Guide to System Access Rights
Governor’s Discretionary Grants (GDG)
funded through the
No Child Left Behind Act of 2001
Title IV, Part A, Subpart 1: Safe and Drug-FreeSchools and Communities Act (SDFSCA)
GDG Guide to System Access Rights
Summary
Michigan uses multiple integrated systems to handle applications for grants and distribution of the approved grant awards. An applicant for the Governor’s Discretionary Grant (GDG) has to make sure his or her organization/agency/etc. (hereafter referred to as “entity”) and appropriate personnel are registered and authorized to use the several interrelated systems in order to apply for, and manage, the grant. Some of these requirements may have already been completed by the entity or individual foruse of other State services.
To access thegrant application, the following are needed:
- The entitymust be registered in the Educational Entity Master (EEM) tobe included in the Michigan Electronic Grants System (MEGS) processes;
- The person submitting the GDG application must have a Michigan Education Information System (MEIS) numberin order to be authorized to use MEGS; and
- The person submitting the application must be profiled as an “Authorized Official” in MEGS for the entity. This profile includes a MEGS Security Authorization form.
Afterthe GDG application has been completed and submitted via MEGS,ANDthe entityhas been selected to receive the grant, the following items are needed in order to manage the grant payments and reporting process:
- The entity must be registered with the State’s Contracts & Payment Express (C&PE)system in order to have payments issued; and
- The entity’s appropriate official(s) must have access authority to draw funds using the Cash Management System (CMS) to request payments;
- At least one person in the entitymust be able to updaterelevant information in the EEM, which requires the person to:
- Obtain a Single Sign-on account (SSO); and
- Subscribe to use EEM via the SSO process, and complete an Access Agreement that will result in authorization to modify theentity’s data in EEM.
The decision tree diagram in Attachment A can help determine which authorizations and access rights are needed to be completed by the entity.
Below is more detailed information regarding the steps necessary for authorizations, registrations, and security clearances needed to apply for the GDG, and steps neededto manage the grant, request payment, and submit required reports if awarded a grant.
Prerequisites for Submitting a GDG Application
The following three system access rights must be obtained, in the sequence presented, in order for the GDG application to be initiated and submitted. First, the entitymust beset up in the EEM. Next, the key individual submitting the GDG application for the entitymust be registered in the system that controls individual access rights (MEIS). Finally, the key individual submitting the application must be profiled in MEGS with the right authorization to create and submit the GDG application.
EEM Registration
GDG applicants will use MEGS to complete and submit the application, and MEGS users must be associated with a valid entity registered in the EEM. Entities interested in applying for the GDG must successfully complete registration in the State’s EEM and be assigned an EEM identification code. The EEM is used by theMichigan Department of Education (MDE)and other state agencies as the source of contact information, addresses and other important facts about entities with which they interact.
NOTE: It is veryimportant for GDG applicants to check the EEM to see if the entity is already in the systemby accessing the Center for Educational Performance and Information (CEPI)website for EEM information ( ), typingthe entity's name in EEM-Search (upper right corner of the screen), and clicking "Go." Checkingthe entity name spelling and using part of the name to view a list of all entities that include that part of the name is an important part of this process. If theentity is already in the EEM, the agreement number for the entitythat is displayed in EEMmust be noted. This will be neededlater in the application process to create and submit the EEM Security Agreement aftersubscribing to the SSO process.
GDG applicants whose entities are not already in EEM can initiate anentity creation request by completing a registration form. The form can be accessed and completed online by linking to the EEM Non-School Recipient RegistrationRequestwebsite ( An image of the first screen seen on that website is included as Attachment B of this document. The registration website and the process of adding entities to the EEM are managed by the Center for Educational Performance and Information (CEPI). CEPI’s contact informationis available on the registration website by linking to the “Contact CEPI” page from the top menu line option.
EEM registration requests are reviewed by CEPI. The review and approval usually takes 3-5 business days from the time the registration request is submitted online. The entity’s designated official on the registration form will be notified via e-mail when the EEM registration is complete.
NOTE: If anentity is already in the EEM, and an EEM registration request is submitted, the new request to be added will be declined, and the designated official on the request will receive an e-mail from CEPI. GDG applicants mustfirst check to see if the entity is already in EEM!
MEIS IDs
MEGS uses the MEIS to identify individuals authorized to access MEGS. Ifthe person submitting the GDG application for an entitydoes not already have a MEIS identification number,he or she can apply for and receive one online at the MEIS site ( ). The person requesting the MEIS ID will be asked to supply name and contact information, including e-mail. The MEIS application process assigns a MEIS number and a password for the individual. Completing the online MEIS application process, and receiving a MEIS ID, takes a few minutes via an internet connection.
NOTE: At the end of the MEIS registration process it is strongly recommended that the individual’s MEIS information page is printed and retained. Also recommended is an immediate change of the MEIS password to something unique and secure but more easily remembered.
MEGS Security Level
To submit the GDG application using MEGS, there must be at least one of the entity’s personnel designated as the “Authorized Official." This position is also known within MEGS as a Level 5 security. Establishing an entity’s Level 5 is initiated via a completed MEGSSecurity Authorization Form( ) that is faxedto MDE’s Grants Coordination Office. That office’s contact informationis on the form. An image of the blank form is included as Attachment C. Posting the approved MEGS Security Level set-up request will take one to three business days from the time the Grants Coordination Office receives the request.
