Project Theme: Improving Process and Operations

Microsoft is moving to a more secure method of authentication that changes “Push” notifications. The new process for logging into Microsoft 365 gives you an auto-generated number to type into your device. Microsoft doesn’t have an exact switchover date, but the purpose of this project is to get campus ready before Microsoft acts. Pilot groups are currently testing the system. (“Number matching” means that when users go through an MFA Authentication, they see a number… Read More about Microsoft M365 Number Matching for MFA.

This project will create a new user interface for managing email addresses and aliases. This interface will let campus users choose which UNC-based email address they want as their primary. When individuals create an email address or alias, the interface will prevent them from duplicating an existing Onyen-based email address or previously claimed alias. This change is a step toward having a single authoritative source for all email tenants and remediates the persistent confusion among… Read More about Central Email Registry with midPoint – Phase 1.

The project’s purpose is to determine the policy for deprovisioning WebAuthn registrations when people lose affiliation with the University, and then implement a technical solution to perform deprovisioning according to that policy. The policy will also identify how often WebAuthn registrations will expire. Project implementation will enable the Carolina Key project to roll out to the entire campus. If we do not complete this project, Carolina Key will remain in a pilot phase, and there… Read More about WebAuthn Deprovisioning with midPoint.

Enterprise Applications began an initiative in January 2022 to solicit feedback from campus users, central offices, Access Request Coordinators (ARCs) and others to understand the pain points experienced in the current Access Request Process and Tool. Analysis of the feedback informed our next steps to focus on two major areas of effort during 2022 and 2023: 1) Short-term adjustments to current environment – There are several items that will provide some immediate benefit for the… Read More about Access Request Re-Engineering.

All employees at the University use TIM, the University’s time reporting and accruals system, making it the most widely used administrative system at the University. TIM is the University’s branding for a product called “Workforce Central,” which is made by the company UKG. Workforce Central is approaching end-of-life and needs to be replaced. The TIM 2.0 project will replace Workforce Central with another product by UKG called “Data Dimensions,” which has similar or better features. … Read More about TIM (Time Information Management) 2.0.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a broad federal law that is in part designed to provide national standards for protection of certain information related to the provision of or payment for health care. There are currently 11 HIPAA covered units outside of the School of Medicine which need to comply with the HIPAA Privacy and Security Rules. We will conduct a risk analysis to identify potential compliance gaps in… Read More about HIPAA Campus Risk Assessment for HIPAA Covered Units.

Phase I of Carolina Talent Performance was implemented last year, but the performance appraisals were still being done on paper forms. For the 2021-2022 performance period, we are implementing online performance appraisals in Carolina Talent along with with additional changes related to: Second level manager signatures HR checkpoint review step Employee Self Assessments Automation of currently manual task creation Non-compliance reporting and procedure Comments on Development Plans  

The purpose is to move all ConnectCarolina training and training registration for permanent employees into Carolina Talent, the source of record for training at the University. We will also be moving training registration for temporary and student employees and affiliates in the UNC Event Registration system and determine a solution for where temporary and student employees and affiliates will take ConnectCarolina online training, since they can’t access Carolina Talent. The anticipated start date is 2/14/2022… Read More about Transitioning ConnectCarolina Training into Carolina Talent.

This project will define incident type categories, and for each category, identify: the corresponding responsible units, the applicable governing law and University policies, and the methods of reporting incidents This project will also develop guidance for users so they can easily access, understand and follow processes in compliance with governing law and UNC-Chapel Hill Incident Management Policy. Secondary goals include improving coordination between campus “incident” authorities, reducing risk and identifying gaps in our processes. When… Read More about University Incident Management.

Phase one of the Background Check project went live in May 2021, but a second phase is needed. Phase two has multiple parts. First, our contract with CastleBranch, the existing Background Check vendor, ends in December 2021. We’ve chosen InfoMart as the University’s new vendor, so phase two will switch all integrations from CastleBranch to InfoMart. This phase needs to be completed by the end of this calendar year. The second part of phase two… Read More about Background Check Phase Two.

The PHP platform that the Software Distribution service operated on was no longer supported by the vendor, so this project upgraded the platform. The project also transitioned support of the service from ITS Infrastructure and Operations to the University Services team in ITS Enterprise Applications.

The ITS Identity Management team receives frequent requests from groups around campus for centralized and automated provisioning and de-provisioning of user accounts. User provisioning and deprovisioning involve the process of creating, updating and deleting user accounts in multiple applications and systems. We currently use a home-grown utility known as IMPROV for this purpose, but it only provisions Onyens and Guest IDs. It does not provision for other forms of accounts. IMPROV also does not do… Read More about Onyen Deprovisioning in midPoint.