Description:
The User Review, User Profile Inquiry, produces a report with inaccurate data. This inaccurate data restricts IO/AIO ability to accurately monitor user roles, remove unneeded roles, or perform the annual user audit. Specifically:
1. The "Created IO" field does not reflect the name of the IO/AIO that approved the role. It only displays the name of the first IO/AIO that approved any role for that user.
2. The "Established Dt/Tm" field does not reflect the date/time each role was established. It only reflects the date/time that the first role for each user was established.
3. The "Last Login Dt" reflects the same date/time for all roles and modules. Require it to reflect the last login date/time for each module and the echelon associated with each role (i.e., Site, AUIC, UIC, MA, Warehouse, etc).
Recommended:
1. DIsplay the name of the IO/AIO that approved each role in the "Created IO" field.
2. Display the date/time each role was established in the "Established Dt/Tm" field.
3. Display the "Last Login Dt" for each module and echelon associated with the roles. Additionally, suspend roles when the associated role/echelon is not accessed for 30 days. For instance, if a user has APO role in AUIC FE 2345 and FE1234, but does not access FE1234 for 30 days, that role would be suspended.
Mission Critical:
Each IO/AIO is tasked with performing an annual user audit and reporting completion to the DPAS PMO, and monitoring roles and user access (segregation of duties, access to unauthorized MAs or warehouses, etc.) is a critical function of each agency. Presently, the system tools that enable this task display erroneous information.
Benefits:
Ensure all DPAS user agencies and IO/AIOs are able to perform the annual user audit, ensure segregation of duties, and remove roles that may be in conflict.
Frequency: Daily
Users:
Unsure how many Agencies and IO/AIOs are in DPAS, but this will impact all of them.