ACER Compliance Periods
Obsolete as of 1/3/2022
These compliance periods will no longer be used as of 1/3/2022 4:30p. We will be going back to personal annual renewals for ISAT that are based on the date of the actual ISAT completion.
ACER tracks the date on which a person complied with a particular acknowledgement or certification.
The following policy dictates how long a compliance is good for:
Compliance Item | Compliance Period Begins | Compliance Period Ends | Compliance Period Length | Renewal Window |
---|---|---|---|---|
University of Hawaii General Confidentiality Notice (GCN) | Oct 1 | Sep 30 | 1 year | 1 month ahead |
UH Information Security Awareness Training Certification (ISAT) | " | " | 2 years | 2 months ahead |
Terminology and Specifications
- Compliance item
- An acknowledgement, certification or similar action which is tracked by ACER
Examples:
- Comply
- To successfully finish or pass a compliance item.
- Date of compliance
- The most recent date (and time) on which a person complied with a particular item.
- Other names we may use for this:
- ack date
- compliance date
- Compliance Period
- A period always begins on an October 1st at 00:00:00, the Federal Fiscal Year demarcation, which is memorable and has minimal impact on key academic and fiscal business cycles.
- A period always ends on a September 30 at 23:59:59.
- A period can be one year long or several years long.
Each compliance item defines its own period length:
Item Period Length GCN 1 year ISAT 2 years - Every person observes the same periods regardless of their date of compliance. There is no sliding window based on a person's date of compliance.
The periods are standardized for everyone by assuming that all periods began on October 1st, 2000:
Period Length Periods 1 year Simple one-year periods:
10/1/2000-9/30/2001
10/1/2001-9/30/2002
...
10/1/2018-9/30/2019
10/1/2019-9/30/20202 years Two-year periods that always start and end on even-numbered years:
10/1/2000-9/30/2002
10/1/2002-9/30/2004
...
10/1/2016-9/30/2018
10/1/2018-9/30/20203 years 10/1/2000-9/30/2003
10/1/2003-9/30/2006
...
10/1/2015-9/30/2018
10/1/2018-9/30/20217 years 10/1/2000-9/30/2007
10/1/2007-9/30/2014
10/1/2014-9/30/2021
- Renewal window
- The number of months ahead that a person can comply for a period.
- We use months so that renewal windows always begin on the first day of a month.
- Using days could lead to inconsistent renewal windows (60 days = renewal begins on August 2nd)
- Complying during the renewal window means the person is complying with two periods (the current period that is about to end, and the upcoming period)
Each compliance item defines its own renewal window:
Item Renewal Window GCN 1 month ISAT 2 months
- The number of months ahead that a person can comply for a period.
- Effective period
- It spans the period(s) where a person is compliant for a given item
- If the person complied inside the renewal window, the effective period spans two periods:
- the period that applies to the date of compliance, and
- the subsequent period.
- If the person complied outside the renewal window, the effective period is simply
- the period that applies to the date of compliance.
Data for developers
- The date that a person complied is recorded in the uhAcknowledgement LDAP attribute.
- Note that the uhAcknowledgement value is not deleted when the compliance expires.
- This gives us the flexibility to change the above compliance policy.
- You should use uhReleasedGrouping as described below, but if you really need to read the date that a person complied, here's what you should know:
- ISAT completion dates are sent as a batch to LDAP at 1:45 AM.
- All other completion dates are sent live to LDAP.
- Note that the uhAcknowledgement value is not deleted when the compliance expires.
- Applications should read uhReleasedGrouping to determine whether a person is GCN or ISAT compliant.
- These values are updated once a day, around 2:45 AM.
- Using these uhReleasedGrouping values is convenient and flexible because any change in policy is automatically reflected in them.