UWA Renewal 2017 – Functional UnitExample
Campus Management -2017 Renewal structure in TRIM (abbreviated):
Note: Access controls in TRIM are hierarchical. Access will filter down from the unit where the access has been applied to all of the units within it.
Example 1 – All staff within the Campus Management functional unit
To allow ALL staff within the Campus Management function (including the Central Unit and Campus Management staff located in the SDCs) to have accessto the new UWA Folder and its contents; request access to be restricted to: Campus Management – Whole of Function
Note that the following staff will be included as standard if you select this option:
- TRIM Support Team and TRIM System Administrators
- Freedom of Information staff
Example 2 – All staff within the Campus Management Central Unit only
To allow ONLY the staff located within the Campus Management Central Unit but NOT staff located in the Campus Management SDC units, request access to be restricted to:Campus Management – Central Unit
Note that the following staffwillbe included as standard if you select the Campus Management – Central Unit:
- Head and Assistant to Head - Campus Management (i.e.: the Head of the Function)
- TRIM Support Team and TRIM System Administrators
- Freedom of Information staff
Example 3 – All team members of the Campus Management Electrical Team:
To restrict record access to the Campus Management Electrical Team only; request access to be restricted to:Electrical Team - CM Central SDC
Note that the following staff willbe included as standard if you select the Electrical Team - CM Central SDC:
- Head and Assistant to Head - Campus Management (i.e.: the Head of the Function)
- Manager, Campus Maintenance and Services (i.e.: the Manager of the SDC functional sub-unit)
- TRIM Support Team and TRIM System Administrators
- Freedom of Information staff
Example 4 – Specific positions within the Campus Management Security Team
Restricting access by position should only be considered if it is not appropriate for all members of a team (see example 3) to have access to the new UWA Folder and its contents. Access controls applied at the position level are inherited by the current incumbent as well as any future incumbents of the position.
To restrict access to particular positions within a team you will need to provide us with the Position NameandPosition number of the staff that you would like to restrict the access to.
The above example would allow any current and future incumbents of the Security System Officer [305270] and Security Team Leader [109585] positions to access the folder, however, all other members of the Security Team would be excluded.
Note that the following staff willbe included as standard if you selectedonly the positions noted above:
- Head and Assistant to Head - Campus Management (i.e.: the Head of the Function)
- Manager, Campus Maintenance and Services (i.e.: the Manager of the SDC functional sub-unit)
- TRIM Support Team and TRIM System Administrators
- Freedom of Information staff
Access controls at the individual staff member level (use with caution)
We generally do not restrict access to records at the person level due to the overhead involved with updating the access when individual staff leave the University or move to a new position. There are some cases however where restricting access at the individual person level is appropriate (e.g.: staff timesheets).
When access is granted at the person level; the access will persist if the staff member moves into a new position, unless you specifically request for the access to be changed at a later date (i.e.: when the staff member moves to a new position).
Other considerations when determining access controls for your information
- Do any/all SDC Heads (and their Executive Assistant) require access?
- Do any units/teams/positions located outside of the functional area require access?
Access Control Groups and Security Caveats
When access requirements cross functional boundaries an access control group may be appropriate.
Various security caveats also exist that are used to restrict particular sets of information, for example: all records relating to bequests are assigned the Bequests caveat. This restricts these particular records to only the staff that have the Bequests caveat applied to their profile in TRIM.
TRIM Ref: 16/16441923/12/2016