Status message

You must login to view this form.×

You are here

CLIK access request (administrator).

Submitted by ZWEBBA on Mon, 14/11/2016 - 1:54pm

This form is for obtaining CLIK access as an administrator.  Please submit the form once for each person.  To become a CLIK administrator you will need to:

  • Be the delegated CLIK administrator, and attach director approval; or
  • Obtain and attach an email with your director's approval and also an approved business case.

The form will be sent automatically to IT Security, who make the changes to permissions.  Please submit the form once for each person.  If the form does not work, please send your request directly to ITSecOps@dva.gov.au.

Please note that you can only have either administrator or author or publisher permissions, but not more than one, in accordance with the following policies:

CLIK System Security Plan, TRIM record ID 16567091E.
GroupDescription
AuthorsDVA staff who develop content according to their subject matter. Authors are likely to be staff in the business area.
Publishers

DVA staff who publish the content written by CLIK Authors.  Publishers are accountable for this content being displayed in the public domain. Publishers should be EL2, SES or FAS.

Publishers can be allocated different sub roles:

  • Risk Level High
  • Risk Level Significant
  • Risk Level Moderate
  • Risk Level Low

CLIK has been designed with these sub roles.  Authors are able to rank the data depending on the content, eg. Reference data content may be ranked as Low but Legislation documents may be ranked as High.   To publish this content Publishers need to be in the corresponding sub roles.

DVA does not currently utilise this function and all Publishers are given the Risk Level High sub role.

AdministratorsFull level access required for support activities.  Administrators are likely to be System Support staff and ICT staff.
Anonymous usersExternal/public users or any unauthenticated user
Authenticated usersAny internal DVA staff member

 

Information Security Management Protocol.

8.1.3 Segregation of duties

84. Duties and areas of responsibilities are to be segregated to reduce opportunities for unauthorised or unintentional modification or misuse of agency information assets.

Source: Information security management protocol, page 11, Australian Government, 2011.

 

DVA ICT Security Protocol.

9 Access Controls

Access to DVA systems and data is on a need-to-know and least privilege basis, where proper separation/segregation of duties is maintained. That is, users are granted access to only those systems and data they require to perform their required duties, and their access must prevent any conflict of interest. For example, a user should not be able to create a new client record and then authorise payments to that client.

Source: DVA ICT Security Protocol, page 16, Department of Veterans' Affairs, 2014.

 

Instructions.

  1. Your work email address should already be in the email address field.  if it is not, please insert your email address.
  2. Use the Browse button to find the approval from your director (or above).
  3. Click the Upload button to upload the selected approval.
  4. If you are not the delegated system administrator, use the next Browse button to find the approved business case stating why you should be given administrator access.
  5. Click the next Upload button to upload the selected business case.
  6. Click the Submit button.