Once the GDG entity’s Level 5 security is established in MEGS by the Grants Coordination Office, the Level 5 designee may log into MEGS and assign MEGS access rights to other agency users. To do this,the other agency members must obtain their own MEIS numbers. The MEGS access rights allow the agency members to access the GDG application online.
Additional Rights and Authorizations Needed for Entities Awarded GDG Grants
There are several other system access rights needed for entities that are awarded a GDG. This includes registrations that must be established in order to request reimbursement for GDG-related expenditures, to receive payment, to manage the grant, and to maintain the entity’s information. The sections below discuss the steps needed. Any of the steps that have already been completed for other grants may be skipped.
Contract & Payment Express Registration (C&PE)
Any entity receiving educational grant funds receives the payments from the Michigan Administrative Information Network(MAIN), the State's accounting system. Entities that will be receiving GDG funds must be registered in CPE to enable MAIN to issue them payments. MAIN accesses the CPE system to get information about the organization that is being paid (name, address, etc.) in order to process the payment request. GDG payment requests are batched and processed twice per week with other funding requests made in CMS. The requests are validated, entered into the expected format, and submitted via CMS to MAIN for processing. The resulting payments are sent to the requesting entities as either electronic funds transfers or paper checks.
Getting set up in the C&PE system is initiated by linking to the Office ofState Budget’s C&PE registrationweb page ( ). The applicant will be asked information about the entity’stype, location, contact information and other details. Completing the registration process on that website takes only a few minutes.
CMS Security Access
Entities awarded GDG funds will request payment of the funds and submit a final expenditure report for the grant using CMS. CMS will validate and format the fund request and submit it to CPE where the actual distribution of the funds to the requesting entity takes place. Prior to using CMS,each individual responsible for requesting GDG funds must supply MDE with a CMSSecurity Access Form( ). The form is provided as Attachment D in addition to the preceding link.
The completed form can be faxed or e-mailed to MDE’s Office of Financial Management using the contact information provided on the form. Financial Management’s efforts to finalizing the request for CMS Security Access set-up for an individual will take one to three business days once they receive the request.
Creating a Single Sign-On Account
The State is moving toward a means of requiring a user to log in only once to a control area. That one login will then allow that user to access all the state application systems her or she is authorized to use without having to log in at each system individually. This is known as a Single Sign-on (SSO) approach. SSO is in the beginning stages of development and, because the EEM system is one of the applications controlled by SSO, anyone needing to access EEM to update the entity’s information will need to have a SSO account.
Obtaining an SSO account is accomplished by completing the online process at the SSO Registration site ( ). The person requesting the SSO account provides a name, contact, and other information by filling out and submitting an online form. Completing the SSO registration via the website only takes a few minutes. If a user already has a SSO account for another application (e.g., Michigan Care Improvement Registry [MCIR]), he or she should not sign up for another account. Questions regarding the SSO should be e-mailed to . Once the request for the SSO registration is processed, the applicant receives an e-mail with the SSO account ID and password. That information allows loginto the SSO application to use and add subscriptions to applications. In this case, the applicants will need to subscribe to EEM.
Completing a Security Agreement for EEM
Each person with responsibility to access and use EEM to modify the contents of an entity’s EEM record must be authorized by that entity to perform those tasks. The authorization is granted by the process of the individual submitting a request to subscribe to be a user of the EEM system via SSO. That subscription request triggers an e-mail to the user from the SSO system.
The authorized SSO user logs in as described above (using the red hyperlink) and then must subscribe to the EEM application. This is done by selecting “CEPI” from the dropdown list of potential entities on the box on left side of the subscription screen and then selecting “Education Entity Master (EEM)” from the dropdown list on the right side of the subscription screen.
The next step is to click on the “Subscribe w/o MEIS ID” button. (Note: Even though the applicant has a MEIS ID, the recommended approach is to use the “Subscribe w/o MEIS ID” button.) This results in the request being sent to CEPI for review.
To complete this process, the applicant requesting rights to update information in EEM must complete a Security Agreement for EEM. An electronic version of the Security Agreement is available at the ODCP/Education Sectionwebsite( Another option is to send an e-mail request to ODCP , and the form will be sent via return e-mail.
Once the EEM Security Agreement is completed, including all the appropriate authorizing signatures,pleasefax it to CEPI using the contact information provided on the form.
The EEM Security Agreement is reviewed by CEPI, and CEPI notifies the entity authorized user of his/her access to the EEM. At this time, the entity authorized user logs in to the EEM at clicks on "My Entities." Next, he/she clicks on "List of Entities." Click on the entity name, and at the next screen, click on "Edit This Entity." Update the record with current information.
The process of completing an Access Agreement for EEM will take three to five business days from the time CEPI Customer Service first receives the request.
ATTACHMENT A
System Access Rights Decision Tree Diagram
ATTACHMENT B
Educational Entity Master Registration – 1st Screen
ATTACHMENT B
ATTACHMENT C
MEGS Security Authorization Request Form
ATTACHMENT C
ATTACHMENT D
CMS Security Access Request Form
ATTACHMENT D
ATTACHMENT E
EEM Access Agreement Request Form
ATTACHMENT E
Page 1