Security Officers and Chief Fiscal Officers
Martin J. Benison, Comptroller
May 24, 2013
Department Head Annual Approval - Statewide Enterprise Systems Security
Approval of transactions to "Final" status in the state financial systems serve as an affidavit from the Department Head to the Comptroller that transactions comply with State Finance Law and the documents are accurate and complete, the expenditure or other obligation is supported by sufficient legislatively authorized funds, is made in accordance with the Department's legislative mandates and funding authority, and complies with all applicable laws, regulations, policies and procedures. Annually, Department Heads are asked to review and confirm employees (1) they have authorized them to access, process and approve transactions in enterprise systems on their behalf and (2) any other individual who can approve obligations and expenditures (execute contracts, approve payroll, incur obligations, authorize payments, etc.) on behalf of a Department Head even if said individual does not access enterprise systems themselves.
This Statewide Enterprise Systems Security Policy requires Department Heads to certify security access to enterprise systems annually in conjunction with Closing and Opening of the fiscal year. The policy also requires Department Security Officers to certify security access at the end of the calendar year, thus a formal review is performed every six months. This review covers all enterprise systems listed below and should include any individual who can approve obligations and expenditures (execute contracts, signoff on payroll, incur obligations, authorize payments, etc.) on behalf of a Department Head even if that individual does not access these enterprise systems.
Certification must come directly from the Department Head, either as an e-mail from his/her account or as a hard copy with the Department Head's signature. The preferred method is on the Department Head Annual Approval of Statewide Enterprise Systems Security Form and e-mailed to firstname.lastname@example.org no later than June 28, 2013. This date will assure that needed changes are completed prior to the June 30 year-end report used by the auditors. The latest enterprise security reports are available via Doc Direct as of May 1, 2013.
The Comptroller's Office is available to answer any questions and assist you with MMARS and HR/CMS issues [Dan Frisoli at (617) 973-2614 or Lenny Montone at (617) 973-2570]. ITD is available to answer any questions and assist you with security for CIW and Intempo. Contact CommonHelp at (866) 888-2808.
Thank you for your prompt attention to this task.