Open
Information Access Request (IAR) User guide
University of Liverpool
Information Access Request (IAR)
User guide
Reference Number
CSD-UG001
Title
Information Access Request (IAR) User guide
Version Number
1.0
Document Status
Active
Document Classification
Open
Effective Date
06 February 2015
Review Date
08 February 2016
Author
David Hill
Signatories:
CSD Information Security
Implemented by
Computing Services
Comments
Please refer to Section 12 – Security Investigation Policy
Active v1.0
Open
Information Access Request (IAR) User guide
Active v1.0
Information Access Request (IAR)
For Requestor
Step 1 – Initial Access to IAR request form
Log in using your MWS credentials via: https://utils.liv.ac.uk/auth-data-request
Step 2 – Completion/Submission of IAR form
Once logged in the requestor will have access to the electronic IA Form.
There are 4 sections that the requestor is required to complete within the IAR electronic
form.
The 4 sections include:
•
•
•
•
Area of Request
Type of Request
Staff/Student requested source details
CSD Involvement and Requirements
The IA form gives all the relevant information,
options and descriptions within the electronic
form for the requestor to complete
accordingly.
The requestor is required to:
•
•
Select from the pre-defined identifiers
within the drop down boxes
Supply additional details where
prompted
Once ALL of the sections have been
completed, the requestor is required to
complete the task by clicking the “submit”
button at the bottom of the form.
For all individual requests this form is to be
completed.
Open
Information Access Request (IAR) User guide
Active v1.0
Step 3 – On Screen Notification of completion/submission
•
Once the requestor has clicked the “submit” button at the bottom of the form,
an onscreen confirmation of submission will be displayed
•
Once the requestor has completed a request, the onscreen display will also allow
the requestor to now “logout” of the electronic form
To submit a new/additional request please follow steps 1,2 and 3
•
Step 4 – E-mail Notification of submission
•
The requestor will receive a notification email from [email protected] into
the requestors University assigned mailbox (this email address should not be
responded/replied to, this is not a managed mailbox and only used as
the sending address) confirming the submission
•
There will be a “Reference Number” at the bottom of the notification email.
This is referenced to identify different requests from a single requestor and to
quote in the event a progress update is required
Step 5 – Notification of Initial rejection/authorisation
•
•
•
Upon the staff/student authoriser reviewing the IAR request and submitting a
decision, the requestor will ONLY receive a “rejection” notification email and the
reasoning’s for the rejection in the initial instance
Should the submitted IAR request be accepted by the staff/student authoriser
initially this will be sent directly to the CSD Reviewer for final review
The requestor will receive a notification email of the CSD review and of the of the
acceptance/rejection status
Open
Information Access Request (IAR) User guide
Active v1.0
Step 6 – Notification of CSD Review and acceptance/rejection email
Acceptance email
•
The requestor will receive a notification upon CSD review completion and
acceptance.
Rejection email
•
The requestor will receive a notification upon CSD review and rejection status.
•
Should the requestor require an update on progress please contact your
staff/student authoriser in the first instance and/or contact the CSD Information
Security Officer (ext. 44492)
Open
Information Access Request (IAR) User guide
Active v1.0
For Staff/Student Authorisers (HOD/Student Experience Managers)
Step 1- Notification of submitted request
•
•
•
•
•
For every IAR request the staff/student authoriser will be notified by email of a
submitted request. A review/decision is required prior to CSD reviewing and
undertaking the necessary actions
The relevant staff/student authoriser(s) will receive an email from [email protected] into their University assigned mailboxes (this email
address should not be responded/replied to, this is not a managed
mailbox and only used for the purposes of sending the electronic form)
with the subject heading “Authorise Information Access Request (for
authoriser)”
Within the received email, the staff/student authoriser will be provided with the
relevant information and access to links to the submitted IAR electronic form and
instructions of what is required from the authoriser thereon
There will be a “Reference Number” at the bottom of the notification email.
