Information Technology Services

1.0         Purpose   

This policy establishes guidelines for Information Technology Services (ITS) support of the management of affiliations at NAU.  This document also details the rules and procedures for establishing and maintaining information technology (IT) affiliations at NAU.  The intended audience is NAU administrators, VP’s, Deans, and Information Technology Services staff.  Please direct comments on this document to NAU’s Chief Information Technology Officer, Fred Estrella (Fred.Estrella@nau.edu).

Executive Summary  

There are two central terms used in this document: affiliate and affiliation.  An affiliate is a person: someone who belongs to an affiliation.  An affiliation is a relationship with NAU usually defined by an agreement.  As used in this document, an Affiliation is also the broadest formal category of relationship.  An Affiliation can be further broken down into Affiliation Types. 

Core Affiliations include the central institutional relationships of students, staff, instructors, or faculty.  Members of these Core Affiliations are administered through the campus administrative computing systems.  Historically, in addition to Core Affiliations, NAU has provided email and other computing-related services to people who are members of affiliated organizations.  These supporting relationships represent Supplementary Affiliations.  In some cases, such as with the ROTC faculty, full computing privileges are provided.  In most cases, such as community college librarians serving NAU students, only a subset of services are provided (such as access to restricted NAU library databases).

Over time, ITS established ad hoc rules to handle Supplementary Affiliates.  Managing these accounts required extra resources since these people were not automatically tracked in the student or human resources system.  ITS designed a system to manually track these outside users and is in the process of implementing automation of online identification and provisioning of their default IT services.  The intent of this document is to formalize rules for granting IT services to people who have a legitimate affiliation with NAU and thus a valid need for computing and networking services.  

Examples of Supplementary Affiliation Types historically recognized for computer accounts include: 

• Academic Computing
• Adjunct Faculty
• Researchers (Arboretum, USGS, etc.)
• Auditor General
• Grant Related Organizations (CEE Gear Up, etc.)
• Cline Library
• Contracted Individuals
• Contracted Organizations (NNAD, US Forest Service, etc.)
• Librarians at 2+2 Community College Campuses
• Navajo Nation Archeology Division
• Emeriti
• Retirees
• ROTC faculty
• Visiting Professor

The data currently consists of over 1000 affiliate individuals in 78 different Affiliation Types.  This number is about 1/3 of the faculty and staff combined total, or, put differently, affiliates make up by size about a third of the non-student IT support commitment.  Each affiliate requires a minimum of two hours annually for account set-up and administration, plus at least an hour (though typically the unique aspects of these relationships far exceed this) of related support.  This easily consumes at least one FTE of support that would otherwise be dedicated to faculty and staff.  The business rules described herein state that each individual and each Affiliation Type must have an appropriately high level NAU sponsor. 

Affiliate accounts cost the University more money to host and manage than faculty, staff, or student accounts.  There shall be a clear University business need established before any computer accounts are issued.  Simply desiring an email account in order to communicate with NAU counterparts is not a sufficient reason to establish an affiliation with NAU. 

Overview  

Affiliate data is now entered in LOUIE, the Oracle/PeopleSoft system, and managed in the campus Lightweight Directory Access Protocol (LDAP) directory system.  The LDAP server provides many campus “middleware” functions.  One of these functions is to reflect the electronic identity for any affiliated person, which includes an Employee ID (EMPLID) and a registered username (UID).  Once an LDAP directory identity has been established, access to various information technology (IT) services may then be granted to the individual.  Examples of IT services that require a directory identity include email, an individual web site, library access, a domain login, etc.  The LDAP directory is a critical, but often invisible, part of the integrated NAU personnel information system, which also includes the NAU LOUIE student and human resources systems.  Integration of these systems means that LDAP and LOUIE automatically feed each other information identifying all affiliates. 

