User id and passwords
- 1. USER CODES AND PASS WORDS ORB40QT SECURITY MEASURES, PROCESSES AND MANAGEMENT ON BAS
- 2. BAS SECURITY SETTINGS ORB40QT RESPONSIBLE PERSON: SYSTEM CONTROLLER • Register IP address of workstation by National Treasury • Register a new User ID on BAS • Allocate the relevant group or individual User access maintenance • Partial or complete access to the Chart of Accounts (Code structure) to refine security access • Deactivate or activate individual User IDs •
- 3. BAS SECURITY SETTINGS ORB40QT • User ID – unique per user • Pass word – Each user select own password Minimum number of characters required for a password between 7 and 15 Must contain characters from 3 of the following 4 classes in no specific order: Uppercase Lowercase Numbers Special characters Example: Swd57$now
- 4. BAS SECURITY SETTINGS ORB40QT • Number of time Users is allowed to enter incorrect password 3 - 5 times. Only System Controller can activate it again. • Number of days that a password will remain active – 30 days • Number of previous passwords the User is not allowed to re- use – between 5 and 10 • Number of minutes within which the User must reset the password after it has been reset by the System Controller -30 minutes • Period of Inactivity on BAS = 5 minutes. Notification that BAS Session has expired. If no reaction, system will close.
- 5. BAS SECURITY SETTINGS ORB40QT Important functions: • Group Profile Creating a group based on common functions that Users require for example all cashiers will have the same group profile and creditor clerks will have a different group profile • User Profile Maintenance Access for a specific user. Authorised to do additional functions. • Workflow Management Allowing only relevant officials to view, capture, modify or authorise certain transactions
- 6. Group Profile Maintenance ORB40QT • Group Functions are linked according to the common requirement of Users (Job description) • System Controllers will identify on the Main Menu the functions that must be available for the User for example Cashier: Receipts Receipt and capture Maintenance on pending receipts Deposit close off Cancellation of deposit Amend incorrect receipts Receipt reports
- 7. Group Profile Maintenance ORB40QT • The authoriser for receipts will have access to: Deposit day end Deposit confirmation Authorised cancelled deposits Cancellation of receipts
- 8. Workflow management Faculty name Department name • Workflow determines which information a user will be allowed to view, maintain or authorise. • Workflow links supervisors and capturers and is the final step in the security process. • Workflow is created per functional area and is required for all functional areas except budgets and debt. • A workflow group is complete if two or more users are linked, consisting of a supervisor and a capturer. • Even if a user has capturer and supervisor functions, BAS security setting will prevent them from capturing and authorising the same transaction. • Users can either be added as a supervisor or capturer • Users can be linked to more than one group per functional area but a preferred group needs to be selected