Upload
hoangnguyet
View
213
Download
0
Embed Size (px)
Citation preview
U.S. General Services Administration
How Do I… Maintain My Online Users
and APCs?
(Presenter name)
(Presenter title)
Citi
July 2012
2012 GSA SmartPay Conference
“Fine Tune Your Payments Program With GSA SmartPay”
This material is intended for use by the GSA only
3
House Rules
®
How Do I…Maintain My Online Users and APCs?
To ensure the best possible learning experience for participants, please adhere
to the following house rules:
• Turn electronic devices to vibrate
• No video taping or audio recording is allowed
• Hold questions to end of session
• Ensure your participant badge is scanned to receive CLP credits
− For each course
• Take advantage of opportunities to provide feedback
− Please select the “Citi Q&A” icon on any Citi PC at the conference
− Answers to be emailed after the conference within 60 days
All Audiences
®
Schedules Available at the Welcome Center All Audiences
4
How Do I… Maintain My Online Users and APCs?
All Audiences
How Do I… Maintain My Online Users and APCs?
Visit the Citibank Welcome Center
– Governor’s Lobby
Visit the Citibank One-on-One Lab –Governor’s Chambers D&E
Citi Q&A Link – Tell us your thoughts
®
Reminders
5
All Audiences
®
Interactive Training Events–GSA
Citi offers Computer-Based Training (CBT) via the Citi Commercial Card Learning
and System Support (CLASS) in CitiManager.
Visit home.cards.citidirect.com and from the Web Tools tab select the CLASS
link
Please contact your Account or Client Manager if you are interested in setting up a
training session. Training can be conducted at a Citi Training Location, on-site at
your office or via the web.
Regional Citi Training Locations
– Norfolk, VA
– Washington, DC
How Do I… Maintain My Online Users and APCs?
6
All Audiences
®
Interactive Training Events–DoD
How Do I… Maintain My Online Users and APCs?
7
e-mail us at [email protected] and
a Citi training coordinator will work with you
directly for on-site or Web-Based sessions.
Citi offers on-site training for its EAS at no cost for agencies meeting the required minimum participant level of 20 or more as set forth in the GSA SmartPay2 Master Contract.
Regional Citi Training Locations
– Norfolk, VA
– Washington, DC
– Visit www.defensetravel.dod.mil/passport to view and register for these sessions
On-site at your base or installation
– 20-participant minimum
– Visit www.citimanager.com/dodhome and under Resources to download the On-site Training Request Form
Web-Based Training (WBTs)
All Audiences
8
The “How Do I..” series is a unique education series designed to
provide your learning experience with policy guidelines, roles and
responsibilities, with instruction on Citi’s tools and technology.
“How Do I…” Manage My CBA Travel Program (DOD and GSA)
“How Do I…” Manage My IBA Travel Program (DOD and GSA)
“How Do I…” Manage My CBA Purchase Program
The “How Do I…” Series
How Do I…Manage my IBA Travel Program and Cardholders
Guidance and Policy
Tools and Technology
Roles and Responsibilities
“How Do I…” Learning Guideposts
Useful
Information
and Tips
Warnings and
things to
watch out for
Additional
information
and resources
All Audiences
9
This course is designed to assist you in
achieving the following objectives:
Helping the APC improve their capabilities with
Citi’s online tools
Facilitate the APC’s ability to support their user
community and to be a proper steward of their
online users
Goals & Objectives
®
How Do I…Maintain My Online Users and APCs?
All Audiences
10
OMB Policy, Online Security and Stewardship
1. OMB and Information Security Policy for GSA SmartPay
Program Online Users
2. Proper Stewardship of My Online Community
3. Passwords and Multifactor Authentication
4. Message Boards, Library and Online Resources
Online User Management Process
5. Setting Up APCs Within Citi’s Tools
6. Self-Registration and Registration Reset
7. Searching for Users
8. Assigning Privileges and Access to Cardholder
Information
9. Merging IDs
Agenda
®
How Do I…Maintain My Online Users and APCs?
All AudiencesAll Audiences
1. OMB and InfoSec for GSA SmartPay Program Online Users
®
How Do I…Maintain My Online Users and APCs?
11
12
OMB and Information Security Policy
®
How Do I…Maintain my Online Users and APCs
Appendix III to OMB Circular No. A-130:
• Establishes a minimum set of controls to be included in Federal automated information security programs;
• Assigns Federal agency responsibilities for the security of automated information; and
• Links agency automated information security programs and agency management control systems
established in accordance with OMB Circular No. A-123.
