Skip to content

Access Requirements for Comptroller Systems

FPP K.015

ASC Responsibilities

ASCs must:

  • Become familiar with the data privacy and safeguard rules and security rules contained in the Texas Administrative Code.
  • Ensure internal agency policy mandates users acknowledge the Confidential Treatment of Information Acknowledgment (CTIA) before accessing any Comptroller systems or databases.
  • Ensure the agency maintains access to valid methods and evidence of acknowledgment for the length of the users’ employment or contract, plus five years, which includes:
    • Paper or electronic copy of CTIA form
    • CTIA system (online)
  • Obtain management approval prior to submitting an access request.
  • Provide agency-level security support according to the Security Coordinator Reference Guide (login required), including but not limited to:
    • Submit requests to authorize or change access.
    • Reactivate User ID and passwords for appropriate users.
    • Reset passwords as necessary.
    • Ensure that no user has payment release/approval capabilities in USAS, USPS or SPRS unless:
      • The individual is properly authorized.
      • The individual is listed on a voucher signature card.
      • The Comptroller’s office has been properly notified about the authorization.
    • Certify that agency records and access are up to date through a semiannual security verification.
    • Immediately report any actual or suspected breach of security to the Comptroller’s Information Technology Help Desk at (512) 463-4357.
    • Serve as the point of contact when a security incident occurs.
    • Keep the ASC’s own user ID active.
    • Submit request for removal/deactivation of access no later than the user’s last day of performing their duties, when a user terminates employment or no longer requires access.

Note: The CAPPS termination process allows employees (not contractors) the ability to access the CAPPS system for basic inquiry of individual profile attributes for two years after termination. An agency may elect to disable this feature agency-wide.