290 likes | 467 Views
Training for TEAM Local Security Managers. The User Management Process Updated 8/2013. Objectives. In order to have a secure overall process for user management in TEAM. We need: Standard Operating Procedures A method to ensure the quality of TEAM user information
E N D
Training for TEAM Local Security Managers The User Management Process Updated 8/2013
Objectives • In order to have a secure overall process for user management in TEAM. We need: • Standard Operating Procedures • A method to ensure the quality of TEAM user information • Internal controls for staff access and authorization FTA Office of Program Management
Local Security Manager Responsibilities • Setting up user accounts • Annual monitoring of TEAM users • Reset passwords for users assigned by your office • Unlocking accounts due to failed login attempts and time locks • Ensure accurate completion, processing, and filing of TEAM user access forms FTA Office of Program Management
The TEAM User Access Forms • Package location: • TEAM Home Page: http://ftateamweb.fta.dot.gov/links.htm • FTA Public Website: http://www.fta.dot.gov/funding/grants_financing_7205.html • FTA Net: http://ftanet/tpm/TPM-10/TEAM-UserUpdates.asp • Includes 2 types of forms: • Staff/Contractor/Auditor • Grantee/Recipient • Includes instructions and contacts: • Which form to use • Where completed forms go for processing • What additional documents may be needed • What Authorizations may be necessary FTA Office of Program Management
Staff Access • Staff TEAM User Access forms must have supervisory review and signature • Special access to job-specific functions should be signed by a HQ representative for that function (Authorizations for Special Functions, page 18) • Budget Functions • Legal Signoff • Civil Rights Functions • PIN Number for Obligation Activities, Earmark Management, etc • Accounting functions FTA Office of Program Management
Contractor Access • Contractors acting as FTA staff who require access to TEAM MUST be Authorized by their COTR Contracting Officer’s Technical Representitive. • Example: • Triennial Review Contractor must be Authorized by Triennial Review COTR. FTA Office of Program Management
Auditor Access • Auditors who require access to TEAM MUST be Authorized by the FTA Audit Liaison in TBP. • This access should be promptly removed when audit activities are complete. FTA Office of Program Management
Grantee Access • Ensure that the Grantee is authorized to have the functions that they are requesting. • Have the grant manager sign off as FTA Authorizing oficial to verify identity. • Make sure ‘Designation of Signatures’ are on file for users “PINing” on behalf of others in their office. • (See TEAM User Access Forms and Instructions Appendix1) FTA Office of Program Management
Good Practices I • Add notes to the user record to note user record activities, password resets, access changes, etc. • Use TEAM to notify user of username and password • Username and password are in the same email • DO NOT email a PIN and Password in the same email FTA Office of Program Management
Good Practices II • Attach scanned user access forms to the user record • Do NOT add/modify users without proper documentation • Do NOT reset email addresses or roles/privilages without an updated TEAM User Access form • If you are not sure about a user ask questions to verify information • Verify that reauthorization is not necessary before attempting to reset password FTA Office of Program Management
Staff/Contractor/Auditor Form • Collect the form • Verify the information & Authorizations • Multiple Authorizations may be required for special access! • LSM signs as FTA Operational Approval • Process the form in TEAM (Verify & Certify!) • File the form (attach in TEAM and file ‘paper’ document securely) FTA Office of Program Management
FTA Authorizations • Identifies the appropriate individuals that must provide signature to authorize access to special functions • One or more FTA authorizations may be required • Attach file with additional authorizing documents as necessary FTA Office of Program Management
Supervisor Authorization • A Supervisor MUST sign to authorize staff access • Administrative Officers MUSTbe notified to add new staff users to the OASIS TEAM User Group This ensures that the Office maintains awareness of system access! FTA Office of Program Management
Authorization for Special Functions Regular Access - Employee's Supervisor or COTR Special Access • Help Desk Functions/Local Security Manager Functions • Associate Administrator (AA) or Regional Administrator (RA) • Budget Functions • Director of Financial Systems or Director of Budget (TBP) • Earmark Administration Functions • Director of Transit Programs (TPM) • Civil Rights Functions • Civil Rights Officer, HQ (TCR) • Legal Signoff • Chief Counsel or Deputy Chief Counsel (TCC) • FTA Obligation Authority (Award Access and PIN, also listed on pick list for 'Paper' Grants) • Only as indicated in the Federal Transit Administration Delegations of Authority • Auditor Access • FTA Audit Liaison (TBP) FTA Office of Program Management
Grantee Form • Collect the form • Verify the information & Authorizations • Additional documents may be required for special access! • LSM signs as FTA Operational Approval • Process the form in TEAM (Verify & Certify!) • File the form (attach in TEAM and file ‘paper’ document securely) FTA Office of Program Management
Designation of Signature Authority • Used to delegate signature or “PIN” authority to someone other than the Official Named on the Resolution Authority • Template available in User Form Instructions (TEAM User Access Forms and Instructions Appendix1) FTA Office of Program Management
TEAM User Security Screens Creating a User Account in TEAM Select the Add User module by selecting the TEAM Administration drop down menu then the Security drop down menu from the Navigational Menu Complete the information on the General Info tab per the data provided in the TEAM User Access Request form. It is critical that the email address is valid as this will be used for security features including automated communication to the user when account modifications are made. FTA Office of Program Management
