Security Quick Links


Banner Security Information

Skip Navigation LinksAbout Fisk > Administration > Office of Information Technology Services > Banner Administration > Security

Security Classes, Forms, Users Audit

***Special Note***
You must have access to the public drive (P: drive) in order to view the "Banner Security Class, Form, User Lookup" information provided on this page.

The following security information has been compiled in order to make Banner security more transparent. Please use this information to assist your offices in designating which security classes, forms, etc should be assigned to new employees as well as a guide for what access your employees currently have and/or may need.

Banner Security Class, Form, User Lookup
Classes: A_BAN_FU_DEFAULT_C
A_BAN_FU_LETRGEN_C
etc...
Forms: AAAACKN Dues Acknowledgement
AAAACKR Dues Acknowledgement Rules
etc ...
Users: AALI
ABURGER
etc...

 

 

 

Security Policy


Who must complete a security request?


New SunGard Banner access or changes to access are granted to individuals who complete the Banner Security Form. This form will be required for both new employees and existing employees. This policy applies to all Fisk Unversity employees, student, busines partners, third parties, and vendors, who intend to access and use the SunGard Banner System to perform assigned job responsibilities. The aim of this policy is to outline the practices for requesting, granting, administering, and terminating user accounts within the SunGard Banner system.

Information Technology Services Director of Enterprise Systems is required to:

           
    1. Grant users's access to SunGard Banner and/or Oracle database tables, assign user ids, and inital passwords to users.      
    2. Implement password management controls such as password expiration, usage of unique passwords, enforce initial password changes upon first use, time-out sessions, and SunGard Banner password policies.      
    3. Prohibit the use of guest, generic, and shared user accounts.      
    4. Disable unneeded user accounts and retain these accounts in accordance with the University's records and retention policies.      
    5. Obtain written requests for and approvals of all employee, emergency, or temporary access requests to SunGard Banner system.      
    6. Ensure proper signatures are obtained for the access requested.      
    7. Approve user access to the SunGard Banner system based on the documented approval and confirmation of prerequisite training such as Banner Navigation training showing prospective users how to navigate through menus and forms in Banner.      
    8. Retain documentation of requests in the event of a security review.

Deans/Directors/Supervisors are required to:

  1. Ensure that employees comply with Unviersity security policies and procedures.
  2. Evaluate and document employees' access privileges to ensure that their access is appropriate for the assigned job responsibilities.
  3. Review employees' privileges annually to ensure that their access is appropriate for the assigned job responsibilities.
  4. Notify the Director of Enterprise Systems within 24 hours of changes in employee job responsibilities which require access changes, including transfers within the department or other University departments and terminations.

Banner Users, Vendors, Business Partners, and Third Parties are required to:

  1. Protect all data files from unauthorized use, disclosure, alteration, or destruction.
  2. Be responsible for the security, privacy, and control of data within their control or view.
  3. Create complex passwords that can not be easily guessed such as family member names, nicknames, and words found in the dictionary. Passwords should be a minimum of 10 characters including two of the following three characteristics: characters, special characters, and numbers.
  4. Prohibit the sharing of passwords, even with the supervisor or Information Technology staff members, to protect them from inadvertent disclosure to others.

 

Security Request Process Flow:

Banner User:

  1. Enter as much information as possible in "User Identification" area.
  2. Sign and date in the "User Signature and Date" area.
  3. Forward to your supervisor.

Supervisor:

  1. Check off Production and/or Testing Banner access box.
  2. Check off which modules the employee should have access to and whether the access should include any of the Evisions products.
  3. Review the security classes and forms associated with the security classes and designate which classes the user should have based on job responsibilities.
  4. Forward to your Director and/or VP as well as the Director's and VP's for each module
  5. When all signatures obtained forward to CIO.

Directors/VP's (***Each module requested must be signed by the Director/VP of that module to ensure integrity across systems):

  1. Sign and date that you approve of access in your area under the security classes requested.
  2. Initial and date the VP row in the "Work Flow" area.
  3. Return to Supervisor for remaining signatures.

 CIO:

  1. Initial and date the CIO row in the "Work Flow" area.
  2. Forward to Director of Enterprise Systems.

Director of Enterprise Systems:

  1. Upload the completed form to a help desk ticket for tracking and communication purposes.
  2. Create the user account and/or assign security classes.
  3. Initial and date the DES row in the "Work Flow" area.
  4. Enter in the SunGard banner user id in appropriate area.
  5. Send completion notice via the ticketing system to all persons whose signatures were obtained that the request has been completed.
  6. If new account is created, send the requestor and immediate supervisor the user id assigned and temporary password used to access the account.
  7. File paper copy for future reference.

 

Banner Security Request Form

banner_security_request.pdf