IDAC for managers

IDAC automatically generates email confirmations on several system events for you as a manager to either do something in IDAC, such as authorise or deny access, or for information.

As a manager, you are responsible for digitally authorising, for example, affiliates and when someone applies for access to specific systems. You will receive login details and activation codes for new employees and are responsible for correctly providing these to the new employee or affiliate.

It is possible to delegate this task during holidays or other absences.

Who is considered a manager?

Why and how should you, as a manager, work with IDAC? 

Regularly reviewing employee permissions is an important part of secure and correct management within the organisation. Changes in management and delegations can sometimes be forgotten, which makes follow-up extra important.

IDAC conducts an annual permission review where resource owners – those responsible for specific systems or resources – receive a summary of the permissions for which they are responsible.

Managers do not automatically receive this review, but have several functions in IDAC that facilitate control and management: 

  • Approve or reject permission requests: When an employee applies for a new permission, it is the current manager who reviews and decides.
  • View employees' existing permissions: Managers can easily check which permissions each employee has.
  • Remove certain permissions: For certain types of permissions, managers can request that they be removed before the matter is forwarded to the resource owner.
  • Apply for permissions on behalf of employees: Managers can initiate requests directly in the system.
  • Check organisational affiliation: Managers can see whether they or their employees are affiliated with the correct organisational unit and, if necessary, contact payroll@ki.se for correction. 

By using these functions, managers can contribute to more efficient and accurate management of permissions, which reduces the risk of unauthorised access and strengthens information security at KI.

At the following times, line managers in the organisation receive automatic emails from IDAC:

The closest manager receives an email

  • When a new individual is added to your organisational unit. If the person is correctly placed in your institution or department, click the link and authorise the update.
  • You will also receive an email from IDAC with the KI-ID and other login details when a new employee or affiliate starts in your group. The department's administrator gets the same email, which happens as soon as 30 days before the start date.
  • An email from IDAC if someone in your group has requested access in another organisational unit. If it is correct, click on the link in the email to authorise.
  • 30 days before a member of staff leaves their employment.

The Head of Department receives an email.

  • When a person has been added to the IDAC at the departmental level, linked to the immediate manager of the department's organisational unit, where the Head of Department is the manager. If the person is correctly placed in your department, click the link in the email to authorise. Only admitted doctoral students should be permitted at the departmental level unless they have been employed or affiliated first.
  • When a person requests access to a shared file folder at the departmental level, for example. Click the link in the email to confirm that the person should be granted access.

You need to log in with your KI ID in KI Play to access the video guides below.

Approve or reject requests

Find resources and members

Delegating access during leave