The format for a username is the TEAM user’s last name and initial of their first name. The system will not allow you to add a duplicate and may ask that the initial Username entered be modified. In this case add the middle initial, if available, or second letter of first name. Example: Name: John Doe Username: DOEJ Name: John Doe Username: DOEJO Users who require rights to PIN must be both Set and Activated here. This process is completed by selecting the Set PIN button (refer to Note) and then the Activate button. Note: Copy the users PIN to the TEAM User access form immediately after the Set PIN button is pushed. This will be the only time the PIN is viewable. FTA Office of Program Management
Add the cost center which is associated with the TEAM user’s primary location. If other cost centers are needed, apply them to the Auxiliary column. Add the Recipient ID that has been provided on the TEAM User Access form. FTA Office of Program Management
Security Roles / Privileges • It is important that you understand these boxes and how to accurately reflect the user’s job function in both the form and the TEAM user account. • Security Roles Reference Document located at : http://ftateamweb.fta.dot.gov /static/Guidance-HQ/ • Contact the User, the FTA Authorizer, or the TEAM help desk if you are still uncertain of the type of access they need, or how to assign it in TEAM! FTA Office of Program Management
Notification • TEAM will request to generate an email notification that will consist of the user’s temporary password. Select Ok to send the message • For TEAM Users that have been granted a PIN an email must be sent manually with the PIN included. If it is not on the form repeat step 4b. • Note: This email notification should be sent only to the email indicated on the TEAM User Access form and is not to include any other information. FTA Office of Program Management
Attaching Using Access Form FTA Office of Program Management
Monitoring Users • The reauthorization of users will be performed annually during the first quarter of each fiscal year to coincide with the period during which grantees are required to sign the "Certifications & Assurances" as a condition of a grant award or application for award. • At the beginning of each fiscal year, TPM will generate a TEAM User Report for distribution and review by Regional and Headquarters LSMs. The TEAM User Report will list all TEAM users, their last reauthorization date, system permissions, date of the last log-in and suspension date. The TEAM User Report is intended to facilitate the review and reauthorization performed by FTA LSMs, Associate Administrators (AA), and Regional Administrators (RA). FTA Office of Program Management
Reauthorization Scope • Per the reauthorization SOP, users who have last logged into TEAM 18 months or more prior to the first day of the fiscal year, or who have never logged into TEAM will have their accounts automatically suspended, unless the LSM indicates that the account should be reauthorized. • Individuals whose last log-in date in TEAM was within 18 months of the first day of the fiscal year will have their account reauthorized, unless the LSM indicates that it should be suspended. • The TEAM help desk will conduct a batch reauthorization and suspension on the basis of the annotated user lists submitted by the LSM. FTA Office of Program Management
SUSPENSION OF TEAM USERS • If a TEAM user is suspended because of multiple erroneous login attempts, he/she can be reactivated any time without having to go through the approval process again • If a TEAM user gets suspended because their account was not reauthorized, then he/she has to fill out the user access form and go through the approval process • Make a comment in the note section of the user’s profile stating why the user has been suspended so that the helpdesk does not un suspend the account in error. • All TEAM users who have not accessed TEAM within 90 days will have their accounts locked and they will have to contact their LSM to regain access. However, users will be notified via email on the 80th, 88th, and 89th day of inactivity in advance of their account suspension, so as to give them the opportunity to log into TEAM to avoid being suspended. FTA Office of Program Management
TEAM Separations (FTA Staff and Contractors) • Operation and Staff Information System (OASIS) will send the corresponding LSM an email notifying them of the employee separation and OASIS will send a message to TEAM that the individual has separated from FTA. • TEAM suspends the user’s access automatically the day after receiving the OASIS message. • FTA LSMs should take action to deactivate the user’s account after they have been suspended automatically. FTA Office of Program Management
Thing to look for in an OASIS message: • • Username: John.Doe• Has Z Account: No• Personnel Type: FTA Personnel• Job Title: Personal Services Technician• Room/Cube: E46-202• Work Phone: (202) 366- ****• Transfer Date: 01/06/2012• New Office: TPM-40• Old Office: TCR-1• Notes: Update: Transfer took place 1/9/12 (TCR-1/E54-121 to TPM-40/E46-202) • • Username: Aaron.James• Has Z Account: No• Office: TPM-20• Personnel Type: FTA Personnel• Job Title: Supervisory General Engineer• Separation Date: 10/19/2012• Work Phone: (202) 493-0107• Room/Cubicle: E46-314 FTA Office of Program Management
TEAM Separation (Recipient) When a user leaves the organization, the user’s account must be promptly suspended. The FTA Regional Office should be notified of a user’s departure. The Regional Office staff will confirm with the organization to verify that user access needs to be suspended, and then the organization will be notified when user access has been deleted. Additionally, Regional Office staff should initiate suspension of grantee users known to have departed from the grantee’s organization. FTA Office of Program Management
Questions? Contact the TEAM Help Desk for assistance! Hours of Operation M-F 8:00a.m. to 5:00p.m. (EST) Telephone Number 888 - 443 - 5305 Email Address Team.HelpDesk@dot.gov FTA Office of Program Management