You are here:

Update on IAM User Access Reviews

A pilot program testing a new user access review process has passed the halfway point. 

The University’s Information Security Office (ISO) is implementing the process, which will soon require all managers at the University of Utah to review their employees’ access to certain high-risk applications. These currently include Cactus, EPIC, Lawson, and PeopleSoft (Campus Solutions – HE, Human Resources – HR, and Financials – FS), a list likely to grow as applications are added. User access reviews will occur every four months and are required in order to comply with Policy 4-004, Rule 4-004D.

A select group of UIT, ITS and Campus HR managers are testing the process in a SailPoint training environment through August 8, 2017 as the Identity and Access Management (IAM) Team collects feedback. The process will be officially released to the entire University at a later date in August 2017.

If you have any questions, please email IAM Associate Director Subhasish Mitra at

Last Updated: 7/26/17