|To:||Security Officers and Chief Fiscal Officers|
|From:||Martin J. Benison, Comptroller|
|Date:||December 2, 2010|
|Re:||Security Officer Review - Statewide Enterprise Systems Security||Comptroller Memo|
Enterprise systems provide access to sensitive data and allow users to process financial transactions. Annually, Security Officers are asked to review individuals that have access to these systems to ensure that they have correct and fiscally appropriate access.
The Enterprise Security Policy requires Department Security Officers to certify security access to enterprise systems annually. This certification is due at the end of the calendar year. Department Heads provide this approval at the end of the Fiscal Year, thus a formal review is performed every six months. This review includes all enterprise systems:
Please review all security reports, process whatever changes are appropriate and provide this certification on the Department Security Officer Annual Review Form and e-mail it to firstname.lastname@example.org no later than December 31, 2010.
The latest enterprise security reports are available via Doc Direct as of December 1, 2010. We will re-run the reports again on December 17 th for you to verify any changes you have made.
The Comptroller's Security Unit is available to answer any questions and assist you with MMARS issues - contact Dan Frisoli at (617) 973-2614. Contact ITD's CommonHelp (866) 888-2808 to answer any questions and to assist you with security for CIW, HR/CMS and Intempo.
Thank you for your prompt attention to this task.