Skip Navigation
TECHNOLOGY SUPPORT
ACE

Access Control Executive (ACE)

The implementation of appropriate access controls to administrative business systems is critical to attainment of HSC’s missions. The ACE responsibilities, listed below, should be carefully reviewed by Deans, Chairs, and Directors, as well as the designated departmental ACE to ensure departmental compliance.

Description: The ACE is responsible for requesting/deleting all access for employees in their department.

  • Mandatory Annual ACE Training FY 12-13
  • ACE Qualifications:
    • IMS has custodial responsibility for the management of all UT Health Science Center administrative business systems.
    • Departments maintain the responsibility for authorizing user access to systems for the completion of daily operations.
    • Fulfilling this responsibility, each UT Health Science Center department must designate an Access Control Executive (ACE).
    • The ACE must be appointed by the Dean, Chair, or Director using the Access Control Executive (ACE) Designation Form.
    • No one can sign the Access Control Executive (ACE) Designation Form in place of the Dean, Chair, or Director without approval from the Executive Vice President for Business Affairs and Chief Financial Officer.
    • More help is available from IMS.
  • Listing of other qualifications:
    • It is required that the ACE be a senior member of the department: Dean, Chair, Director,  Associate/Assistant Director, Administrator, or the department’s senior administrative position (provided the department’s organization structure does not include an Associate/ Assistant Director or Administrator).
    • The ACE cannot also be the Technical Support Representative (TSR), which is dictated by the  Handbook of Operating Procedures, Section 5.8.15.
    • The ACE must be knowledgeable about the University policies and procedures, internal controls, and the department’s business processes and organizational structure.
    • If a new ACE is designated, the name of the former ACE will be removed from distribution lists, and all security access will be terminated.
  • User Process Guides/Forms and Training:
    The following forms and guides are used by the departmental ACE.
    • ACE Designation Form (pdf) - This form is used to assign a departmental ACE and must be signed by the department's Chair, Dean or Director and the Vice President for Business Affairs.
    • ACE Proxy Designation Form (pdf) - This form is used by the departmental ACE to designate a person to act in the ACE's absence.  This form must be signed by the department's Chair, Dean or Director. 
    • P.S.A.R. (Personnel Security Access Request) Form - This online form is used to request/delete access to application systems for a user. For security purposes, this form should ONLY be completed and submitted by the departmental ACE. The PSAR form is now located within the portal under ACE Tools. Clicking here will re-direct you to sign onto the portal.
    • Access Control Executive Procedures Manual and Reference Guide (pdf) - This guide will take a step-by-step approach through ACE Tools for the departmental ACE.
    • Administrative Mailbox (pdf) - This guide will take a step-by-step approach through setting up the HRMS mailbox for the departmental ACE to receive confirmation emails from Human Resources department or Payroll.

Contact Information:

Requirements: The ACE has the responsibility to manage departmental users accessing administrative business systems including: PeopleSoft applications, Document Review System (DRS), Space Management System (SMS) and Data Warehouse.  These systems contain sensitive data and information critical to HSC business processes. In addition to this critical function, the ACE serves as the official liaison between the departmental users, administrative departments, IMCSS and IMIS in the use of UT Health Science Center administrative business systems.

Implementation of appropriate access controls to administrative business systems is critical to attainment of HSC’s missions.  The ACE responsibilities, listed below, should be carefully reviewed by Deans, Chairs, and Directors, as well as the designated departmental ACE to ensure departmental compliance.

List of Responsibilities:

  • The ACE has the responsibility to assign appropriate security access to PeopleSoft, Document Review System (DRS), and Data Warehouse.  Departmental users should be assigned access privileges based on job duties, or on a “need-to-know” basis.  Additionally, the ACE must ensure approval cycles support appropriate separation-of-duties and good internal controls.

  • The ACE has the responsibility to immediately terminate security access for an employee who has been terminated, transferred to another department, or no longer has a need to access administrative systems.

  • The ACE is required to review the “User Security Access Departmental List”, at least annually, and provide a signed copy to their Dean, Chair or Director.  Any access changes should be forwarded to Computing Resources for implementation.  To document the completion of required ACE training and system access verification, the department must maintain a current signed copy of the “List.”

  • In the ACE’s absence, only the Dean, Chair, or Director may assume the responsibilities and duties of the ACE.

  • The ACE is required to attend mandatory annual training.

  • The ACE has the responsibility to ensure departmental personnel receive both formal systems training and training related to departmental procedures and accounts.

  • The ACE serves as the official liaison between the department, administrative departments, Computing Resources and IMIS in the use of UTHSCSA’s administrative business systems.  In particular, access control actions requested by the ACE will be implemented by the CR Account Management Team, a division of Computing Resources.

  • The ACE has the responsibility to maintain the electronic Administrative Mailbox, which is established for internal control of routine departmental business processes.

  • The ACE has the responsibility to ensure personal computers accessing administrative business systems are properly secured.

Restrictions: Failure to comply could put business processes and information at risk. For all access to the application systems, the departmental ACE is required to submit a Personnel Security Access Request (PSAR) form.   For security reasons, the PSAR form should only be submitted by the departmental ACE.  New and existing employees who are not in the ACE role, should not complete this form.

Time Constraints: None

Turn Around Time: None

Cost: There is no cost for the classes, however a no-show fee of $50.00 will be charged to the department for any users who sign up for a class but do not attend. An e-mail with at least 24-hr notice will be accepted.

Request Instructions: See information on New and Annual ACE Training.

  1. New ACE training:

    2. DCATS will contact the newly appointed ACE to schedule initial ACE training.  This training is required for newly designated ACEs and is conducted one-on-one throughout the year. This Initial ACE training includes a technical and functional overview. Included is an initial review of departmental security access and the appropriate forms.

  2. Annual ACE training:

    As a review of responsibilities and existing departmental access, each ACE is required to attend annual ACE training.

    This Annual ACE training is conducted in a seminar style and includes a “functional” overview and a review of departmental security access and the appropriate forms.

    1. The ACE training includes the following documentation:
      • ACE Process Guide and Helpful Information Sheet
      • User Security Access Departmental List and Confirmation Form
      • Additional Process Guides as needed

       
    2. After mandatory annual ACE training, a copy of the User Security Access Departmental List Confirmation Form is signed and forwarded by the ACE to DCATS.