Automated management of Core Affiliations is integrated in the administrative computing system more completely and IT services can be obtained through their LDAP electronic identity.  Supplementary Affiliations are situations where it is also in the best interest of Northern Arizona University to grant IT resources to people or organizations that do not fall into the Core Affiliation categories.  Here is a list showing some examples of such Supplementary Affiliation Types:

• Adjunct Faculty
• AWC NAU-Yuma
• Researchers (Arboretum, USGS, etc.)
• Auditor General
• Grant Related Organizations (CEE Gear Up, etc.)
• Cline Library
• Contracted Individuals
• Contracted Organizations (NNAD, US Forest Service, etc.)
• Four Corners Math Science Program
• IHD SELECT Program
• Librarians at 2+2 Community College Campuses
• Navajo Nation Archeology Division
• Park Ranger Program
• Emeriti
• Retirees
• ROTC faculty
• Upward Bound student
• Visiting Professor
• Vista Access

Many Affiliation Types have been established by formal agreements.   Others have become historical working relationships with no identifiable written agreement in place. These agreements historically may or may not include any direct mention of IT services.  Existing IT services have been assigned on an ad hoc basis through experience, trial and error.  The services are sometimes implied as part of the spirit of these agreements. In other cases, such as with contract workers, a Dean or a Director entered into an agreement with the individual or agency.  Implied in that agreement is a need for the worker to have access to some IT services.

2.0       Definitions    

Affiliates  

In past general usage, “affiliate” loosely meant any affiliation’s member who was not included in a Core Affiliation category.  In simpler terms, an affiliate was anyone who had a formal relationship with the University but was not a student, faculty, instructor, or staff.  Going forward, “affiliate” will be used to denote any member of an affiliation as defined earlier in the Executive Summary.  Affiliates are allowed default services based upon their Affiliation.  Additional services may be granted based on signed agreements with NAU or by signed agreement between the sponsor and ITS based on reasonable IT service needs.  

In order to avoid confusion and produce a structure to organize and administer groups of affiliations, this document defines additional categories and groupings below and summarizes them in Table 1.  Guests of NAU consisting of the general public and any group not specifically requiring IT services as provided for below also have no identification or security requirement, and are therefore not entered into any of the personnel systems.  

Affiliations  

There exist many relationships with NAU across the spectrum from completely informal to formal employment.  Entire organizations may represent an Affiliation, such as the Arboretum or the Museum of Northern Arizona, or they may describe a group participating in a working situation such as Adjuncts.  The Affiliation establishes the relationship and a default set of IT services derives from the needs of that relationship. 

Many Affiliations already exist to facilitate administration of institutional relationships such as employment or various stages of student matriculation.  These specifically NAU organizational Affiliations, such as Faculty, Staff, Instructor, Applicant, Student, etc. are shown in Table 1 as Core Affiliations and are administered under existing enterprise software systems including LOUIE and the LDAP directory. 

This policy document concentrates on Affiliations that fall into categories not previously categorized or covered by either direct employment or enrollment at the University.  All Supplementary Affiliations have previously been described generally as “affiliates”.  They represent all of the related, complementary partnerships that make up Affiliations not included in the Core category. 

Core Affiliations and Supplementary Affiliations (together comprising the overall formal term Affiliation) represent an equal, top level of organizational hierarchy.  They are differentiated only by a very broad description of the general relationship with the University that also allows for description of the transition from old terms and for administration of the updated organization scheme of this document.  With the exception of those Affiliations qualified with “Future”, the Core Affiliations consist of existing, well-defined categories of employees and students who are processed in to the system through the Human Resources process.  Future-qualified affiliations are so designated in order to provide IT services for known incoming affiliates before their official paperwork results in entry into the administrative computing systems. 

Credentialed Association:  This Supplementary Affiliation category consists of affiliates who are entered into NAU computer systems for identification management purposes only.  While their identification on computing systems is necessary to facilitate other types of services from various campus departments, no additional computing services are necessary.  Policy and business rules concerning administration of non-IT services is the purview of the cognizant functional department.   Examples include vendors servicing residence halls, persons receiving NAU ID cards for service purposes other than computing, Recreation Center members who do not fall into the Student, Faculty or Staff categories, etc. 

Collaborative Association:  This Supplementary Affiliation includes community or fraternal types of organizations located outside of the mountain campus and thus away from related infrastructure computing needs.  These organizations have established a partnership with NAU.  This working relationship benefits from their members receiving NAU IT services.  Examples of current Collaborative Association affiliation types include the Arboretum and the Museum of Northern Arizona.  

Collaborative Campus Association:  This Supplementary Affiliation is similar to the Collaborative Association.  However, the associated organization is hosted on the NAU mountain campus or another NAU location such as NAU Yuma or other statewide offices, and thus the NAU computing network.  All affiliated organizations located on campus tend to have a closer working relationship with NAU and typically require more extensive IT services. Affiliation Types include US Forest Service and USGS researchers.