Automated Information Security Programs:
• Agencies shall implement and maintain a program to assure that adequate security is provided for all
agency information collected, processed, transmitted, stored, or disseminated in general support systems
and major applications.
OMB Circular No. A-130: Appendix III
http://www.whitehouse.gov/omb/circulars_a130_a130appendix_iii
All Audiences
14
Proper Stewardship of My Online Community
®
How Do I…Maintain My Online Users and APCs?
All Audiences
It is important to make sure that when a profile has been
established for someone that the entitlements they have
correspond with their job responsibilities.
From time to time as job roles and responsibilities change, you
have to manage entitlements to ensure proper stewardship of your
online community.
When and APC leaves their position, it is important to remove
their access in CCMS and CitiManager.
All Audiences
The APC community must police their own
members since the banks are not automatically
informed of APC changes
15
Proper Stewardship of My Online Community
®
How Do I…Maintain My Online Users and APCs?
All Audiences
What Does Stewardship Include?
1. Setting up new APCs and Non-Cardholders
2. Removing access to old APCs who no longer have
authority to see cardholder data.
3. Updating Primary Points of Contact for a Hierarchy
4. Maintaining accurate contact information for known APCs
to assist Citi, Cardholders and other APCs
5. Communicating and Disseminating Program Information
All Audiences
17
Passwords and Multifactor Authentication
®
How Do I…Maintain my Online Users and APCs?
Password Overview
Passwords Remain Active: 90 Days
Password Change Notifications:15 Days prior to expiration
Cardholder passwords do not expire
Passwords can be changed on-demand in your CitiManager Profile
Self service password reset is available on CitiManager
Multifactor Authentication (MFA) Overview
Security policies demand more than just passwords
Citi uses 3 Question and Answer options that are unique to each
user
Neither Citi nor any APC can view your MFA questions
MFA Questions can be reset if they are forgotten
Coming This Fall… To help ensure greater
security for our online community, Citi© will be
updating its MFA procedures to provide
greater security though dynamic passwords.
All Audiences
18
How Do I…Maintain My Online Users and APCs?
All Audiences
More than 25% of all
help desk calls are
for password resets
Passwords and Multifactor Authentication
19
How Do I…Maintain My Online Users and APCs?
All AudiencesPasswords and Multifactor Authentication
20
How Do I…Maintain My Online Users and APCs?
All AudiencesPasswords and Multifactor Authentication
21
How Do I…Maintain My Online Users and APCs?
All AudiencesPasswords and Multifactor Authentication
22
®
How Do I…Maintain my Online Users and APCs?
Passwords and Multifactor Authentication All Audiences
23
®
How Do I…Maintain my Online Users and APCs?
Passwords and Multifactor Authentication All Audiences
24
How Do I…Maintain My Online Users and APCs?
Passwords and Multifactor Authentication All Audiences
25
How Do I…Maintain My Online Users and APCs?
All AudiencesPasswords and Multifactor Authentication
26
®
How Do I…Maintain my Online Users and APCs?
Passwords and Multifactor Authentication All Audiences
27
®
How Do I…Maintain my Online Users and APCs?
Passwords and Multifactor Authentication All Audiences
28
®
How Do I…Maintain my Online Users and APCs?
Passwords and Multifactor Authentication All Audiences
30
Message Boards, Library and Online Resources
®
How Do I…Maintain My Online Users and APCs?
Citi Message Board • Allows Citi to communicate and share information with clients pertaining to any program
enhancements and system maintenance.
• The number one method to advise customers of system maintenance and enhancements
Citi Library• Provides for a secure file transfer method when sharing files with Citi.
• Major uses;
• Document Sharing (Provides for upload and download)
• File Delivery
• Program Reports
• Reference Material
• System Logs
Citi Online Resources• Citi periodically posts links that will take you to additional reference materials, such as;
• User guides,
• Job aids, and
• Links to program support sites under Links/Help
• Links can also be Agency or Program specific upon request
All Audiences
31
®
How Do I…Maintain My Online Users and APCs?
All AudiencesMessage Boards, Library and Online Resources
32
®
How Do I…Maintain My Online Users and APCs?
All AudiencesAll Audiences
Details on new system enhancements
are available in the Library about 1 to 2
weeks prior to the release date
Message Boards, Library and Online Resources
33
®
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesMessage Boards, Library and Online Resources
35
Setting Up APCs Within Citi’s Tools
®
How Do I…Maintain My Online Users and APCs?
All Audiences
Where To Set Up and APC
• When setting up an APC with a Citi profile, you want to make sure that you create that
profile using the CitiDirect Card Management System (CCMS) module
• APCs setup using CCMS gives them default access to CitiManager and CCMS
automatically
• Non Cardholders needing only CitiManager or CCRS access can be setup directly in
CitiManager, if you have the create user privilege available to you.
