An attestation is a process that verifies information in HSC-ID. This can cover a whole range of topics, but mainly deals with the following areas:

  • Group ownership: are you still the owner?
  • HR liaisons: is this person still in this role?
  • Non-employee and inactive accounts: does this person still need their HSC account?

This information is not automatically updated in our system. Because of that, many groups and accounts may have outdated records, which can be problematic. The Attestation process helps to address this situation; all you need to do is approve or deny the request, and HSC ID is properly updated.

You may receive multiple attestation requests, depending on your responsibilities within the university. If one of these requests requires your approval, you will see a number beside “Pending Attestations” under My Actions at the HSC ID web portal:

You will also receive an email, which will look similar to this:

Attestation Policies

There are several different types of attestations. The notification email you receive will list the related policy at the top. The following is a brief overview of each policy type, who approves it, and its purpose:

Group Ownership

  • Policy Name: CCC_Group_Owner_Attestation
  • Who it’s for: Owners of shared drives and/or distribution lists
  • What happens when you approve the request: Nothing – you verify that you are the owner.
  • What happens when you deny the request: You are removed as the owner. The new owner will need to contact OIT to be set up.

HR Liaison Permissions

  • Policy Name: CCC_HR Liaison business role membership attestation policy
  • Who it’s for: Managers of those with HR liaison permissions (may or may not be actual HR liaisons).
  • What happens when you approve the request: Nothing – you verify that this person should remain an HR liaison.
  • What happens when you deny the request: Removes the “HR liaison” business role and revokes the associated access.

Non-employee Account Verification

  • Policy Names: CCC_Contractors Scheduled Attestation Policy, CCC_Visiting_Scholar_Attestation_Policy, or  CCC_Affiliate Attestation Policy
  • Who it’s for: Managers/sponsors of non-employees.
  • What happens when you approve the request: Access is extended for the account.
  • What happens when you deny the request: An expiration date is set for the account.

Unused Active Accounts

  • Policy Name: CCC_Inactive_AD_Account_Attestation
  • Who it’s for: Users who have not logged in with their credentials in a year or more.
  • What happens when you approve the request: Account remains active.
  • What happens when you deny the request: Account is disabled.

 

If you have any questions about these policies, or encounter a policy that is not listed, please contact the OIT Helpdesk.