Collaborative Student:  This Supplementary Affiliation category includes various Affiliation Types supported by the Academic Computing area of ITS.  This Affiliation facilitates collaborative academic work with students not included in existing Affiliations related to enrollment at NAU.  Examples include Cline Library affiliates, the Park Ranger Program, and the Four Corners Math and Science Program.

The group including Credentialed Association and the Collaborative Associations and Students represent the main focus of this document.  Administration of these Affiliations begins by entry into LOUIE.  Account and service provisioning is currently manual with an ongoing project designed to maximize automation and include tools such as LDAP groups.  The organizational scheme in this policy will provide the foundation for this work.

Adjunct:  Adjunct contains the single Supplementary Affiliation “Adjunct”.  Adjunct professors are generally recognized by the Department Chair and may or may not have an associated salary.  Adjunct status requires approval and is verified by the Provost’s office.  Affiliation Type will be assigned by department in order to facilitate administration and assignment of sponsors.  

Emeritus:  Professors Emeriti have been so formally designated upon retirement by the President.  There also exist such approved Affiliation Types as Staff Emeritus and Coach Emeritus.  

Retiree: Retirees must meet the profile of having 5 years of credited service, be at least 50 years of age, are receiving a retirement annuity under an Arizona university-sponsored retirement program, and whose employment was not terminated for cause by the university.  Individuals on long term medical disability status from Northern Arizona University, regardless of age, are also eligible.  Retirees are given the option of opting-in to this program by Human Resources as they process their retirement.

NAU Affiliations Categories    

Affiliation Types      

Affiliation Types represent a more granular way to categorize Affiliations.  The Core Affiliations are so tightly defined that no further division is necessary or desired.  Those Affiliations will have an identical Affiliation Type name.  Multiple affiliation types are utilized within the Supplementary Affiliations to significantly improve administration and organize IT services.  

Services Allowed     

Affiliates will typically be assigned default sets of IT services by the ITS Department.  Existing Affiliations will conform to this policy except where existing written agreements specify differently.  Requests to ITS to provide services beyond the default set will contain a copy of the pertinent agreement.  Future agreements will indicate whether the default set of IT services will suffice.  If specific exceptions apply they should be coordinated in advance with ITS and ITS will be included in the approval process. 

Additional services such as the site-licensed software utilized by Institutional Affiliations are typically governed by existing contracts.  An example includes the Microsoft conditions of employment regarding licensing on institution-owned computers.  Where specific restrictions do not apply, contracts may need to be renegotiated to include coverage of proposed new affiliation groups.  Sponsors should include a funding source for additional costs incurred by ITS in delivering the services in question.  

 3.0      Persons Affected   

• Any element of the NAU community who is an affiliate or desires to become an affiliate.
• The President’s Cabinet, university administrators, Deans, Directors, Chairs, ITS, and functional campus offices with a vested interest in creating and sponsoring new affiliate accounts.  

4.0       Policy and Responsibilities  

• The management of NAU Affiliations will be controlled by the President’s Cabinet.
• The technical aspects of implementing this policy will be the responsibility of ITS.
• IT services shall only be assigned going forward based on coordinated agreements that recognize the tenets of this policy and have been agreed-upon by ITS.  All interagency agreements that include IT services shall be coordinated with ITS before being approved.  ITS resources will only be expended based on agreements that are signed by an authority on the List of Authorized Signers.  Boilerplate language that covers the default situations defined above is available from ITS.  Exceptions must be coordinated with ITS.
• The Identity Management Committee (IDMC) will review more specific business rules and make recommendations to the President’s Cabinet regarding ongoing issues such as new Affiliation Type requests.
• There will be appropriate ITS participation representative on the IDMC.  Efficient means such as email will be utilized to expedite review of new, time-critical Affiliation Type requests between periodic meetings.

