/
Changes to ACER, GCN, ISAT and uhAcknowledgement

Changes to ACER, GCN, ISAT and uhAcknowledgement

Created by Julio Polo
Last updated: Oct 22, 2021
2 min read

There will be major changes to ACER effective January 3, 2022.  Please prepare accordingly:

  • The ACER Compliance Periods will no longer be used.  We'll be going back to renewals based on the actual date that a person complied.

  • The UH Information Security Awareness Training (ISAT) will be valid for one year from the date the person completed it.

    • ISAT renewal emails will be sent from datagov@hawaii.edu 30 days and 7 days prior to ISAT expiration.

    • We expect a lot of people to be out of ISAT compliance once the changes take effect.  No renewal emails will be sent during the first month of these changes to avoid overwhelming department contacts and help desks.   Departments will have a tool to monitor ISAT compliance and can communicate with their faculty/staff as part of our migration to this yearly ISAT model.

  • The University of Hawaii General Confidentiality Agreement (GCN) will be one of the questions in the annual ISAT.

    • The GCN does not need to be renewed annually, but it will expire when the person leaves UH.

    • No annual GCN renewal notices will be sent from datagov@hawaii.edu

    • If a UH employee transfers to another unit within UH, the GCN remains valid and the ISAT annual renewal date remains unchanged.

  • The uhAcknowledgement attribute returned by LDAP/CAS WILL NO LONGER INCLUDE EXPIRED ISAT (uhInformationSecurityAwarenessCertification with a date older than a year)

    • This enforces the one-year ISAT validity period for all applications.

    • This means your application cannot read an old expired ISAT compliance date from CAS/LDAP in order to notify a person that, for example, their ISAT was done over 3 years ago on 7/1/2018.

    • This also applies to any report we are currently sending to some of you.  It will no longer include expired ISAT.

    • All other values (e.g. generalConfidentialityNotice) will remain in uhAcknowledgement unless the person has left UH (true for GCN, but different rules may apply to other ACER items)

    • ACER can only be set for a person.  It should not be set for a departmental account.   Any prior uhAcknowledgement values that were set in the ou=misc,dc=hawaii,dc=edu LDAP branch will be deleted.  Going forward, ACER will reject any attempt to set ACER values for a non-person.

  • The following uhReleasedGrouping values will automatically reflect the above changes:

    • hawaii.edu:store:uhims:general:isat-compliant

    • hawaii.edu:store:uhims:general:gcn-compliant

    • hawaii.edu:store:uhims:general:isat-compliant-renew (within 30 days of ISAT expiration)

    • hawaii.edu:store:uhims:general:gcn-compliant-renew (should no longer appear since GCN does not expire)

  • ACER Messages will be available through the UH Message Broker.

There will be a general community announcement from Data Governance about these ISAT/GCN changes in the near future.   Please make sure your applications and your staff are aware of these changes.

If you have technical questions about these ACER changes, contact its-iam-help@lists.hawaii.edu. Otherwise, contact datagov@hawaii.edu for general ISAT/GCN policy questions.

Related content