1、Application Security Management,Key Stakeholders Roles, Responsibilities & Relationships 5 February 2008, V3.1,Application Security Liaison,Project Expectations Attend CUNYFIRST application security design, implementation and training meetings Build application security community at your College (fu
2、nctional liaisons, campus executives, project managers) Work proactively with the Manager, PeopleSoft Application Security and the CUNYFIRST project teams to build toward and meet go-live dates Participate in project deliverables development as necessary Participate in the testing of application sec
3、urity Work through changing environment and ambiguities as they arise Are significant contributors to CUNYFIRST,Application Security Liaison,(2) Operational Expectations Facilitate the management of application security at the Campus as the central point of contact Maintain user profiles based upon
4、approval of functional liaisons Individual profile changes Bulk user identity data loads Maintain up-to-date documentation of security environment including written operating procedures Fall & Spring security reviews and written compliance certification (working with College VP Administration) Repor
5、t security violations and non-compliance situations Request and justify exceptions to content of PeopleSoft role definitions and permission lists,Manager, PeopleSoft Application Security,(3) High-Priority focus areas Build the application security community and maintain healthy collaboration with th
6、e Oracle security team and the application security liaisons Training (for self and application security liaisons) Implement application security governance model Provide baseline operating procedures Collaborate with Oracle on CUNYFIRST application security design and implementation meetings Oracle deliverables review and approval Participate in the testing of application security Participate in CUNYFIRST project status meetings Commitment to successful go-live dates, keep activities on track Participate in addressing network infrastructure security issues if and when they arise,