5.0         Procedures

• An Affiliation Sponsor must petition the President’s Cabinet for any new Affiliation Type. The President and his Cabinet will periodically review and either approve or disapprove all new applications for Affiliation Types.
• Changes to existing Affiliation Types, including any changes to services that they receive, must be reviewed by the IDMC, concurred with by ITS and approved by the President. 
• Approval of new top-level Affiliations or changes to existing Affiliations must be reviewed by the Cabinet and approved by the President, however, creation of new top-level Affiliations should be approached very critically and only considered under conditions of concurrence by ITS and the IDMC. 
• Current Affiliations and detailed business rules and procedures for the technical management of Affiliations will be maintained by ITS.
• More specific business rules such as default service packages by Affiliation, distribution of Affiliate Types within Affiliations, and variations from default service packages or expiration dates will be maintained by ITS and periodically reviewed and approved by the IDMC. 
• In all cases, people seeking an account through ITS must identify their Affiliation.  Affiliations other than Core Affiliations require an appropriately high-level NAU Sponsor. In all cases, it is the Sponsor’s responsibility to assure that the resources granted are in NAU’s best interest, serve a public purpose, and further the mission of the University.  Public funds may only be expended for public purposes and cannot be used to foster or promote purely private or personal interests.  The dispensing public entity must receive “consideration” which is not so inequitable and unreasonable that it amounts to an abuse of discretion.  The NAU Sponsor should proactively contact ITS when there is a change in an affiliate’s status and is responsible for reviewing their assigned affiliate accounts at expiration.
• Affiliates will receive the default set of IT services specified for their Affiliation unless the sponsor arranges for specific exceptions with ITS in advance.  Such exceptions will be approved by the Affiliation Review Committee prior to being implemented. 
• In cases where the Affiliation is with an external organization (Collaborative Association), an External Administrator should be identified when possible.  This person is someone who assumes responsibility for their organization’s members and serves as a point of contact for administering all aspects of the Affiliation.  They will assist their members in understanding the limits on use of their University accounts and services, including the necessity to adhere to the Network Acceptable Use Policy.  The external administrator is responsible for reviewing assigned affiliate accounts at expiration. 
• All Affiliation Types, and the associated affiliates, will be reviewed on an annual basis.  A designatedAffiliation Contact shall be identified as part of the paperwork necessary to set up an LDAP affiliation.  The Affiliation Contact is someone designated by both the NAU Sponsor and, if such exists, the External Administrator to verify membership in the Affiliation Type.  This person will be responsible annually to review the current Affiliation Type list for expiration and continued validity.  This review will determine if the affiliates are still members of the Affiliation Type. If purged, they must reestablish an affiliation with the University should that need arise.  Where more appropriate, such as for temporary account purposes, an expiration date shorter than one year will be assigned to the affiliate.  Affiliate accounts that are not requested for extension will be purged.  The Affiliation Type Contact Person also needs to approve and verify new affiliate requests.
• A review of the services offered for Affiliations will be conducted periodically by the IDMC and the Chief Information Technology Officer. 

6.0       Business Rules for Establishing a New Affiliation     

Sponsors may delegate the administrative work of requesting new affiliate accounts, account review, and purges to their designated Affiliation Contact.  However, they must remain cognizant of all changes for which they are responsible and provide the appropriate authorization. 

Each Affiliation Type must be supported by an appropriately high level NAU Sponsor.  The NAU Sponsor must seek final approval from the President’s Cabinet. Requests will be reviewed and a recommendation as to approval or disapproval made to the Cabinet.  If recommended for approval and services in addition to the default set are requested, the committee will also make a recommendation regarding approval of those services. This request should contain justification for IT services by articulating how the University mission is served, or, alternatively, contain a copy of an official agreement.  A request form can be obtained at:  http://www4.nau.edu/louie/affiliates.html .  

Certain Affiliation Types are proliferated by department.  They are specifically identified by annotating the department name to the Affiliation Type title.  For example, there may be Adjuncts who exist as Adjunct Anthropology, Adjunct Engineering, Adjunct Mathematics, etc.  This practice will be continued and facilitates administration by allowing for specific Sponsors to be tracked within each department.  Whenever a department requests an existing Affiliation Type that is new for their department, that request needs to contain all of the pertinent information for a new Affiliation Type request regarding Sponsor information and so on.  However, it does not require Cabinet review or Presidential Approval. 

Once the Affiliation Type is set up, the Affiliation Contact can be delegated as the person to administer and manage the memberships in the Affiliation.  The Affiliation Contact may be either an NAU employee or a member of the external organization.  Both the External Administrator (if there is one) and the NAU Sponsor need to agree on who is to be a designated Affiliation Contact.  The Affiliation Contact is essentially going to have authority to commit NAU IT services and resources to someone who would otherwise not be eligible for these services.  The Sponsor should impress upon their designated contact the importance of assuring that these resource allocations are serving the mission of the University.  The Affiliation Type data contained below in Table 2 will be provided to ITS. 

