N.J. Admin. Code § 6A:23A-6.7
Current through Register Vol. 56, No. 11, June 3, 2024
Section 6A:23A-6.7 - Financial and human resource management systems; access controls(a) School districts and CVSDs with budgets in excess of $ 25,000,000 or with more than 300 employees shall maintain an enterprise resource planning (ERP) system that integrates all data and processes of an organization into a unified system. An ERP system uses multiple components of computer software and hardware and a unified database to store data for the various system modules to achieve the integration.(b) Whenever considering financial systems or the automation of other services or functions, the school district shall notify the executive county superintendent in writing to see if opportunities for a shared service system exist.(c) Access controls shall be established for key elements of financial systems to ensure a single person does not have the ability to make system edits that would violate segregation of duties controls. 1. The process for creating, modifying, and deleting user accounts shall include the use of user access request forms.2. All requests for financial applications shall be approved and specified by the SBA.3. All requests for network access shall be granted by the head of the technology department, if one exists.4. A review of user access shall be conducted yearly at a minimum by the relevant department managers and an audit trail should be maintained to verify the performance of this review.5. Access to the network and key applications within a school district shall be restricted to authorized users through the use of unique user names and passwords.6. Proper protocols shall be implemented that appropriately address password expiration and complexity. N.J. Admin. Code § 6A:23A-6.7
Amended by 49 N.J.R. 1038(a), effective 5/1/2017