|To:||Security Officers and Chief Fiscal Officers|
|From:||Martin J. Benison, Comptroller|
|Date:||November 30, 2009|
|Re:||Security Officer Review - Statewide Enterprise Systems Security|
Enterprise systems provide access to sensitive data and allow users to process financial transactions. Annually, Security Officers are asked to review individuals that have access to these systems to ensure that they have correct and fiscally appropriate access.
The Enterprise Security Policy requires Department Security Officers to certify security access to enterprise systems annually. This certification is due at the end of the calendar year. Department Heads provide this approval at the end of the Fiscal Year, thus a formal review is performed every six months. This review includes all enterprise systems:
In anticipation of the HR/CMS upgrade, departments should closely review access for their users and make necessary adjustments through Intempo.
Please review all security reports, process whatever changes are appropriate and provide this certification on the Department Security Officer Annual Review Form and e-mail it to firstname.lastname@example.org no later than December 31, 2009. The latest enterprise security reports are available via Doc Direct as of December 1, 2009. We will re-run the reports again on December 17 th in order for you to certify your changes have been made.
The Comptroller's Security Unit is available to answer any questions and assist you with MMARS issues - contact Dan Frisoli at (617) 973-2614 or ITD's CommonHelp (866) 888-2808 is available to answer any questions and assist you with security for CIW, HR/CMS and Intempo.
Thank you for your prompt attention to this task.