|
Comptroller's /Core-CT Systems Security Overview
OSC/Core-CT Security
-
1. The Office of the State Comptroller, Administrative Services Division, issues
statewide systems security procedures. It is very important that agencies
have appropriate internal controls over and within the Core-CT Financial and
Human Resource Management System (HRMS) to ensure that all transactions are
properly authenticated and authorized. Guarding against unauthorized and
inappropriate access to the Core-CT system is critical due to the
integration of the Financial and HRMS Systems. Unrestricted access to the
Core-CT system compromises the controls provided by segregation of duties
and other safeguards that are part of manually operated systems.
-
-
Administrative Services Division has the central responsibility to review any
security request for a role in the Inventory module or the Asset Management
module to verify compliance with segregation of duties.
-
-
2. Security in the Core-CT system is imperative and must be restricted
to only those individuals authorized to have access. The establishment or
modification of user access to Core-CT is initiated by the agency's security
liaison via Form CO-1092, Agency Application Security Request Form. Only
permanent state employees and those acting under a Memorandum of
Understanding are allowed to have access to the Core-CT production
environment.
-
-
Each agency designee has the responsibility to assign a Core-CT Security
Liaison to be the primary contact with the Statewide Core-CT Applications
Security Administrator. The Security Liaison is responsible for monitoring
all authorized access to the Core-CT Financials/HRMS application to their
agency personnel, and acting as point of contact for the Core-CT
Applications Security Administrator. Each agency should develop internal
security procedures for Financial, HRMS and EPM users.
MEMOS
-
Comptroller's Core-CT System Security
http://osc.ct.gov/2014memos/numbered/201419.htm
FORMS
-
Core-CT Application Security Request Form (CO-1092) � Financials/EPM
http://www.core-ct.state.ct.us/security/xls/finform.xls
-
Core-CT Application Security Request Form (CO-1092) � HRMS/EPM
http://www.core-ct.state.ct.us/security/xls/hrform.xls
-
-
General Questions on Security Role Requests should be made to the
agency's security liaison. The agency liaisons are listed at:
http://www.core-ct.state.ct.us/security/xls/scrty_liaisons.xls
FREQUENTLY ASKED QUESTIONS
Q. Who should I contact if I have a question on Core-CT security?
- A. An employee should contact their agency Core-CT Security
Liaison.
|
