Effective Immediately, User Accounts personnel will NOT implement
any user account modification requests from any UKCC employees
unless approved, in writing, by a UKCC Director or Senior Manager.
User account modification includes, but is not limited to, creating new
accounts, modifying existing accounts, resetting the password for an
account not owned by the requester, and adding system accesses such as
TSO access or POP access; and  this applies to requests for any account
including accounts assigned to the UKCC person requesting the change.
One exception to this will be for resetting passwords.  Any user,
including an UKCC user, may request User Accounts reset the
password of an account they own by presenting to User Accounts a
signed and dated document indicating the request.  An ID is required if
the User Accounts representative does not know the user making the
request.
 
It is strongly recommended that approval for account modifications be made
by the upper level manager within their own area whenever possible.
 
System administrators who have been granted update access to UAMS
to perform their job functions, may continue to perform updates as
necessary for the administration of  their systems without additional
authorization. This permission, however, applies only to updates
necessary for the administration of their own systems. System
administrators are not permitted to perform updates requested by other
users without the authorization described above. In other words, users
who try to avoid getting the required authorization and bypass User
Accounts by requesting changes from system administrators should be
respectfully reminded of this policy and sent back to User Accounts.
Furthermore, no one is immune from the requirement for written
authorization when requesting changes from User Accounts.   Not even
system administrators.   Even system administrators must have specific
written authorization if they request changes to be made by User
Accounts instead of  making the changes themselves. As stated above,
User Accounts will not perform ANY changes for anyone without such
written authorization.
 
As a service to our users, password resets can be done by the Computer
Security Officer or by an acting Security Officer designated as a
backup, without the normal written managerial approval.  The
procedure for this is to send EMAIL indicating the account with the
problem, stating that you know this user, stating that you know that this
account belongs to that user, stating that you are willing to take
responsibility for this change, and stating that the user needs to have
their password reset.  The Computer Security Officer will respond to
the EMAIL when the reset has been completed and will keep a file of
all such requests.  If any confusion regarding the account is detected,
then the Computer Security Officer will act on that accordingly.
 
In summary, Janet and Larry (User Accounts) will no longer accept any
work from any UKCC person without written authorization from Rick
Chlopan, Kathy Hamperian, Ben Crutcher, or Bob Tannenbaum
(UKCC Directors and Senior Manager).