Authorized Access to Electronic Information Procedure
Version 1.0
Purpose
The purpose of this procedure is to instruct you on how to gain access to Electronic Information stored on University IT Resources of which you may not be authorized to access in standard business operations.
Scope
This IT document, and all policies referenced herein, shall apply to all members of the University community including faculty, students, administrative officials, staff, alumni, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.
Procedure Statement
- Users accessing Electronic Information must follow the requirements per the Authorized Access of Electronic Information policy.
- Requests and subsequent approval must be submitted to the Chief Information Security Officer (CISO), Chief Information Officer (CIO), or the President see the Authorized Access of Electronic Information policy for details.
- Access request authorizations should be provided and documented in EasyVista.
- Use the Delegate Access Request for Electronic Information form.
- The appropriate technical administrator exports or provides access to the requested information.
- The appropriate technical administrator records their activities and closes the ticket on EasyVista.
- No Fordham Sensitive or Fordham Protected data should be stored in EasyVista. Requests must be modified to ensure confidentiality.
Definitions
Electronic Information refers to documents and communications, including email, voice mail, and text messages, and their associated metadata, located in files and accounts related to a particular user.
IT Resources include computing, networking, communications, application, and telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and any related materials and services.
Related Policies and Procedures
- Acceptable Use of IT Infrastructure and Resources Policy
- Authorized Access to Electronic Information Policy
- Provisioning and Deprovisioning Policy
Revision
| Version: | Date: | Description: |
| 1.0 | 03/25/2019 | Initial document |
Implementation Information
| Review Frequency: | Annual |
|---|---|
| Responsible Person: | Director, IT Security |
| Approved By: | CISO |
| Approval Date: | March 25, 2019 |