Glossary
Agency Security Officer – A person in each agency designated as having the responsibility for coordinating all security access activities between the agency and NFC.
Compensating Controls – Controls established to provide visibility to the activities of the individuals with incompatible functions.
Incompatible Functions – Tasks that violate the principle of separation of duties, thereby allowing the opportunity for individuals to commit and conceal alteration or destruction of data or software.
Least Privilege – The principle that a user should receive access only to those resources that are necessary to perform their required job functions.
Personally Identifiable Information (PII) – The OMB defines PII data as any combination of information about an individual maintained by the agency, including but not limited to name, social security number, date of birth, maiden name, biometric record number, home address, education, financial transactions, medical history, criminal or employment history, and information which can be used to distinguish or trace an individual’s identity.
Profile - A collection of resources (applications, datasets, etc.) assigned to a user.
Resource – All hardware, production programs and data sets, developmental programs and data sets, all operating system, and utility software.
Role – Designation or entity that defines a particular job function or functions.
Role Based Security Access – A set of access permissions to resources across multiple computing platforms necessary to perform all job functions associated with a role.
Role Owner – The person who has the responsibility to approve adding or removing users assigned to a role. Also, the individual who can request resource changes to existing roles or the creation of a new role.
Security Access – A set of access permissions to resources across multiple computing platforms.
Separation of Functions – The assignment of duties among employees, or functions in an application, to avoid any individual being in a position to commit and/or conceal errors or irregularities.
User – The individual that needs access to a system or data in order to carry out his/her job function.
User ID – A 5 to 7-character code assigned to all users that identifies them to the information system whenever access is attempted.