Distributed Administrative Computing Security System
DACSS is the application which allows departments to manage their own access to online applications. ASAP is the application which enables the post-audit review process for on-line transactions. The use of these systems begins with the identification within a business unit of a pair Department Security Administrators (DSAs) to manage access.
Before a department can begin entering online transactions directly into any of the new on-line administrative applications such as Transfer of Funds or Purchasing/Accounts Payable, the DSA uses the online DACSS application to (1) grant appropriate access to these central applications to all staff who will be responsible for processing the new online, paperless transactions, and (2) identify the department administrator(s) who will be responsible for completing post-authorization reviews of all on-line transactions successfully processed.
Post-audit review messages will integrate with the reviewers’ local e-mail systems, where they can view a copy of each processed transaction, together with added comments. These messages are routed to e-mail inboxes by ASAP. In addition to routing the post-audit review message, the ASAP application logs an official audit copy of all processed transactions. This audit log can then be searched by approved departmental processors and reviewers, central offices, and auditors using a wide selection of search criteria.
Downloads
Current Tools
Available Functions: Online update and inquiry access to the DACSS On-line Access and E-mail Authorization Control Files and the ASAP Audit File, web-based authentication via the ISIS tool.
The DSA can use Update access to DACSS to assign application access (e.g, access to preparing online purchase requisitions or fund transfers) and to create the post-audit email notification list based on particular values of the criteria established for each application (i.e., organizational hierarchy, FAU etc.). The ASAP audit file provides both department and central officers with a complete repository of all online transactions initiated by departments. Like DACSS, online access to the ASAP audit file is available by a wide variety of selection criteria including document type, specific document number, date prepared, organizational hierarchy, the FAU or any of its individual components, the online preparer, ASAP subject, and dollar level.
The DACSS and ASAP applications were first introduced as part of the decentralized pilot implementation of the online Transfer of Funds system and the PAC, Payroll/Personnel, Student Billing and Receivables (BAR), Student Records, and Contracts and Grants were added later.
The Web Authentication process, known as ISIS was recently added to the DACSS/ASAP family. ISIS provides UID/PIN authentication for web-based applications developed at UCLA. Further Information
Restricted Functions: The actual updating of the DACSS files are restricted to Department Security Administrators (and assigned backups) under ACF2 security.
DACSS application now provides a facility where DSAs can request simple Logon IDs via the web (Online SAR). Along with this feature, we have added a facility where DSAs can review, via the web, the various access rules for members in their departments (DSA Inquiry). A web based “authentication” module has been developed to complement the web applications. This authentication tool is now available on UNIX, and will shortly be available for applications on Windows NT.
Other Information
On-line access is available on the mainframe to authorized users including DSAs. Batch reports are available on RDS to authorized users. On request reports can be generated by authorized users on the mainframe. The DACSS/ASAP applications are mainframe systems developed in COBOL II using DB2, with some FOCUS.
Training materials have been developed for DACSS/ASAP and are provided to Department Security Administrators. Elazar Harel and Greg Partipilo have written an article on post-audit concepts and implementation.
The simplification and streamlining principles behind the DACSS and ASAP designs have prompted radical changes to many long standing transaction preparation, authorization, and filing/storage practices on campus highlighted by the elimination of signature specimen cards, approval signature, pro-forma reviews, and hard copy document files. New and consolidated UCLA policies will be published that clearly specify the requirements, responsibilities, and qualifications for maintaining and utilizing these control systems.
Contact Information
For Systems Information: Access & Security Services, AIS, x53822
For Training and Documentation: Access & Security Services, AIS, x53822
For Technical Information: Albert Wu, Project Lead AIS, x51674 albertwu@ucla.edu