Student and Registry Services
CMIS Support
Application for access to CMIS timetabling database.
Instructions for completion of this application form:
1. Complete section A with the requested information in BLOCK CAPITALS.
2. Sign the declaration in section B to confirm that you have read and agree to abide by the Terms and Conditions laid out in section E.
3. Arrange for your Head of Department to authorise your application in section C.
4. Scan the completed application form and email it to
Alternatively, post the completed form to the address below. (Not recommended)
A User information
Complete ALL the following in BLOCK CAPITALS:
Full name / Title:Department
Job title/role
Telephone number/extension
E-mail address
Tick one or both:
Access for Academic TimetablingAccess for ad-hoc, non-teaching Bookings
Your UCL user id *
Enter a Temporary CMIS password †
* An UCL user id is a prerequisite for access to ISD applications and you will need to obtain one before sending this form. If you have not yet been issued with an UCL user id, please contact your Departmental Computer Representative and he/she will arrange this with Information Systems (ISD).
† The password you specify on this form is a temporary password which you should change once you are registered as a CMIS user. CMIS passwords must not start with a number. Special characters (eg, * or &) may not be used. CMIS passwords can be changed using the Change Password facility which can be accessed from the menus Options | User accounts | Change password….
B User declaration
I have received a copy of the Code of Practice Governing Access to Database Records (Annex I) and agree to abide by the prescribed Terms and Conditions of Access laid out in section E.Signature ...... / Date ......
C Authorisation by Head of Department
I approve the access requested in section A above as prescribed by the Terms and Conditions laid out in section E.Name of Head of Department ......
Signature ...... / Date ......
E Terms and Conditions of Access to the CMIS database
1. Unless otherwise prescribed, the data shall remain the property of the Registrar at all times.
2. Persons to whom access is granted may use the data only for authorised purposes and are bound by the requirements of the Data Protection Act.
3. It is for the head of the academic department to designate the staff who will have responsibility for specific areas of work, and the Head of Department or his/her nominee is responsible for monitoring, controlling and maintaining security of the accessible data within the department.
4. It is the user’s responsibility to safeguard at all times the security of the data and not to allow any unauthorised access to them.
5. It may be necessary to limit the number of staff with authorised access in any one department to avoid overloading the service or exceeding the licensed number of users.
6. Any change to the arrangements described above must be authorised by the Registrar.
7. Access is granted to the named user ONLY. Changes in personnel should result in a new application being made by any new member of staff.
8. Authorisation of access will be subject to review and renewal every two years and Information Systems will arrange for departments to be contacted on this matter with respect to CMIS access.
9. Failure to abide by any of these terms and conditions may lead to withdrawal of this authorisation.
Annex 1 – Code of Practice Governing Access to Database Records
1. Access to databases is authorised on the understanding that the persons to whom such access is granted comply with the provisions of the Data Protection Act 1998. For further details please refer to the following web page:–
http://www.ucl.ac.uk/efd/recordsoffice/data-protection/
The principles of the Act may be summarised as follows.
Personal data shall be:–
a) processed fairly and lawfully and shall not be processed unless certain conditions are met;
b) obtained for specified and lawful purposes and not further processed in a manner incompatible with that purpose;
c) adequate, relevant and not excessive;
d) accurate and, where necessary, up to date;
e) kept for no longer than necessary;
f) processed in accordance with data subjects' rights;
g) protected by appropriate security;
h) not transferred without adequate protection.
2. You are reminded, therefore, that you should not disclose the information contained in any database to any third party, other than:–
a) those academic or administrative staff of your department who have a legitimate interest in the information so disclosed;
b) the Provost, Vice-Provosts, Heads of Administrative Divisions of the College, or members of their Division authorised by them to have such access.
3. In order that appropriate security is maintained:–
a) site all equipment which will be used to access the records in a secure location not vulnerable to vandalism or theft, and where access can be restricted to authorised personnel;
b) site VDU screens and printers so that they cannot be seen by members of the public;
c) do not leave personal details of persons displayed on the screen longer than is absolutely necessary;
d) keep all diskettes, magnetic tape or other media in secure lockable storage when not in use;
e) ensure that obsolete data are erased from disks/tapes;
f) establish strict procedures for the distribution, storage and disposal of printed output;
g) maintain the confidentiality of your own user identity and password;
h) change your password on a regular basis;
i) ensure that you log out of the system when not in use.