50 Ind. Admin. Code 26-14-3

Current through October 23, 2024
Section 50 IAC 26-14-3 - System and data security

Authority: IC 6-1.1-31-1; IC 6-1.1-31.5-3.5

Affected: IC 6-1.1-31.5

Sec. 3.

(a) The tax and billing system shall include a security system to ensure computer system and data security. The security system must provide for the following:
(1) Adequate access controls to the system as a whole.
(2) Appropriate levels of control for access to database functions.

It must be possible for a local computer system administrator to define users and assign them rights to the system that correspond to employee job responsibilities and functions and that are not in violation with segregation of duties. Rights must be user-specific and not be device-specific.

(b) The following rights levels must be available for authorized auditor office personnel:
(1) None (no access to the tax and billing system).
(2) Read-only (search and view).
(3) Add credit, deduction, and exemption data.
(4) Modify credit, deduction, and exemption data.
(5) Modify owner address.
(6) Enter a certificate of error.
(7) Enter an additional assessment.
(8) Perform settlement functions.
(9) Enter a tax recharge.
(c) The following rights levels must be available for authorized treasurer office personnel:
(1) None (no access to the tax and billing system).
(2) Read-only (search and view).
(3) Modify payment data.
(4) Modify billing address.
(d) A user shall not have access to a right to which that user has not been assigned.

50 IAC 26-14-3

Department of Local Government Finance; 50 IAC 26-14-3; filed Jan 28, 2011, 3:07 p.m.: 20110223-IR-050100165FRA