellor

2. Executive Vice Chancellor

3. Vice Chancellor – Business and Administrative Services

4. Vice Provost, Information Technology

5. Accounting Officer / Assistant Vice Chancellor – Financial Affairs

6. Director, Materiel Management

7. Associate Accounting Officer / Accounting Office Director

B. Criteria

Valid criteria for suspending or revoking access to FIS include, but are not limited to, the
following:


1. Policy violation. Using FIS in a way that violates applicable University or campus
business or financial policies.

2. Non-UC business use. Using FIS to intentionally process transactions or obtain information for non-University business purposes.

3. Legal breach. Using FIS to engage in an activity that violates state or federal law or the
terms of contractual agreements.

4. Gross incompetence. Demonstrating a level of incompetence in using FIS that results or
will result in

a. compromising the integrity of campus financial data

b. violating a University business or accounting policy

c. violating a governmental regulation, or

d. breaching the terms of a contractual agreement.

5. Misconduct. Using FIS in a way that is economically wasteful or involves gross
misconduct or inefficiency.

6. System misuse. Violating the terms of the UCSC system user agreement, or campus or
University computing policies.

7. Unacceptable risk. A situation that creates an unacceptable level of risk, such as

a. allowing continued access to FIS to an employee who has announced his/her
decision to terminate and for whom there is a reasonable belief that the
employee may misuse the FIS to harm the University, or

b. determining that an FIS user who has record update privileges is not eligible for
coverage under the University’s fidelity bond.

8. Lack of demonstrated need. Not having a demonstrated need to have access to FIS.

III. Definitions

FIS user – an individual who is a permanent or temporary UCSC employee, contractor, third-party
service provider, or consultant

IV. Getting Help

The Financial Information System Manager can address questions related to FIS access. Please consult
the UCSC telephone directory or UCSC Financial Affairs website for contact information.

V. Responsibilities and Authority

The Unit Head and/or Principal Officer (or designee) of the FIS user is responsible for delegating
authority to access FIS to the user.

The Financial Information System Manager is responsible for enabling access to FIS.

The Accounting Officer / Assistant Vice Chancellor – Financial Affairs is responsible for maintaining accountability and control over financial processes and for maintaining the integrity and accuracy of the campus accounting data. FIS plays a key role in supporting campus financial processes and processing and maintaining campus accounting data.

The Materiel Management Director is responsible for ensuring transactions involving the procurement of goods and services, including those using FIS, are processed in a manner consistent with University and campus policies and regulations.

The Vice Provost, Information Technology is responsible for ensuring that UCSC computing resources, including FIS and the computing resources supporting it, are used in a manner consistent with University and campus policies and regulations.

VI. Related Policies/References for More Information

References

Business and Finance Bulletin


• IS-3 Information Security (http://www.ucop.edu/ucophome/policies/bfb/is3.pdf)
• RMP-7 Privacy of and Access to Information Responsibilities
(http://www.ucop.edu/ucophome/policies/bfb/rmp7.html)

Other

• University of California Policy on Reporting and Investigating Allegations of Suspected

Improper Governmental Activities (http://www.ucop.edu/ucophome/coordrev/policy/10-04-
02whistle.pdf)


UC Santa Cruz Policy

Financial Affairs                                                                                                       controller@cats.ucsc.edu