In all cases there should be a clear University business need to give each affiliate access to NAU IT resources.  Each Supplementary Affiliate account actually costs the University more money to host and manage than faculty, staff or student accounts.  Existing affiliates represent more than one third of the total non-student institutional IT support commitment.  They include requisite support that typically is more burdensome due to unique, non-standardized situations.  Examples of extra costs include staff time to create, review and administer accounts and support time as affiliates need assistance with services. In some cases it may be beneficial for NAU to provide in-house services, for example, NAU email accounts might be established for an organization that is already housed on campus—in these cases hosting these accounts may be cheaper for NAU than setting up phone lines for an outside Internet Service Provider service. 

NAU email is commonly requested as easier for communications purposes between organizations.  However, the transparency of email, including the ready availability of free or minimally expensive service means that this is less true than in the past.  Alternate Internet Service Providers provide much higher speed service and also typically have both spam and virus controls in place.  Dial-up Internet servicefor as long as it exists via the NAU modem pool is similarly an attractive benefit to offer, but is also hard to justify for free to organizations that are not hosted at NAU or are not very closely associated by business process.  Both consume server capacity and bandwidth that are heavily used by NAU faculty, staff and students and are very expensive to expand and maintain. 

Other IT services generally involve accounts on NAU systems such as a domain account, LDAP (which will exist by default for any affiliate), Blackboard Vista, PeopleSoft, and BusinessObjects.  The justification for these accounts is for business process access to NAU online information.  However, it should be remembered that granting these privileges incurs accompanying security and information access considerations, FERPA and other privacy impacts being examples.  Many times an alternative form of web reporting or other information transfer can be arranged to preclude the necessity of granting this access while still efficiently answering the business need. 

Sponsors’ careful consideration of these implications is essential when they enter into agreements on behalf of NAU.  It is strongly suggested that potential Sponsors contact ITS to facilitate the Affiliation Type approval process or answer any other questions this may have raised.  Other NAU departments providing IT services to affiliates based on authentication will coordinate service delivery with ITS.  Additional IT services will be granted as justified by official agreements, but additional IT access should be limited to only approved services.

In addition, NAU does not intend to compete with private enterprise; many requests for services are best handled by local Internet Service Providers.  Simply wanting an email account in order to communicate with NAU counterparts is not a sufficient reason to establish an Affiliation Type. 

Additionally, the Sponsor should consider security implications of granting access to their proposed affiliates.  Extending services beyond the NAU employee and student population incurs additional risks that the Sponsor accepts responsibility for justifying.  Sponsors will insure that all affiliates become familiar with the Network Acceptable Use Policy and email Use Policy both at account creation and renewal. 

Affiliation Information Data Collection       

The following information needs to be collected to establish an Affiliation Type: 

Affiliation Type Data   

Service periods are generally set for one year, unless the Affiliation Type is specifically for a shorter period of time, in which case the service period should be set for immediately after the end of the needed period.  Longer periods can be approved by the IDMC.  

The NAU Sponsor    

Note that “Visiting” Affiliation Types imply that a short-term expiration date will be set for each affiliate.  The accounts should not last beyond the time the person is actually visiting the campus. 

The NAU Sponsor will be a high level NAU official.  Various levels are required for different types of Affiliation agreements. 

President, Provost, Vice President, Vice Provost    

Unusual or long-term relationships with the University should be approved at the VP level.  These include any agreements that require resources beyond those normally offered to affiliates, agreements with external entities, or an offer to assist an agency or individual using IT resources.  In all cases it is expected that the agency is a non-profit, that there is no inappropriate competition with local business, and that the University has a compelling mission-related reason to offer these services.

Examples of these sorts of affiliations include the ROTC program, the USFS agreement, and the NAU Retirement Association Officers use of campus email, WGU Non-credit students, and the Colorado Plateau Studies partnership. 

Dean or Directors  

A Dean or Director can approve reasonable Affiliation Types involving outside agencies or groups of individuals that are obviously beneficial to the University in support of student or departmental goals.  Examples of these sorts of Affiliation Types include the Library 2+2 arrangement with Community Colleges, The CEE GearUP grant, and contract employees.

