Note: As an Application Access approver or certifier, you will have privilege to view, approve, certify, or reject application requests submitted to you by requesters. All approvers and certifiers need to be predefined for each application access approval. Users identified as Application Administrators will need to complete the AMS Role Request Form for submission to IAMAMSPMO@hhs.gov for assignment. (NOTE: to view a PDF document, you must have Adobe Reader installed.)
Not all applications will have the same number of approvers or will include certifiers. This will be dynamic based on each application. Applications may have up to three approvers: Federal Manager, Application Owner, and Application Administrator, and one certifier: Personnel Security Administrator (PerSec Admin). This job-aid details the approval steps for the Federal Manager, Application Owner, and Application Administrator as well as the certification steps for PerSec Admin.
Authorizing application access tasks requires authentication with your HSPD-12 access card (PIV); if you logged into AMS by other login credential, you will be required to complete a second step of authentication before you can proceed with related activities.
Log into AMS at http://ams.hhs.gov using your HSPD-12 access card. For quick and easy access to your applications, add this page to your browser favorites or create a desktop shortcut.
From your AMS homepage, select the "Application Access Management" tab.
Select the "Authorize Application Requests" sub-tab.
Note: Pending requests requiring approval or certification are indicated by a parenthetical notation that indicates number of requests that require action by the approver or certifier. This number is displayed on the Application Access Management tab as well as the Authorize Access Requests sub-tab. If there are no requests requiring your approval, no number will be visible.
Select "Pending" from the "Request Status" drop-down list and click "Search" button.
To proceed, click "Agree" on the "Data Protection Policy Statement" pop-up notice.
Select the Request ID for the request that you wish to review and act upon. A pop-up window will be displayed with the "Approve Request" and "Reject Request" buttons available for you to click.
Note: The pop-up window displays an application approval trail showing which approver’s queue the request is in, and its current approval decision. It also shows all the remaining approvers in the approval process.
To approve the request, click the "Approve Request" button; to reject the request, click the "Reject Request" button.
If you "Reject" an application request you will need to select a "Reason for rejection" from the pre-populated drop-down list.
Note: The reason for rejection will vary depending on if the submitted request was for adding access versus removing access.
Addition of Access Rejection:
Removal of Access Rejection:
Upon submission, a pop-up will appear confirming your action (approval or rejection) with a "Close" button.
An email notification will be sent to the next approver level as defined in the application if one exists. Otherwise an email notification will be sent to the "Requester", and "Other User" if the request was submitted on behalf of another user, and to the "Federal Manager" indicating approval or rejection after the LAST approver approves or rejects the request.
Note: If manual account management (provisioning/deprovisioning) occurs, the application access request should be approved after the account has been created/removed in the application. This step occurs only after the LAST approver approves or rejects the request.
If automated account management has been implemented, then approval will provision the application account. Request Status will change to "Provisioned". This step may occur after the submission of the request if no approver has been assigned to the application, or will occur after the LAST approver approves or rejects the request.
Personnel Security Administrator Certification
For users who are defined as a Personnel Security Administrator, the certification process is slightly different in that instead of seeing the "Approve Request" and "Reject Request" buttons, "Certify Request" and "Reject Request" buttons will be displayed in the pop-up window as noted in Step 6. This is the only deviation from the other approvers. All other steps used to log in and view the requests are the same as the other approvers.
If you "Reject" an application request you will need to select a "Reason for rejection" from the pre-populated drop-down list. The reasons for rejection, however, will differ from the reason for rejection for approvers.
Once "Certify Request" is selected, a pop-up will appear confirming your action (certification) with a "Close" button.
Note: In the event that a user requests interim access to an application, the Personnel Security Administrator will be required to approve the request even if the Personnel Security Administrator was not originally defined as an approver for the application.