I. Scope
This policy applies to all George Mason University faculty, staff, students, and others who access Banner and related administrative systems.
II. Policy Statement
Each position that requires access to Banner and related administrative systems must be granted the minimum level of access needed to perform the specific job duties of the position. Access will be granted only after the requestor has signed a confidentiality statement, the supervisor or other appropriate authority has approved the request, and any prerequisite training has been completed. Access that is no longer necessary will be removed in a timely manner. Documents supporting access requests including confidentiality agreements with approval will be stored in a secure location, whether on paper or in electronic copy.
III. Definitions
Banner Security Officer (BSO): A BSO is a University employee who manages access to Banner and related administrative systems.
IV. Compliance
Banner Security Officer. The BSO is responsible for working with the data steward and department head or designee to design user access, for asking relevant questions in order to minimize unnecessary access, and for approving all user access within his/her Banner module. The BSO is responsible for assigning access based on documented approval and confirmation that any prerequisite training has been completed. The BSO is responsible for reviewing a report of terminated employees twice a month, and for removing any related access. The BSO is responsible for periodically reviewing access changes made in his/her area of responsibility and making the appropriate Data Steward aware of any changes made by an unauthorized user. The BSO is responsible for reviewing and confirming with department heads at least annually, all user IDs with Banner and related administrative systems access. In order to manage access changes in an efficient and timely manner, each BSO may delegate BSO responsibilities as appropriate.
Data Steward. The Data Steward is responsible for assigning the BSO for his/her Banner module or application. Data Stewards are as follows:
- Admissions:
Executive Director, Enrollment Services/Dean of Admissions - Fiscal Services/Student Accounts Receivable:
Associate Vice President and Controller - Financial Aid:
Director, Student Financial Aid - Human Resources/Payroll:
Vice President/Chief Human Resources Officer, Human Resources/Director, Payroll - Registrar: University Registrar
- Database Support: Executive Director, Enterprise Resource Planning
Department Head. The department head is responsible for evaluating and documenting the business needs of departmental employees in order to assist with design of Banner and related administrative systems access. The department head is responsible for notifying the security officer of changes in job responsibilities which require access changes, including transfers within the department, transfers within the University, and terminations.
V. Dates
A. Effective Date:
This policy will become effective upon the date of approval by the Executive Vice President for Finance and Administration and Provost and Executive Vice President, Academic Affairs.
B. Date of Most Recent Review:
October 17, 2024
VI. Timetable for Review:
This policy shall be reviewed every three (3) years, at minimum.
VII. Signatures:
Approved:
__/S_____________________
Maurice W. Scherrens
Senior Vice President
__/S_____________________
Peter N. Stearns
Provost
Approved: August 1, 2007
Revised: January 14, 2010
Reviewed: December 15, 2020
Revised: October 17, 2024
Page last updated: December 6, 2024