Office of Ethics, Compliance & Privacy site logo

Office of Ethics, Compliance,
and Risk

 

Application and System Access

 

Policy Summary

It is the policy of the university to promote secure and appropriate access to its systems, and to the data used, processed, stored, maintained and/or transmitted in and through those systems. This policy defines management’s expectations of users who have been granted access to university systems.  

Who is Governed by this Policy 

  • Students
  • Staff
  • Faculty
  • Contractors

Policy

Access to university-owned applications and systems is conditioned upon user observance of the Acceptable Use Policy for Computing Systems and Services and the policies referenced in the Related Information section of this policy.  

Access may be revoked if either the Acceptable Use Policy for Computing Systems and Services or this policy is violated. Other action, up to and including termination of university employment, may also be taken, depending on the particular violation.  

All users are required to adhere to the following rules in order to use, access, store, process, and/or display data acquired from university-owned applications and systems.  

A. Access to university-owned applications and systems is granted solely to conduct legitimate business on behalf of the university.  

B. Access to specific system functions and data populations is consistent with each user’s scope of employment.  

C. Access requests are initiated by written request from home department managers who have knowledge about their users’ legitimate need to access/change financial data. Access requests for academic department users must be approved by all applicable financial personnel (if access requests involve a single school, then only that school's financial personnel’s approval is required).  

D. User accounts will remain active until a user’s employment relationship either changes or terminates, or a dormancy period is exceeded.  

E. Supervisors are notified of all access changes for their users.  

F. Any contractors or non-GW persons who require access to enterprise systems must undergo a background check and receive documented approval for this access by an appropriate GW official. 

Definitions

Enterprise System: A computing system maintained by the Division of IT that is used by more than one department, and that contains financial, managerial, confidential or other sensitive or mission critical information. 

Related Information

Acceptable Use Policy for Computing Systems and Services 

Information Security Policy 

Contacts

Contact Phone Number Email Address
IT Support Center 202-994-4948  [email protected]

 

Responsible University Official: Chief Information Officer
Responsible Office: GW Information Technology

 

Non-compliance with this policy can be reported through this website.