Information Technology - University of Florida

How do we assign a security role for someone in for our unit?

The unit is responsible for assigning the ISM, ISA, and Tech Contact roles by following these steps:

A candidate for ISM must complete both the Integrated Risk Management System training (UF_ITT104_OLT) and the Cybersecurity Incident Response training (UF_ITT106_OLT) before the role can be assigned. ISAs and Tech Contacts should also complete both trainings, although it is not a prerequisite to assign the role.
The unit DSA requests the appropriate role in SailPoint from the list below. Within the role request, the unit DSA specifies what DeptIDs they will be responsible for before submitting the role for approval.
- "UF_SEC_ISM"
- "UF_SEC_ISA"
- "UF_SEC_TECHCONTACT"
- "UF_N_RSK_ONE_IT_LEADER"
Submit a ticket in TeamDynamix. Select View IT Services -> Infrastructure -> Network -> IP Address Management, DNS, DHCP, and Host Monitoring to link the new contact to the IP and DNS addresses for the unit. Doing so places them into a database used to lookup contacts for network issues, so that vulnerability and incident alerts and tickets can be directed appropriately.

What if my department is not listed?

That means either your department has not assigned those roles in SailPoint, or that UF Security has not assigned the Dept IDs that your ISA, ISM or Tech contacts are responsible for. It could also be that the ISM has been assigned at a higher level than your unit – such as an ISM assigned for the entire college rather than individual departments. See the question below on correcting the information.

How do I correct the Information Security Leadership for a unit?

If an incorrect person is listed as the ISA, ISM, or Tech Contact for the unit, the DSA will need to remove the role from the incorrect person. Before doing so, please check to make sure that person has not moved into a similar role for another unit and just needs the Area of Authority (DeptID) changed.

To change the Area of Authority, the DSA should place a SailPoint delete request to remove the security role with the incorrect role authority, and place a new SailPoint security role request with the correct role authority specified in the comments field.

Also submit a ticket in TeamDynamix by Selecting View IT Services -> Infrastructure -> Network -> IP Address Management, DNS, DHCP, and Host Monitoring and request to make the appropriate changes in the Net Services Database.

Please refer to the other question on assigning new people to an ISA, ISM, or Tech Contact role.

I’m listed as an Information Security Leader for my department, what does that mean?

Click Here for more information on what it means to be an Information Security Leader.

How do we change the Department Security Administrator (DSA)?

The DSA process is managed by the Identity and Access Management team.

Information Security Leadership FAQ’s