Skip navigation

STANFORD UNIVERSITY

INTERNAL AUDIT & INSTITUTIONAL COMPLIANCE

Stanford Procedures for External Auditors - IT Acess Requests

Background

It is imperative that Stanford University Faculty, Staff and Students comply with all University policies, procedures, standards and guidelines.  In addition, Stanford is subject to numerous regulations and contract provisions which convey to government agencies and private sponsors the right to audit the University’s books and inspect our facilities and operations.  Stanford is committed to fully comply with its obligations in connection with such audit and inspection rights.  On a reasonably timely basis, Stanford will provide external auditors and inspectors (hereafter “External Agents”) with access to all documents and data to which they are entitled, except those deemed by the University to be legally privileged or protected. However, this process requires preparation and cooperation by the External Agent.

General External Audit / Review Protocol

Before any audit or inspection is begun at Stanford by External Agents, they should contact: The University’s Department of Internal Audit & Institutional Compliance. (mail).
For additional information, please see Internal Audit's Guidance for External Auditors Working at Stanford University.

<top>

Procedures for External Agents to Obtain Internet or Stanford Network Access

For External Agents who need access to Stanford University's local network (SUNet) simply to use the Internet (for instance, to get to their mailbox on another campus), the University can provide a free, temporary guest account. If additional network access or services are required, then additional procedures and information security checks must be performed before your system can be granted access to the University’s “wired” network. The general procedures to obtain SUNet access are: 

  1. Contact the Internal Audit and Institutional Compliance Department to ensure we understand –
    1. The audit organization you are affiliated with,
    2. The purpose and scope of your audit, and
    3. The timeframe of your planned audit.
  2. Please provide the Internal Audit and Institutional Compliance Department (and the local Department under examination) reasonable advance notice of:
    1. Workspace / Meeting requirements - Please provide reasonable notice (which may vary depending on area under audit, team size and duration).
    2. SUNet connectivity requirements (at least 24 hours advance notice is requested). - Please provide reasonable advance notice if additional team members will require SUNet connectivity (at least 24 hour notice is requested).
  3. The Internal Audit and Institutional Compliance Department will coordinate with you regarding your on-site requirements.
  4. You must agree to the University’s Computer and Network Usage Policy, Administrative Guide Memo #62.

To obtain a Stanford Guest Wireless Account (SGW), no further actions beyond the above action steps are required. Your SGW will be set up in advance of your scheduled arrival.  Your SGW is a temporary account which can be valid for up to 14 days. If you require SGW access beyond a 14 day period, please let us know so we can renew your SGW before expiration.

To obtain additional SUNet access or services (such as wired network access or a University email account), then additional procedures include: the establishment of a University network account, your system’s successful satisfaction of the University’s information security minimum requirements, and registration of your system in the University’s network database system.  

Please send your Audit / Examination Requests to: Internal Audit Department - Guest SUNet Access.

<top>

Last modifiedMonday, 10-Oct-2011 12:18:12 PM

Stanford University Home Page