COM31030 - Background: Allocation of COTAX and CT Online user roles: Role Authoriser duties

Authorising requests

As the Role Authoriser you are responsible for authorising (Word 465KB) applications through the Service Request System (SRS) for a COTAX or CT Online Services role.

You will be alerted to new user role requests by an automatically generated email from SRS.

You should only authorise requests for COTAX and CT Online Services roles where you are satisfied that the member of staff need the role to perform their allocated duties.

It is not possible to refine a user role by preventing access to any specific functions within that role. It follows that if you receive a request for a role for a particular user, they have access to all of the functions proper to the role. Details of the functions within each user role can be found in the ‘Roles Index’ (COM250).

Certain roles cannot be allocated with other roles. For example, the same user cannot have both Clerical Caseworker and Technical Caseworker. Details can be found in the section ‘Roles not allowed’ (COM253) in the Index of User roles.

You must record the allocation of the authorised user role(s) in the Authorised User Registered (previously Establishment) File (COM31040).

As Role Authoriser you must not use SRS to request a COTAX role or a CT Online Services role for your MUID (Word 27KB) for any member of staff you manage.

You are responsible to the Senior Responsible Officer for ensuring the

  • Effective and proper use of COTAX and CT Online services for your MUID

And

  • The maintenance of appropriate levels of security for your MUID

See subject ‘System Security’ (COM31060) in this section for more information.

Top of page

Reviewing user roles

As the Role Authoriser you must carry out a yearly review of all users who hold a COTAX and/or CT Online role in the MUID(s) you have responsibility for. CTIAA (CT, International and Anti Avoidance) will provide lists of users for each Role Authoriser. These lists will show details of users for each MUID at the start of the review period.

The Role Authoriser must check each user still has a valid business case to access the COTAX and Online systems in the MUID they are responsible for.

Where the user has, you must

  • Note the Authorised User Register with the date the review was completed
  • Remind the user about system security (COM31060)

Where the user does not, you must

  • Make sure the role is removed from their profile using SRS
  • Note the Authorised User Register of the date the role was removed from the user

Details of the timetable of the review can be found on the COTAX Intranet site. Role Authorisers may also request a list of users outside of the timetable dates if they need to carry out any extra reviews. You can do this by contacting the COTAX Business Helpdesk(This text has been withheld because of exemptions in the Freedom of Information Act 2000) 

Home | Main Contents | Manual Contents
Previous Page | Next Page | Top | Menu