This is referenced to identify different requests from a single requestor and to
quote in the event a progress is required
Should the staff/student authoriser require any information/support please
contact the CSD Information Security Officer (ext. 44492)
Open
Information Access Request (IAR) User guide
Active v1.0
Step 2 – Accessing the submitted request (IAR electronic form)
•
Once the staff/student authoriser has clicked on the provided link within the
notification to the submitted request. The staff/student authoriser will be asked to
enter their MWS credentials to access the IAR electronic form
Step 3 – Reviewing the submitted request (IAR electronic form)
•
Once the staff/student authoriser has entered their MWS credentials the
submitted electronic Information Access Request Details page will be
available to view (see below example of what the completed IAR electronic form
will show)
•
The staff/student authoriser will be required to review the legitimacy of the
submitted request prior to accepting/rejecting
Once the requestor has clicked the “submit” button at the bottom of the form,
an onscreen confirmation of submission will be displayed
•
Open
•
Information Access Request (IAR) User guide
Active v1.0
Once the requestor has completed a request the onscreen display will also
instruct the requestor to log off
Step 4 – Decision Status
•
•
•
•
•
•
Upon initial review the staff/student authoriser will be required to complete the
“Authorise” section within the IAR electronic form
Should the request be accepted, the staff/student authoriser will be required to
select “Yes”, add any relevant notes within the “Comments” section and
complete the review by clicking the “submit decision” button
Should the request be rejected, the staff/student authoriser will be required to
select “No” and MUST add specific notes within the “Comments” section prior
to clicking the “submit decision” button
If accepted - the IAR request will be sent to CSD Reviewer for a final review
If rejected - a notification email of the rejection along with the reasoning’s from
the staff/student authoriser the comments box will be sent to the requestor
Once the authoriser has clicked the “submit” button at the bottom of the form,
an onscreen confirmation of submission will be displayed
Step 5 – Onscreen confirmation of decision/completion
•
The onscreen confirmation (dependent on decision) will be displayed to the
staff/student authoriser upon submission of decision
•
The confirmation text will also change in accordance when the IAR has been
“rejected” by the staff/student authoriser
Open
•
Information Access Request (IAR) User guide
Active v1.0
The staff/student authoriser may log out of the electronic form (no further
action is required)
For CSD Reviewer (Information Security)
Step 1: - Notification of authorised IAR
•
•
CSD Reviewer(s) will receive a notification email advising of the provided link to
the submitted and authorised (accepted) IAR form. (CSD Reviewer WILL NOT
receive a notification of the “rejected” IAR request)
The CSD Reviewer will receive an email from [email protected] into their
assigned mailboxes (this email address should not be responded/replied
to, this is not a managed mailbox and only used for the purposes of
sending the electronic form) with the subject heading “Review Information
Access Request (for Reviewer)”
Step 2: Final CSD Review (Information Security Review)
•
•
•
This is a final assurance review to ensure that the legitimacy of the submitted
request is in accordance with University data security policies and data legislation
If accepted – the CSD reviewer will be required to click “Yes” within the
“Complete Review” buttons of the “CSD Review” section and add any relevant
comments and click the “submit request” button
If rejected - the CSD reviewer will be required to click “No” within the
“Complete Review” buttons of the “CSD Review” section and MUST add any
relevant notes in the “comments” section and click the “submit request”
button.
Open
•
•
Information Access Request (IAR) User guide
Active v1.0
If the IAR is accepted and submitted – an email notification will be sent to the
CSD Service Desk of the final status and to progress the request to the relevant
technical teams to undertake the required actions
If the IAR is rejected and submitted – an email notification will be sent to the
requestor with the CSD reviewers notes and reasoning why this has been
rejected
For CSD Service Desk
Step 1 – Notification and IAR access
•
•
•
A notification email will be sent to the CSD Service Desk mailbox
The CSD Service Desk mailbox will receive an email from [email protected] (this email address should not be responded/replied
to, this is not a managed mailbox and only used for the purposes of
sending the electronic form) with the subject heading “Information Access
Request (for Helpdesk)”
The notification email will include specific instructions/actions included to allow all
CSD Service Desk staff to access the IAR and notify the specific CSD technical
teams
Step 2 – Notification to CSD Technical Teams
•
Upon receiving the notification email, the CSD Service Desk will record a call
within the RMS database with the relevant details/links for the CSD technical
teams to action and complete the IAR request accordingly