Steps To Set Up and APC
→ Setup the APC in CCMS
→ New APC receives 2 email notices and registers online
→ CCRS and additional entitlements can be provided to the new APC via
CitiManager
36
How Do I…Maintain My Online Users and APCs?
All Audiences
If you are setting up an new APC….
ALWAYS set them up through CCMS. It
will save you a lot of effort later!!!
Setting Up APCs Within Citi’s Tools
37
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSetting Up APCs Within Citi’s Tools
40
How Do I…Maintain My Online Users and APCs?
All Audiences
Be sure that the Create Login
Account is checked or a
CitiManager ID will not be
generated
Setting Up APCs Within Citi’s Tools
41
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesAll AudiencesSetting Up APCs Within Citi’s Tools
43
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesAll AudiencesSetting Up APCs Within Citi’s Tools
46
®
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
Self Registration for the Non Cardholder
• Self Registration is for all non cardholder users
(APC, AO, Reports Only, Auditor, etc)
• Each user ID will get 2 emails
• Temporary Registration ID
• Temporary Registration Password
• Emails are sent to the email that was provided during the ID setup
• Temporary IDs are valid for 60 days
Double check with the new APC that they
received the email. If not, validate that their
email address is correct or have them double
check the “Junk Mail” Folder
47
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
48
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
49
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
50
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
51
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
This is a great opportunity to practice your
“Copy and Paste” skills!
CTRL + C = Copy
CTRL + V = Paste
52
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
53
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
54
All AudiencesAll AudiencesSelf-Registration and Registration Reset
How Do I…Maintain My Online Users and APCs?
55
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
56
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
57
®
How Do I…Maintain My Online Users and APCs?
Resetting a Registration for the Non Cardholder
• The ID and Password provided in the registration email is valid for only 60 days
• Resetting the expire registration is quicker than entering the information a second time
• If an incorrect email was used originally, you can update the email during the
Registration Reset Process
All AudiencesAll AudiencesSelf-Registration and Registration Reset
58
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
59
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
60
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
Expired Registrations are older than 60 days.
Pending Registrations are less than 60 days old, but the
user needs to resend the registration details
61
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
62
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
63
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
64
How Do I…Maintain My Online Users and APCs?
All AudiencesAll AudiencesSelf-Registration and Registration Reset
66
®
How Do I…Maintain My Online Users and APCs?
The purpose of searching for IDs is to allow you to find out who
within your organization has a profile to access to CitiManager.
Searching for Users All Audiences
68
How Do I…Maintain My Online Users and APCs?
Searching for Users All Audiences
Searching for users is essential to
all aspects of Managing online
Users
69
How Do I…Maintain My Online Users and APCs?
Searching for Users All Audiences
Selecting “Activated” or
“Deactivated” is a great way to
speed up your search
8. Assigning Privileges and Access to CH Information
®
How Do I…Maintain My Online Users and APCs?
72
73
®
How Do I…Maintain My Online Users and APCs?
Assigning Privileges
• Most of the functions within the CitiManager modules are entitlement driven
• These entitlements are associated with the privileges you have been assigned
• An APC’s entitlements determine what type of cardholder information you are able to access
• Non-Cardholders have a “default” profile that is created when you set them up in CCMS
• All Non Cardholder profiles may require updates
• Typical updates may include;
• Access to CCRS
• New user creation
• Password reset capability
Assigning Privileges and Access to CH Information All Audiences
Only Non Cardholders may have their
privileges updated. Cardholder only
Profiles cannot be modified
74
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
The search qualifiers help you
refine your search. “Contains” acts
as a wildcard search
75
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
76
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
Assigning entitlements is “inherited”.
You must have the entitlement yourself before
you can provide it to someone else
77
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
78
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
79
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
80
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
81
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
82
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
83
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
How Do I…Maintain My Online Users and APCs?
Assigning Privileges and Access to CH Information All Audiences
89
®
How Do I…Maintain My Online Users and APCs?
The purpose of Merging IDs is to allow users to combine
multiple IDs into a single ID, so they do not have to do multiple
logins.
When merging IDs, make sure that you merge any IDs that
may have lesser permissions into the ID that has the greater
permissions.
Before you can merge an ID, both IDs must be fully
registered so that the Password and MFA questions are
established
Merging IDs All Audiences
93
How Do I…Maintain My Online Users and APCs?
Merging IDs All Audiences
You are always pulling the
privileges into the ID that you
are presently logged on with
(Your Primary ID)
The Alternate ID must have
been previously registered
94
How Do I…Maintain My Online Users and APCs?
