VII:01:28 Faculty/Staff Computer and Banner Account Creation/Deletion Policy

Purpose

This policy provides addresses account creation and deletion for computer and Banner access for faculty and staff at all locations of Volunteer State Community College.

Definitions

For the purposes of this policy, the following definitions shall apply:

  1. Information Technology Resources – all Volunteer State Community College information technology hardware assets, software assets, computing systems, networks, network components, facilities, services, data, and information, regardless of location, provider, management, medium, or how the resource is provided/delivered, that exists for the purpose of conducting business or academic activities. This includes, but is not limited to, computers, servers, mobile devices, email systems, internet access, cloud-based applications, databases, and any associated peripherals or support services.

Policy

  1. All accounts, regardless of role, shall be disabled after thirty (30) days if the account has not been accessed. Access may be through computer, portal, or email login. If a user is no longer employed by Vol State, the account shall be deleted.
  2. Roles
    1. Access policies within Banner defined by a role-based approach. The roles listed below are designed with the understanding that future roles may be defined, and that an individual may have more than one role. For example, a staff member may also be an adjunct faculty member.
    2. The defined, primary roles are:
      1. Full-time faculty
      2. Adjunct faculty
      3. Full-time staff
      4. Part-time/temporary staff
      5. Volunteer/non-employee/contractor
    3. Elevated security accounts may exist in departments such as Financial Aid, IT, Business and Finance, and Records and Administration. The individual holding the account may be a full-time or part-time employee.
  3. Accounts shall be created and deleted based on automated triggers. Triggers use Banner as the source of authority. All accounts are subject to the thirty-day disabling process for inactivity. The primary triggers are employment start date and employment separation date.
  4. To address cybersecurity risks, two access types are defined. “Basic” access provides: email access, computer logon, Wi-Fi network access, network folder access (where applicable), authorized cloud storage solutions, and Self-Service Banner (SSB). For “Elevated” access, all systems access beyond “Basic” is granted by the account role. Systems requiring Elevated access include D2L, Banner, and other special Vol State systems.
  5. The Chief Information Officer (CIO) or their designee has the final authority to interpret the terms of this policy. The CIO or their designee may grant exceptions to this policy, in writing, based on an evaluation of the risks versus the benefits.  

 

TBR Source:  none.

VSCC Source: March 5, 2018, President’s Cabinet; December 16, 2019, President’s Cabinet; August 13, 2025, President’s Cabinet.