Information Technology (IT) provides academic administrators with options for elevated access to MyCourses. Elevated access provides academic administrators with privileges that differ from their normal instructor account in MyCourses.
Academic Administrator Role within MyCourses
IT provides the academic administrator role in order to comply with the University System of Georgia’s Business Procedure Manual Section 12.0 Data Governance and Management and the USG IT Handbook.
Compliance Details
Per the USG Business Procedures Manual Section 12.4.3 Access Procedures
- Access controls must include, but are not limited to:
- Documented procedures to grant, review, deactivate, update, or terminate account access;
- Ensure appropriate resources are available and maintained to adequately authenticate and verify authorized access; and,
- Ensure appropriate resources are available and maintained to prevent and detect unauthorized use.
- Data trustees, data stewards and users share the responsibility of preventing unauthorized access to USG organizations’ information systems.
- Data stewards will analyze user roles and determine the level of access required to perform a job function. The level of authorized access must be based on Principle of Least Privilege.
- HR and/or the supervisor will notify the data steward of personnel status changes in job function, status, transfers, referral privileges, or affiliation.
- Access to an information system must be reviewed regularly. Data stewards must review user access to the information system every six months and document findings.
- Data trustee or designee will ensure that a business process exists to update information system access no more than five business days after terminations and no more than 30 days after other personnel status changes.
Per the USG IT Handbook Section 3.1.2 Managing Multifactor Authentication
Securing information and information systems, products or services remains a core responsibility of the University System of Georgia (USG). USG organizations maintain a legal and ethical responsibility to protect information in its care. Organizations using only single sign-on authentication are at risk of compromise and no longer secure. To mitigate this risk, multifactor authentication (MFA) must be implemented across the USG. Furthermore, MFA shall be the standard for accessing all USG or third-party managed resources by all USG employees, students, affiliates, and contractors. Organizations without MFA must develop a plan of action to implement this authentication service to reduce the risk of account compromise by mitigating the weakness of single-factor authentication. Additionally, USG organizations will document their plans of action and procedures to ensure MFA is deployed. Deployment compliance following the tiered approach below will also be documented. USG Cybersecurity will be tracking the implementation of MFA.
Academic Administrator Role & Account Details
- All MyCourses access that involves elevated permissions (permissions that differ from the standard instructor role) require the use of accounts that require single sign-on and multi-factor authentication. Locally authenticated accounts and shared accounts are not permitted.
- The academic administrator role provides access to view basic activity of a student within MyCourses but no grade or other FERPA-protected information across all course sections associated with the departments and/or disciplines that are under the account holder’s supervision. It includes data on when users last accessed a course. Account holders with this role do not appear in the Classlist.
- Supervisors are required to initiate and/or approve requests for the academic administrator role. The MyCourses Elevated Access request form must be used to initiate a discussion and collect details on who should have this role.
- Supervisors must confirm that individuals with the academic administrator role are still eligible to have access to that role twice a year in August and February. Confirmation will be managed through email and the Help Desk ticketing system.
Additional Elevated Access Options
IT provides for two additional options for giving appropriate administrators temporary, elevated access to specific MyCourses course(s) to assist with grade disputes and investigations into complaints regarding courses. These options are available to department chairs, deans, associate/assistant provosts, the provost, and others as designated by the provost and/or legal affairs.
- Option 1- Add the administrator to specific CRNs with the role of observer. In this role the administrator will be able to view the course content but not FERPA protected information including grades. Administrators will not appear in the Classlist. This option is available to administrators who do not wish to have a second MyCourses SSO-enabled account that uses the academic administrator role.
- Option 2- Information Technology can conduct a Teams or Zoom session with the administrator to walkthrough specific CRNs. In this option, administrators do not get added to a course. One of our MyCourses administrators will access the course and navigate to any areas of interest within the course providing any necessary documentation.
The Elevated Access Request Form may be used to request access for Academic Administrator role, Observer role, or to request a walkthrough with Information Technology. Alternatively, requests can be made directly to Tracy Adkins Burge, Executive Director of Academic Technology and Campus Engagement.