/
How to Remove Access as an Owner

How to Remove Access as an Owner

Application and data owners play a key role in keeping University systems secure. Owners are responsible for ensuring that users only retain the access they need.

At go-live, the removal process will continue to follow the current ERP Security workflow. In a future release, OrangeAccess will introduce certifications so owners can directly review and remove access within the system.

Phase 1: Go-Live (Interim Process)

  • The ERP Security Team will continue to run two standard reports:

    • Change Department – Identifies employees who have moved to a new department.

    • Left SU – Identifies employees who have left the University.

  • ERP Security will notify the appropriate application/data owners (as the do today).

  • Access removals will be performed by the ERP Security Team as administrators in SailPoint instead of directly in PeopleSoft.

Phase 2: Future State (Certifications)

  • Owners will periodically receive certification tasks in OrangeAccess.

  • Certifications present a list of users and their current access.

  • Owners will review each user’s access and take one of the following actions:

    • Certify – Access is still required.

    • Revoke – Access should be removed.

  • Once owners act, SailPoint will process removals automatically, and users will be notified.

Tip for Owners: Even before certifications go live, it’s important to respond promptly to ERP Security notifications to keep access up to date.