Every college must establish model operator ids to grant security for customers at their specific institution. For example, student records personnel at John Tyler will have access to the John Tyler Institution, the John Tyler Academic Organization, Careers at John Tyler, etc. This model operator id will be assigned a name, e.g., STURECJT. There should be a model operator id created for every type of customer (job function) at the college.

Complete a set of the forms for each model operator id that would be used to assign operator level security. The operator id names are limited to 8 characters and must start with an alphabetic character. The names should reflect the job function and contain the college abbreviation. When authority is given to a customer to access SIS, the model operator id will be used to assign security for that customer. When the customer creates their own customer id, their customer id will become their Student Information System operator id with the same security attributes as the model operator id. Those attributes also include the operator class.

Securing the Student Information System consist of the following:

• Securing the Academic Structure
• Securing Academic Organizations
• Securing Admissions
• Securing Student Records
• Securing Student Financials

Securing Academic Organizations
Uses an academic organization security tree-a security structure that represents graphically the hierarchies of organizational units in an institution-to view and updates the reporting relationships among units and uses this information to grant and deny customer's access to data. To use the tree, select the highest Academic Organization on each limb of the security tree to which to grant a customer's access. The system automatically allow customers access to all the entities below the ones picked (each entity does not have to be selected separately). Restricting access to a particular entity that is lower on the limb is possible.

NOTE: The academic organization security tree is maintained by Student Records. Whenever the academic organization tree is changed, the VCCS Information Security Officer must be notified in order to run a process that links the tree with the academic organization security so the system recognizes the current effective date of the academic organization tree.

Securing Student Records
Student Records security consists of Enrollment access and Program access. Before setting up enrollment access security, Enrollment Access Ids and Enrollment Group Access must be established. An Enrollment Access Id is used to grant access to enrollment functions by attaching a Time Period code to each enrollment on the panel. Enrollment Group Access is used to specify which types of students the group can access for enrollment into courses. For enrollment security, Operator Ids are assigned to Enrollment Access Ids or an Enrollment Access Group.

• Unit Security - selecting the Business Unit to which the customer belongs and the Access Code and selecting the Cashier's Office to which the customer belongs and the Access Code
• Item Type Security - defining what item types customers may have access
• SetID Security - define which SetIDs a customer can access
• Company Class Security - define what level of access a customer may have to transactions for a particular company
• Credit Card Security - define what level of access a customer may have to credit card transactions
• Origin Security - define the level of access a customer may have to transactions from specific Origin Ids