NCAS Security Application

Procedures for Setting Up NCAS Security

Step

Procedure

1.

All persons who need access to the NCAS software must first obtain RACF security from their agency's RACF Security Administrator.  Appropriate agency procedures should be followed.

2.

Prospective NCAS operators or their supervisors must contact their agency security administrators to complete a NCAS Security Request Form, OSC SEC01, for each operator who needs to be added, deleted, or who needs security access privileges changed in the NCAS.  Additional security restrictions must be indicated on the NCAS Operator Restriction Form, OSC SEC02.  Security restrictions to an operator's profile for any NCAS application are indicated on the NCAS Change Operator Profile Form, OSC SEC03.  Operation restrictions and additions in Information Expert are defined on the Information Expert Security Request Form, OSC SEC04.

3.

The authorized Agency Security Administrator reviews the form(s) for completeness and accuracy.  Using the security for OSC SEC01 and any additional security restrictions on forms OSC SEC2, OSC SEC03, and OSC SEC04, he/she defines the appropriate profiles for each application requested.  The Agency Security Administrator forwards the original agency approved security request to the OSC Security Administrator, NCAS Support Services, and retains a copy for the agency files.

4.

For approved applications, the OSC NCAS Security Administrator signs and dates the OSC Security Authorization on form OSC SEC01.  He/she assigns and writes the operator ID in the appropriate space.  The Agency Security Administrator returns any incomplete or inaccurate security requests.

5.

The security forms are forwarded to the OSC NCAS Security Administration Team.  After completing DCI Restrictive Security, he/she signs and dates the OSC SEC01 form.  If I.E. has been requested, the Security Administrator forwards the original application to the OSC NCAS I.E. Security Administrator, who sets up I.E. security.  The I.E. Security Administrator signs and dates the OSC SEC04 form and forwards the original security form to the OSC NCAS Security Administration Team.

6.

The OSC NCAS Security Administration Team enters the operator's application security using the standard statewide or agency security profiles specified on form OSC SEC01 and/or additional restrictive security specified on forms OSC SEC02 and OSC SEC03.  The OSC NCAS Security Administration Team completes the application security, signs, and dates the form(s).  The security profiles are verified and any special remarks or notations are listed on the form.

7.

Each week, the OSC executes and spools the security reports to X/PRT.  The Agency Security Administrator should view the security reports, verify that each security request has been correctly completed, and notify the OSC NCAS Security Administration Team of any discrepancies.  It is the agency's responsibility to ensure that a new operator changes his/her initial password the first time he/she signs on to the system.  The original security request form(s) remains on file with the OSC NCAS Security Administration Team at the OSC NCAS Help Desk.

Note:

A prospective operator or his/her supervisor must contact the Agency Security Administrator for assistance in applying for NCAS access.  The OSC NCAS Security Administration Team does not accept original security set-ups or requests for security access from unauthorized agency personnel over the telephone.

All security requests must pass through agency internal screening procedures.  For internal control purposes, an agency security administrator can NOT sign security authorization forms pertaining to his personal security access and/or configuration.  Each agency must designate at least one secondary security administrator to authorize or cosign the primary agency security administrator's personal security.

Division/Office
First Published
Last Updated