The report header includes basic information about the employee and supervisor.  It lists the institution, the supervisor, the employee’s name and ID, the last time the employee was paid, the employee’s business unit, and the employee’s classification.

The first table shows the user’s job and department, along with their Permission List settings on their Distributed User Profile.  ProcProfClass is the user’s Process Profile.  The OprClass and RowSecClass values are the Primary and Row Security values.  More information about Primary and Row Security values can be found in the Default Roles and Masking Options for All Admin Campus Solutions Users QRG.

This table lists the user’s

• Institution (Institution Security - QRG)
  • Institution security controls access to most of the student data available in Campus Solutions, including Advisor Center, Student Services Center, and most of the navigations under Student Records.
  • Institution security is “parent” to many other parts of SACR security.  Here’s a brief overview of the hierarchy, and what each branch does.
    • Institution
      • Acad Career (Institution/Career Security - QRG)
      • This branch controls access to what program\plan data a user can access for a student.
        • Acad Program (Academic Program Security - QRG)
          • Acad Plan (Academic Plan Security - QRG)
      • Institution Set
      • Set ID
      • Campus (Institution/Campus Security - QRG)
      • Tscrpt Type (Transcript Type Security)
        • This value controls functionality that isn’t currently leveraged in ctcLink
      • Tscrpt Report (Transcript Report Security)
        • The value(s) here control which  kind(s) of transcripts a user is allowed to produce under navigations that start with Main Menu>Records and Enrollment>Transcripts
        • This value is NOT required to run an unofficial transcript out of Advisor Center or Student Homepage
      • Adv Report (Advisement Report Security)
        • There are three values for this: ADV (Advisment), WIF (What-If), PLN (Planner). You can also select “ALL” to grant a user the ability to run all kinds of advisement reports.
      • Recruit Center (Recruiting Center Security)
        • The value(s) here control which Recruiting Centers a user can work with.  Most of the navigations affected by these values start with Main Menu>Student Recruiting
      • Appl Center (Application Center Security)
        • The value(s) here control which admissions applications a user can work with\view.  Most of the navigations affected by these values start with Main Menu>Student Admissions
      • Adm Action (Admissions Action Security  QRG)
        • The values here control what admissions actions a user can perform on a user’s admissions application.  Users who process admission applications usually need access to APPL, MATR, and WADM at a minimum.  Being intentional about the values assigned to a user here makes onboarding new processors easier, and helps ensure compliance with local business processes.  Most navigations affected by these values start with Main Menu>Student Admissions
      • Program Action (Program Action Security)
        • The values here control what actions a user can take on a student’s Program\Plan stack.  Most of the navigations affected by these values start with Main Menu>Records and Enrollment>Career and Program Information
      • Test ID (Test ID Security)
        • These values control what test scores a user can see in Advisor Center/Student Services Center, and also which values the user can see under
          • Main Menu>Student Admissions>External Test Score Processing

and

Main Menu>Student Recruiting>External Test Score Processing

Main Menu>Records and Enrollment>Transfer Credit Evaluation>Test Results

• Grad Status (Graduation Status Security)
  • These values control what actions a user can take in the Graduation module.  These values are configured by each institution.  Most of the navigations affected by these values start with Main Menu>Records and Enrollment>Graduation

3C security is local to the institution.  Each object (checklist, comment, communication) created in the 3C module must be associated with a 3C group in order for users to be able to see and use it (i.e. assign it to students).  Most of the navigations affected by this security start with

• Main Menu>Campus Community>3C Engine
• Main Menu>Campus Community>Checklists
• Main Menu>Campus Community>Comments
• Main Menu>Campus Community>Communications

QRG

Academic Organization Security is required for most navigations under Main Menu>Curriculum Management.  Unlike the majority of other SACR values, it is a tree-based value.  Giving a user access to a node gives them access to everything below that node.  Each institution has a “top” node and multiple nodes under it that reflect their organizational structure under that.  This enables LSAs to grant access to these navigations in a very granular way.  

The Academic Organization tree can be reviewed under the navigation Main Menu>Tree Manager>Tree Viewer.  The Tree Name is ACAD_ORGANIZATION.  Your institution’s nodes start with your institution number (for example, all Bates Technical College nodes start with 280).  

For example, if a user is given the value 140ENGLD, they will have access to 140PTWR and 140ENGL, but they will not have access to anything under 140COMHUMD.  Alternatively, Clark’s LSA could grant access to 140CLARK to give them access to the entire Clark College tree, or 140BEECHU to give them access to only nodes below that note.

QRG

Milestone Security is required to both view and edit Milestones.  This value is a child of institution.  

QRG

Service Indicator Security is only required to EDIT (place or release) Service Indicators.  All users with access to the navigation will have access to see the service indicators a student has on them, and those service indicators that are configured to be displayed in student center or in Advisor Center will be displayed regardless of the user’s SACR Service Indicator Security.

Service Indicator Security is a child of institution so you must grant Institution for the user before you can grant them access to place or release service indicators.

QRG

Student group security is required to both edit and view student groups.  It is a child of institution, so you must grant Institution for the user before you can grant them access to view or edit student groups.

QRG

Population Selection Security is global.  If you grant a user access to Population Selection Security, you will grant it for all institutions that user has access to.  

QRG Link

SEVIS Security is global.  If you grant a user access to SEVIS, you will grant it for all institutions that user has access to.

School Code (QRG)

Program Sponsor (QRG)

Academic Progress Tracker is not currently used in ctcLink. PeopleSoft requires the system to choose between Academic Advisement Reports (AARs) and Academic Progress Tracker, and ctcLink is set up to use AARs.

Admissions Application Suspense Management (QRG)

This setting relates to functionality that isn’t currently set up in ctcLink.

Academic Item Registry is related to Academic Progress Tracking functionality, which is not currently used in ctcLink. PeopleSoft requires the system to choose between Academic Advisement Reports (AARs) and Academic Progress Tracker, and ctcLink is set up to use AARs.

Advising note security determines what advising note categories a user has access to view, create and/or edit. These values affect both the Advisor Homepage that’s associated with ZZ SS Advisor and Main Menu>Academic Advisement>Student Advisement>Advising Notes.  The ZZ SS Advisor role gives page access, but to create/edit/view Advising notes the user must have one of the local grantable roles for advising such as ZZ/ZD Advising Notes  XXX.

QRG

These two sections are informational only.  They do not need to be confirmed as they are set by the   user under Menu > Set Up SACR > User Defaults.  (QRG)

This portion of the report is divided into two sections based on whether or not the role(s) a user has are locally assigned or must be assigned by the State Board security team.  

When reviewing navigations, page access, and roles, consider the following factors, all of which impact the probability of a data breach, or a user being able to act nefariously.

• What level of information is available at the navigation
  • Refer to your institution’s internal documentation to better understand the following categories.
  • Category 1 data is public information.  This includes information that is specified as Directory Information under our system’s shared definition per the Family Educational Rights and Privacy Act (FERPA).
  • Category 2 data is sensitive information.  All data that isn’t public information is at least category 2, although some data will be higher.
  • Category 3 data is confidential, and includes things like social security number, citizenship status, driver’s license number, credit card number, bank account number, among other information.
  • Category 4 data is confidential information requiring special handling.  
• Whether or not the user has a role that grants them the ability to edit the data at the navigation, and, if applicable, whether or not the user has access to correct historical data.
• What other navigations & information is on the role
• Whether or not there are other roles that cover the navigation that might be more appropriate.
• How robust your offboarding processes are.  
• Whether or not the user’s current job responsibilities require the access the user has.