Subject: Administration of Access and Security Management for the Regional Pay System (RPS)
April 2, 2012
1.1. The purpose of this directive is to remind the key stakeholders of their roles and responsibilities in administering the on-line access and security management for the RPS.
2.1. In August 2010, the On-line Access and Security Management Guide was created to assist stakeholders in their understanding of their roles and responsibilities.
2.2. This directive must be read in conjunction with ARCHIVED CD 2010-015 dated August 24, 2010.
3. Procedures and Instructions
3.1. The responsibility for segregation of duties lies with departments and agencies. Departments and agencies must establish policies and procedures to ensure that controls exist related to pay transactions by ensuring that users are not assigned the ability to create and verify the same pay transaction and that persons who are assigned access rights understand their responsibilities.
3.2. It is also the responsibility of departments and agencies to ensure that new designated Security Access Control Officers (SACO) successfully complete the On-line Departmental Security Application (PA-09) course and receive the necessary training to perform their duties.
3.3. The SACOs are responsible for ensuring that all system access requests, including access to RPS, are completed properly and forwarded to the Enterprise Security Administration for processing. A copy of these requests must be kept on file for reference and audit purposes.
3.4. Prior to creating user identification for a person, the SACO must delete all previously assigned user identification for that same person.
3.5. When a user is no longer required to perform duties necessitating RPS access or leaves the department or agency, their user identification must be immediately cancelled and removed from the departmental security structure.
3.6. On a yearly basis, SACOs must confirm that a review of all users has been completed and that all discrepancies have been corrected.
3.7. Detailed instructions and contact information are available in the On-Line Access and Security Management Guide posted in the "Security Administration and Control Officer (SACO)" page of the Compensation Sector Web site.
4.1. Any inquiries on the information contained in this document should be addressed to your Public Works and Government Services Canada (PWGSC) Compensation Services Office.
Reference(s): CJA 9021-21
- Date modified: