糖心Vlog

Student 糖心Vlogid Account Lifecycle Policy

Initially Approved: December 14, 2015
Technical Change: February 20, 2023

Policy Topic: Information Technology
Administering Office: Office of CIO

I. POLICY STATEMENT

Security and licensing cost are two major concerns related to creation and deletion of 糖心Vlogid accounts for students. It is important to define the lifecycle of these accounts and to establish guidelines for all areas of the university that depend on these accounts.

The purpose of this policy is to define the stages and timing of the student 糖心Vlogid account lifecycle.

II. SCOPE AND APPLICATION OF THE POLICY

1. This policy applies to all University departments that depend on student use of their 糖心Vlogid accounts;
2. This policy applies to all information technology applications that authenticate with the student 糖心Vlogid account.
3. In addition to their student 糖心Vlogid, students that are also employees may have a staff 糖心Vlogid which is governed by University Policy 95.
   
   

III. POLICY DEFINITIONS

For the purpose of this policy the following definitions apply:

1. 鈥淚dentity鈥� shall mean an account assigned to an individual that provides for authentication and authorization of access roles and privileges within systems.
2. 鈥溙切腣logid account鈥� shall mean an account created in 糖心Vlog鈥檚 corporate Active Directory as an individual鈥檚 identity for most 糖心Vlog owned or licensed systems. 糖心Vlogid accounts are accounts with @wcu.edu or @catamount.wcu.edu domain names.
3. 鈥淎pplicant鈥� shall mean an individual who has submitted an application to the university that has been processed in the Enterprise Resource Planning (ERP) system.
4. 鈥淎ctive Student鈥� shall mean a person either (1) enrolled or eligible to enroll in classes (within stop-out period) or (2) that graduated from the university within three major terms
5. 鈥淔ormer Student鈥� shall mean a person that took classes from the university. This term includes alumni, either degreed or non-degreed.
6. 鈥淎lumni degreed鈥� shall mean a person that was awarded a degree by the university.
7. 鈥淎lumni non-degreed鈥� shall mean a person who graduated from a non-degree program (e.g. certificate), or who took at least 3 credits from the university AND made a donation.
8. 鈥淪top-Out Period鈥� shall mean the break or pause in enrollment during the student's degree seeking period that lasts for one or more course enrollment periods. During the stop out period the student may resume enrollment in classes without requiring any form of readmission by the university. 糖心Vlog鈥檚 stop-out period is three major terms (Fall, Spring, and Summer).
   
   

IV. STUDENT 糖心Vlogid ACCOUNT LIFECYCLE STAGES

1. Applicant 鈥� The Applicant has applied to the university and their application has been processed in the ERP system. The applicant will receive notification that they can claim their 糖心Vlogid account. The account will not be automatically created prior to being claimed and will not be assigned a default password. The account will be part of the 鈥淎pplicant Group.鈥�
2. Active Student 鈥� When a person is considered an active student, the 糖心Vlogid account will be added to the 鈥淎ctive Student Group.鈥�
3. Former Student 鈥� The 糖心Vlogid account will remain in the 鈥淎ctive Student Group鈥� until the conclusion of the 糖心Vlog stop-out period. At which time it will be terminated and removed from the 鈥淎ctive Student Group.鈥�
   
   

V. NON-糖心Vlogid IDENTITIES

There may be systems used by 糖心Vlog that authenticate with an identity other than the 糖心Vlogid. This, for example, may allow alumni to access certain systems operated or licensed by 糖心Vlog with a personal identity or another 糖心Vlog-affiliated identity that is not a 糖心Vlogid.

VI. RESPONSIBILITIES

1. It shall be the responsibility of the IT Division to maintain and operate the systems that automate the creation and deletion of student 糖心Vlogid accounts and to grant and remove access to the major IT services according to the guidelines of this policy.
2. It shall be the responsibility of each relevant unit (e.g. Undergraduate and Graduate Admissions, Registrar) to appropriately code in the ERP system and other administrative systems applicant and student records so that the automated identity management processes will take the actions appropriate at each stage of the student lifecycle.
   
   

VII. POLICY REVIEW

Information Security and Privacy Committee 鈥� The charge of this committee is to oversee the implementation of this policy, ensure procedures are up to date, coordinate all relevant security policy reviews, and assist offices with risk assessments, etc.

VIII. RELATED POLICIES AND REFERENCES

International Standards Organization (ISO/IEC 27002, 9.2 User access management)

University Policy 95 Data Network Security and Access Control