Merging IDs All Audiences
The MFA answers
are for the Target ID
being PULLED in
How Do I…Maintain My Online Users and APCs?
(Facilitator Name)
®
Department o
DefenseAll Audiences
97
efficiency, renewable energy & mitigation
In January 2007, Citi released a Climate Change Position Statement, the first US financial institution to do so. As a sustainability leader in the financial sector, Citi has taken concrete steps to address this important
issue of climate change by: (a) targeting $50 billion over 10 years to address global climate change: includes significant increases in investment and financing of alternative energy, clean technology, and other carbon-
emission reduction activities; (b) committing to reduce GHG emissions of all Citi owned and leased properties around the world by 10% by 2011; (c) purchasing more than 52,000 MWh of green (carbon neutral) power
for our operations in 2006; (d) creating Sustainable Development Investments (SDI) that makes private equity investments in renewable energy and clean technologies; (e) providing lending and investing services to
clients for renewable energy development and projects; (f) producing equity research related to climate issues that helps to inform investors on risks and opportunities associated with the issue; and (g) engaging with
a broad range of stakeholders on the issue of climate change to help advance understanding and solutions.
Citi works with its clients in greenhouse gas intensive industries to evaluate emerging risks from climate change and, where appropriate, to mitigate those risks.
© 2012 Citibank, N.A. All rights reserved. Citi and Arc Design is a registered service mark of Citigroup Inc..
IRS Circular 230 Disclosure: Citigroup Inc. and its affiliates do not provide tax or legal advice. Any discussion of tax matters in these materials (i) is not intended or written to be used, and cannot be
used or relied upon, by you for the purpose of avoiding any tax penalties and (ii) may have been written in connection with the "promotion or marketing" of any transaction contemplated hereby
("Transaction"). Accordingly, you should seek advice based on your particular circumstances from an independent tax advisor.
Any terms set forth herein are intended for discussion purposes only and are subject to the final terms as set forth in separate definitive written agreements. This presentation is not a commitment to lend, syndicate a
financing, underwrite or purchase securities, or commit capital nor does it obligate us to enter into such a commitment, nor are we acting as a fiduciary to you. By accepting this presentation, subject to applicable law
or regulation, you agree to keep confidential the information contained herein and the existence of and proposed terms for any Transaction.
Prior to entering into any Transaction, you should determine, without reliance upon us or our affiliates, the economic risks and merits (and independently determine that you are able to assume these risks) as well as
the legal, tax and accounting characterizations and consequences of any such Transaction. In this regard, by accepting this presentation, you acknowledge that (a) we are not in the business of providing (and you
are not relying on us for) legal, tax or accounting advice, (b) there may be legal, tax or accounting risks associated with any Transaction, (c) you should receive (and rely on) separate and qualified legal, tax and
accounting advice and (d) you should apprise senior management in your organization as to such legal, tax and accounting advice (and any risks associated with any Transaction) and our disclaimer as to these
matters. By acceptance of these materials, you and we hereby agree that from the commencement of discussions with respect to any Transaction, and notwithstanding any other provision in this presentation, we
hereby confirm that no participant in any Transaction shall be limited from disclosing the U.S. tax treatment or U.S. tax structure of such Transaction.
We are required to obtain, verify and record certain information that identifies each entity that enters into a formal business relationship with us. We will ask for your complete name, street address, and taxpayer ID
number. We may also request corporate formation documents, or other forms of identification, to verify information provided.
Any prices or levels contained herein are preliminary and indicative only and do not represent bids or offers. These indications are provided solely for your information and consideration, are subject to change at any
time without notice and are not intended as a solicitation with respect to the purchase or sale of any instrument. The information contained in this presentation may include results of analyses from a quantitative
model which represent potential future events that may or may not be realized, and is not a complete analysis of every material fact representing any product. Any estimates included herein constitute our judgment
as of the date hereof and are subject to change without any notice. We and/or our affiliates may make a market in these instruments for our customers and for our own account. Accordingly, we may have a position
in any such instrument at any time.
Although this material may contain publicly available information about Citi corporate bond research, fixed income strategy or economic and market analysis, Citi policy (i) prohibits employees from offering, directly or
indirectly, a favorable or negative research opinion or offering to change an opinion as consideration or inducement for the receipt of business or for compensation; and (ii) prohibits analysts from being compensated
for specific recommendations or views contained in research reports. So as to reduce the potential for conflicts of interest, as well as to reduce any appearance of conflicts of interest, Citi has enacted policies and
procedures designed to limit communications between its investment banking and research personnel to specifically prescribed circumstances.