Student WCUid Account Lifecycle Policy
Initially Approved: December 14, 2015
Policy Topic: Information Security
Administering Office: Office of CIO
I. POLICY STATEMENT
Security and licensing cost are two major concerns related to creation and deletion
of WCUid accounts for students. It is important to define the lifecycle of these accounts
and to establish guidelines for all areas of the university that depend on these accounts.
The purpose of this policy is to define the stages and timing of the student WCUid
II. SCOPE AND APPLICATION OF THE POLICY
- This policy applies to all University departments that depend on student use of their
- This policy applies to all information technology applications that authenticate with
the student WCUid account.
- In addition to their student WCUid, students that are also employees may have a staff
WCUid which is governed by University Policy 95.
III. POLICY DEFINITIONS
For the purpose of this policy the following definitions apply:
- “Identity” shall mean an account assigned to an individual that provides for authentication
and authorization of access roles and privileges within systems.
- “WCUid account” shall mean an account created in WCU’s corporate Active Directory
as an individual’s identity for most WCU owned or licensed systems. WCUid accounts
are accounts with @wcu.edu or @catamount.wcu.edu domain names.
- “Applicant” shall mean an individual who has submitted an application to the university
that has been processed in the Enterprise Resource Planning (ERP) system.
- “Active Student” shall mean a person either (1) enrolled or eligible to enroll in
classes (within stop-out period) or (2) that graduated from the university within
three major terms
- “Former Student” shall mean a person that took classes from the university. This term
includes alumni, either degreed or non-degreed.
- “Alumni degreed” shall mean a person that was awarded a degree by the university.
- “Alumni non-degreed” shall mean a person who graduated from a non-degree program (e.g.
certificate), or who took at least 3 credits from the university AND made a donation.
- “Stop-Out Period” shall mean the break or pause in enrollment during the student's
degree seeking period that lasts for one or more course enrollment periods. During
the stop out period the student may resume enrollment in classes without requiring
any form of readmission by the university. WCU’s stop-out period is three major terms
(Fall, Spring, and Summer).
IV. STUDENT WCUid ACCOUNT LIFECYCLE STAGES
- Applicant – The Applicant has applied to the university and their application has
been processed in the ERP system. The applicant will receive notification that they
can claim their WCUid account. The account will not be automatically created prior
to being claimed and will not be assigned a default password. The account will be
part of the “Applicant Group.”
- Active Student – When a person is considered an active student, the WCUid account
will be added to the “Active Student Group.”
- Former Student – The WCUid account will remain in the “Active Student Group” until
the conclusion of the WCU stop-out period. At which time it will be terminated and
removed from the “Active Student Group.”
V. NON-WCUid IDENTITIES
There may be systems used by WCU that authenticate with an identity other than the
WCUid. This, for example, may allow alumni to access certain systems operated or licensed
by WCU with a personal identity or another WCU-affiliated identity that is not a WCUid.
- It shall be the responsibility of the IT Division to maintain and operate the systems
that automate the creation and deletion of student WCUid accounts and to grant and
remove access to the major IT services according to the guidelines of this policy.
- It shall be the responsibility of each relevant unit (e.g. Undergraduate and Graduate
Admissions, Registrar) to appropriately code in the ERP system and other administrative
systems applicant and student records so that the automated identity management processes
will take the actions appropriate at each stage of the student lifecycle.
VII. POLICY REVIEW
Data Security and Stewardship Committee – The charge of this committee is to oversee
the implementation of this policy, ensure procedures are up to date, coordinate all
relevant security policy reviews, and assist offices with risk assessments, etc.
VIII. RELATED POLICIES AND REFERENCES
International Standards Organization (ISO/IEC 27002, 9.2 User access management)
University Policy 95 Data Network Security and Access Control