Secure Banner Server Access Policy

Policy #: 01.004
Policy Title: Secure Banner Server Access
Responsible Position for Policy: Chief Information Technology Officer
Office/Department Responsible for Policy: Center for Information Technology
Division Responsible for Policy: Office of Finance and Administration
Original Issue Date: 02/11/2021
Last Revision Date: 02/11/2021
Log of Previous Revisions: 02/11/2021

---

Policy Purpose

This policy defines the approval process for privileged access to Oberlin College ERP servers.

Policy Statement

Staff members at Oberlin College are not granted privileged access to ERP servers by virtue of their role. All staff requiring ERP access must submit a request for access and those requests must be approved by CIT.

Scope

Oberlin College Administrative Staff

Definitions

1. ACS: Administrative Computing Services
2. CIT: Center for Information Technology
3. DI: Digital Infrastructure
4. ERP: Enterprise Resource Planning (Banner)
5. IP address: Internet Protocol address
6. VPN: Virtual Private Network

Administration

The Chief Information Technology Officer is assigned to administer this policy. This individual is responsible for keeping the policy up to date and coordinating a detailed review at least once every five years.

Procedures

1. Staff needing privileged access to ERP servers must submit a request to CIT, specifying if the request is for designated IP address access, and/or VPN access.
2. The Director of ACS will approve or deny the request.
3. Approved requests will be directed to the DI team.
4. DI team member will contact the requestor to acknowledge access.

Related Information

The Director of ACS shall review the list of staff with secure Banner server access bi-annually.