Security & Access FAQs
I do not have the correct access. How do I correct that?
If the access you have (HR or Finance) is not correct, email firstname.lastname@example.org.
I no longer need CMS access. What do I need to do to remove my access?
If your job responsibilities do not require access to CMS, please notify your Division Manager/Coordinator. Removal of CMS access must be approved by each Divisions Manager/Coordinator.
I’m a temporary employee whose appointment will not be renewed. How do I notify CMS to remove my access?
Approximately one month prior to the employee's end date, CMS Security will contact the appropriate administrator/supervisor via email and ask if the employee's CMS access needs to be removed. The administrator/supervisor’s response will be attached to the original approval form; no new access request form is needed. If the employee’s appointment will not be renewed, access will be revoked effective 5:00 p.m. on their appointment end date. If the termination occurs prior to the set end date, please complete the Access Request Form and submit to CMS Security, CP-800.
Do I need to complete a CMS Access Request Form if I am separating from the University?
No, the Employee Separation and Clearance Form for an employee separating from the University will initiate CMS access removal.
How does CMS handle security issues for users and confidential data?
CMS has taken steps to secure the network and internet traffic. It is the individual campus' responsibility to assure that appropriate procedures, policies and training are in place to secure confidential data.
CMS is delivered with various tools to help secure access to the database. These tools include:
- Dynamic configuration to control which users see which areas of the application;
- Within the tool of "query", dynamic configuration to control who can write the queries as well as what records can be accessed by those queries;
- Dynamic access to data based on a departmental security tree;
- Dynamic security to control who can execute specific processes.
What type of access do I receive?
Access to CMS is defined by your position responsibility as a user and the department(s) you are authorized to view as authorized by your Designated Division Representative. Please read the CMS Description of Roles to learn about each Role. Please read CMS HR Roles Summary to learn what different accesses each role will provide. Please read the Assigning Roles in CMS: How it Works document to make sure you are requesting the right access if you need access to more than one department.
What responsibilities do I have for protecting information accessed via the CMS HR system?
Every employee utilizing the CMS-PeopleSoft HRSA system and HR data shares the responsibility for the security, integrity and confidentiality of information. Pursuant to CSU HR Technical letter HR 2003-05 issued on March 13, 2003, each campus must ensure that all employees with access to confidential information have a legitimate business need. These employees must understand the responsibility they have under the Information Practices Act and Title 5 to protect sensitive employee data.
How do I dispose of confidential data?
Employees should use caution in storing or disposing of confidential information. This includes shredding any paper that contains information described as personal or confidential. In addition, any personal or confidential data contained on computer media must be erased before disposing of the tape, diskette, CD-ROM, zip disk or other types of medium. Questions regarding storage or disposal of faculty employee and/or faculty applicant confidential information should be directed to the Director of Faculty Affairs and Records, ext. 5187. For staff employee and/or staff applicant confidential information, questions should be directed to the Director of Human Resources Operations, ext. 2498.
How do I secure documents locally?
Refer to Employee Training and Development’s (ETD) online tutorials.
Additional source of information: ETD offers a class entitled: Information Security and Document Encryption. To register for the class or for further information, contact ETD at email@example.com or ext. 4178.