Segregation of duties clearly defines the steps an agency takes to ensure accountability among employees at all levels.
AASIS security roles help support this accountability by:
Restricting a user’s access to transactions that clearly “conflict” in business function
Preventing people from performing multiple business functions (transactions) that could represent a risk of theft to an agency
Protecting access to sensitive information
A person can have several role assignments as long as these assignments are not in “conflict,” and the internal control measures remain intact.
PBAS security issues should be addressed with Sandy Thomas, Office of Budget, 501-682-5388 (Sandy.Thomas@dfa.arkansas.gov).
AASIS Password Reminders
In order to get your initial password, you will need your AASIS User ID and personnel number. If you are in need of this information, please contact your personnel administrator prior to contacting the Help Desk. Due to security reasons, the Help Desk cannot provide this information. You can reach the AASIS Help Desk (with your User ID and Personnel Number) at 501-683-2255 (7:30am-4:30pm M-F) for your initial password. The password given by the Help Desk will allow you temporary access to the system, where you will be prompted to change the password to one known only by you.
- The length of passwords must be at least 8 characters and up to 40 characters and are case sensitive.
- Passwords must be changed at least every 90 days. Passwords will expire at the end of 90 days from the last password change date. You will be prompted for a new password if your old one expires.
- A list of impermissible passwords has been established containing common words, character sequences and repeating characters such as AASIS, AAA, 1234, etc. Use of an impermissible password will result in an error message directing the user to select another password.
- No multiple logons to Production from the SAPGui will be allowed with the same user id. You may still have multiple sessions open for a single client on the same workstation, but you cannot logon to a single client more than once, either on the same workstation or on different workstations. NOTE: This change does not affect logging onto ESS through the web.
- Your password should be kept private and never revealed to anyone else.
- User IDs should not be used by anyone other than the user for which it was created, no sharing is allowed.
- Passwords should not be written down.
- Passwords should be easy to memorize but difficult to guess.
- Passwords should contain a mixture of characters and numbers.
- If you attempt to change your password to one that is not permissible, you will receive an error message that states, "Password is in exception table." Keep trying a different password until the system accepts it.
- Passwords should not be saved to your computer.
- If you forget your password, the AASIS helpdesk can reset your password after confirming your identity.
- Password resets cannot be handled utilizing the on-line Help Desk Request Form. You must call the help desk at 501-683-2255 (7:30am-4:30pm M-F)
Titles and Conflicts
Titles and Conflicts
AASIS Security Information
Security Authorization Form - AASIS Role Request Spreadsheet
Business Process for Requesting Role Changes for AASIS Users
1. Complete the Security Authorization Form - Security Authorization Form - AASIS Role Request Spreadsheet
2. The security liaison appointed by your agency should submit the form via email to firstname.lastname@example.org
3. Once the request has been processed, the security liaison will receive an email from the AASIS Service Center confirming the request has been completed.
Security Liaisons by Agency
Append or Change your Agency's Security Liaison - docx
A Role Title
- reflects the transactions that an employee will have the authority to perform in AASIS.
A Role Assignment Determines the Employee's:
- System security level
- Training course enrollment
Role Titles are Not:
- A classification title
- A classified grade level
- An employee's job description
- A reflection of an agency's reporting structures (supervision)
Review Agency Types and Definitions