Back to Top
Business and Financial Policies and Procedures


Authorization vs. Authentication
Authorization verifies that you are allowed access to the system. It defines your role and the types of activities, resources, or services you are permitted.

Authentication is the process by which a system verifies your identity, usually through a logon and password.

The term "data" is a general term used to describe facts, numbers, letters, and symbols generated by those who use the applications, servers, network devices, security devices and other systems that run the University. These data contain a definitive record of the activity of your unit, customers, users, transactions, applications, servers, networks, etc.

Covered Account or Covered Activity
The Red Flags Rule covers any account or activity that contains personally identifying information. Thus, those accounts or activities are termed "covered." Units that administer, enter, alter, or maintain covered accounts or engage in covered activities must comply with the Red Flags Rule. Examples of covered accounts/activities include:

  • Loans to students, faculty, or staff
  • Billing, declining balance, and debit accounts

Fiduciary Responsibility
People who act as stewards or caretakers for the money or property of others have a fiduciary relationship with the owner. The term "fiduciary" means "holding in trust." Fiduciary responsibilities for University employees include:

  • Avoiding conflicts of interest
  • Acting in the interest of the University rather than your personal interest
  • Assuring that University business is transacted legally
  • Protecting the assets of the University

Last Updated: October 21, 2011 | Approved: Senior Associate Vice President for Business and Finance | Effective: January 2002

Give us feedback about this page Submit Feedback