Secure Banner Server Access Policy
This policy defines the approval process for privileged access to Oberlin College ERP servers.
Policy #: 01.004
Policy Title: Secure Banner Server Access
Responsible Position for Policy: Chief Information Technology Officer
Office/Department Responsible for Policy: Center for Information Technology
Division Responsible for Policy: Office of Finance and Administration
Original Issue Date: 02/11/2021
Last Revision Date: 02/11/2021
Log of Previous Revisions: 02/11/2021
Policy Purpose
This policy defines the approval process for privileged access to Oberlin College ERP servers.
Policy Statement
Staff members at Oberlin College are not granted privileged access to ERP servers by virtue of their role. All staff requiring ERP access must submit a request for access and those requests must be approved by CIT.
Scope
Oberlin College Administrative Staff
Definitions
- ACS: Administrative Computing Services
- CIT: Center for Information Technology
- DI: Digital Infrastructure
- ERP: Enterprise Resource Planning (Banner)
- IP address: Internet Protocol address
- VPN: Virtual Private Network
Administration
The Chief Information Technology Officer is assigned to administer this policy. This individual is responsible for keeping the policy up to date and coordinating a detailed review at least once every five years.
Procedures
- Staff needing privileged access to ERP servers must submit a request to CIT, specifying if the request is for designated IP address access, and/or VPN access.
- The Director of ACS will approve or deny the request.
- Approved requests will be directed to the DI team.
- DI team member will contact the requestor to acknowledge access.
Related Information
The Director of ACS shall review the list of staff with secure Banner server access bi-annually.