Being an Access Request Coordinator (ARC)

If you are an Access Request Coordinator (ARC), you process requests for access to ConnectCarolina, the system the University relies on to help manage its finance, HR, payroll, and student administration functions. You help keep those systems and the information on them secure, ensuring that faculty and staff have the access they need to do their jobs but not more access than they need.

Your Responsibilities as an ARC

In your role as an ARC, you:

  • submit requests to give and remove access to ConnectCarolina and companion systems for staff members in your school or division.
  • track requests through the approval process.
  • respond to requests for action from other reviewers or approvers.
  • answer questions about how access is granted and point staff members to the resources available.

Note: Granting access to InfoPorte, the University’s primary source for reporting for most of campus, is handled through a different process than granting access to ConnectCarolina. The exceptions are if you are granting access to Student Administration reports and Human Resources Campus Views – these requests do go through the ARC process.

ARC Guide

The Guide for Access Request Coordinators provides detailed information on being an ARC, including step-by-step instructions for entering and submitting access requests, as well as how to retract, delete, or share a request and how to work with file attachments. You can also learn how to generate reports on access requests, how to check the status of a request, and how to see the activity for an access request.

Note: Besides the processes and steps described in this guide, your school or division may have additional processes for completing and approving access requests.

Tips for Getting Access Requests Through Faster

Some tips for making requests go through the process faster are:

  1. Set the expectation that much of the process is manual.

Please help set the expectation that giving access to ConnectCarolina requires multiple people to take action, one after the other. This process can take days or, depending on the complexity of the request, sometimes weeks for requests to be completed. For example, many people think that completing a training class automatically triggers access to ConnectCarolina, but instead, several people have to take action after the user finishes training to turn the access on in ConnectCarolina. Similarly, the security team isn’t automatically notified when FERPA is completed or the Terms of Use agreed to – they must manually check these items, just as the business analysts have to manually validate the access requested.

  1. Encourage everyone to agree to the Terms of Use, and take FERPA training (if applicable) and HIPAA training (if applicable) as soon as possible.

Everyone who requests access to ConnectCarolina and the companion systems must agree to the Terms of Use found on the ConnectCarolina home page. Encourage requesters to go ahead and agree to the Terms of Use to avoid delays when the security team checks for the agreement.

Everyone who requests Student Administration or HR/Payroll access must complete FERPA training. Encourage requesters to go ahead and take this training to avoid delays when the security team checks this item. The person requesting access can find instructions for completing FERPA on the Registrar’s website.

In the coming months, anyone who will be entering vouchers, approving vouchers, or who works with attachments in ImageNow must complete HIPAA training.  Please be on the lookout for training information.

  1. Encourage requesters to take training as soon as possible.

The training page on ccinfo.unc.edu has links to the training schedule and to computer-based training (CBTs). Anyone requesting Finance access can go ahead and register for all needed classes. Anyone required to complete CBTs can take these classes at any time.

  1. When making changes to a person’s access, you don’t need to mark all roles the person already has.

Just mark the changes (roles to add or delete) or describe the data access that needs to change.

For example, if you need to change the departments a person has access to, please don’t check all the roles the person has access to. Similarly, if you are adding or removing a role, there’s no need to check all the existing roles. The team will only make the changes you specify, and the access request will finish processing much more quickly if you only list the changes.

  1. Finance data access is different than HR.

If the person is requesting HR access, you need to specify what data the person needs access to. If the person is requesting Finance access, you only need to request data access if the person needs access to a secured chartfield role or a foundation.

For foundations, you have to include a justification on the form, such as in the example below.

foundation special data access

The Finance team will work with you and the foundation contact to get the access approved.

  1. A status of “Posted” means the request is done.

A status of “Complete” just means the request has reached the last step in the approval process. The Security team may not have taken action when the status is “Complete”. Or the request might be waiting for the requester to complete the Terms of Use Policy.

  1. If you can, separate requests based on training requirements.

The training team manually tracks completed training and lets the security team know to give access. This is a manual, cumbersome process with lots of room for error and requests that have many roles on them slow down the process. If a request has multiple roles, it can still complete the process quickly if all training is completed. So, if the person requesting access has already completed training for some roles or is requesting roles where training is not required, you can group these roles together on the same request form. Any roles requiring training that has not yet been completed should be requested on a separate access request form.

  1. You can check the status of requests.

Most approvers make notes at the bottom of the requests for themselves and for you. If you want to know what’s happening to a request, open the item from your inbox and review the request activity.

finance campus user

Adding or Removing an ARC

Given the importance of the ARC role, we need to ensure that only employees designated by a dean or vice chancellor are able to submit requests for access to ConnectCarolina.  When you need to add or remove an ARC, you need to fill out the ARC Role Request Form (found here), have it signed, and then enter the information into the ARC tool.

Note: Deans and VCs also use this form to authorize an HR Officer or MOU Lead to sign the requests for adding or removing ARCs (this role is called an “ARC Designator”).

Resources for ARCs

  • Guide for Access Request Coordinators: You can get detailed information on being an ARC, including step-by-step instructions for various procedures here.
  • Web page on getting access to ConnectCarolina: You can direct users to information on accessing ConnectCarolina on the CC Info web page by going to http://ccinfo.unc.edu/access/#accesscc, then scrolling to the Access to ConnectCarolina
  • ConnectCarolina Access Quick Reference Card: You can direct users to this handy guide for navigating the access request process.
  • List of roles and required training: You can get a list of ConnectCarolina access roles for each functional area (Finance, HR/Payroll, and Student Admin) at http://ccinfo.unc.edu/access/access-roles/.
  • List of ARCs and InfoPorte Admins: You can view a list of ARCs and InfoPorte Admins here .
  • Access Request Forms: you can download the Access Request forms for each functional here.