Department Chairs 

A Department Chair can establish Affiliation Types in their area for the following:

• Visiting Professors
• Visiting Scholars (graduate or undergraduates invited to NAU)
• Cline Library
• Academic Computing 

7.0       Business Rules for Establishing a New Affiliate      

Once an Affiliation Type has been approved and established, a member of that type may request a computer account.  The Sponsor or their duly designated contact may request account creation by completing an NAU Affiliate Authorization and Application Form.  The current application form is available at http://www4.nau.edu/louie/affiliaterequest.html.  By authenticating in to the form’s web page, Sponsors or their designated contacts will provide an electronic signature verifying that the affiliate meets the requirements of this policy.  A new account will then be created for the affiliate, provisioned with default services unless additional services are specifically requested and justified.

The form requests the disclosure of the person’s Social Security number in order to assure that our data is accurate and to preclude any efforts to acquire and keep a “shadow” computer account not linked with the person’s true identity.  These accounts are not part of normal University business, and are considered a privilege and not a right for the individuals requesting this service.  Therefore, it is legitimate to deny this service to people who do not wish to disclose their Social Security Number.  However, if ID privacy concerns become a critical issue, a substitute, uniquely identifiable number such as an employee ID number, driver’s license number, passport number or visa number can be utilized in the National ID number field.  Entry of affiliates will be the responsibility of the ITS identity management staff position on the Campus Information Team (CIT).  This function may be further distributed to campus functional offices when the capability exists.  Service provisioning will be the responsibility of the Academic Computing staff (for the unique services provided to Academic Support and Vista Access affiliations) and the Solution Center (for all others).  Automated service provisioning is a near-future project. 

Expiration dates are generally set for one year, unless the Affiliation Type is specifically for a shorter period of time, in which case the expiration date should be set for immediately after the end of the needed period.  A unique expiration date will be set if the new affiliate does not need services matching the default Affiliation Type service period.  Some Affiliation Types (such as Visiting Professor) require a unique expiration date.  Also, some affiliates have specific Affiliate Contacts.  An example might be a visiting professor working collaboratively with a faculty member in a department.  Under such an arrangement, the Department Chair can designate his faculty member as the contact responsible for the affiliate’s privileges.  This contact information is stored both at the Affiliation Type and the affiliate level. 

The list of approved default services will automatically be assigned to new affiliates, unless existing agreements or prior consultation with ITS justify any exceptions.  Known agreements will be consulted when setting up accounts, to insure that any agreements with the NAU Sponsor are not violated.  In some cases, such as Library privileges, software licenses and other legal issues must be considered before access to a service can be provided.  Hence, this step is very important.  Other NAU departments providing services based on authentication will coordinate service delivery with ITS.  Additional IT services can be granted as justified by official agreements, but additional IT access should not be granted when an acceptable alternative authentication procedure can be implemented.  

Affiliate Information Data Collection      

The following information will be collected from the Sponsor or their designated Affiliation Contact in order to add a person as an affiliate: 

Affiliate Data   

8.0       Business Rules for Reviewing Current Affiliation Types and Affiliates     

Sponsors and contacts will also perform an annual audit of affiliate accounts.  Sponsors and contacts will receive notification via email 30 and 10 days prior to terminating the account.  The affiliate will be copied and also receive a notification at 3 days remaining.  Contacts should then verify to the ITS Affiliate Management staff on the CIT (responsible for entry, review and purge of all affiliate accounts) that both the Affiliation Type and list of affiliates should be carried forward for another year.  The review will take considerable time and resources, so it is not possible to do this more than once a year.  Any inaccuracies in the affiliation information will be updated at this time.  In the rare case that the Affiliation Type itself is no longer needed, then the accounts under that Affiliation Type and the Affiliation Type itself will be removed.  People who are no longer affiliates will have their LDAP record changed to reflect the loss of affiliation and their accounts will be scheduled for removal.  On most of NAU ITS systems, account removal involves a warning to the account holder and a backup to preserve the data before the account is actually removed.  It is the individual affiliate’s responsibility to retrieve data before terminating their relationship with NAU.   

Sponsors and contacts will contact ITS when NAU IT services are no longer appropriate for an affiliate or when they are no longer part of the population for which the affiliation is extended.  Such notifications help improve our overall network security and limit any potential concerns about providing University IT services to non-affiliated people.  Failure to notify ITS increases the chance for abuse by a disgruntled affiliate and may ultimately put the affiliation at risk.  Pursuant to this document the sponsor of an affiliate has assumed the risk to NAU that may be posed by that affiliate.