Computer Account Revocation Changes
Affecting Exiting Employees and Their Supervisors
Account revocation (when an employee is separated, voluntarily or involuntarily) is mandated by the State Office of Information Technology. Currently when a person鈥檚 status changes to 鈥淭erminated鈥 in PeopleSoft they receive an automated email stating that they are no longer employed. In addition, all security assignments are removed from their account.
色色研究所's account revocation system, Microsoft Identity Manager (MIM), is designed to allow local supervisors to take action when one of their employee's computer accesses is in the process of being revoked due to an employment transition. The system will allow supervisors to keep an employee鈥檚 computer account active if doing so benefits the University. MIM is a web-based portal used by supervisors to request that the accounts stay active and will replace the existing account termination emails. Employees eligible for this supervisor-approved access continuation are: faculty on annual or semester appointments, staff on full-time or part-time appointments, retirees, and graduate assistants. Student Workers and Intermittent Employees are not eligible for access continuation.
MIM will detect a status change in Workday and send an email notification to the supervisor providing the name and employee ID of the affected employee, along with instructions on how to use the MIM portal to continue, gracefully discontinue, or immediately discontinue the employee鈥檚 computer access. Supervisor will have seven (7) calendar days to respond to the notification before the employee鈥檚 access is automatically removed, and the employee is notified via a separate email. If a supervisor does nothing in response to the notification, the employee account will expire causing the employee to lose access to university systems.
When a supervisor continues computer access using the portal, the employee鈥檚 account will remain active for a period of six (6) months. At the end of the six-month period, the system will again notify the supervisor via email that the access will expire, at which time the supervisor may reauthorize the computer access for another six-month period.
The supervisor will be held responsible for any actions taken by former employees who are granted continued access via this process. A permanent audit trail is kept in a data warehouse of all actions in the self-service web portal.