Beta This part of GOV.UK is being rebuilt – find out what beta means

HMRC internal manual

COTAX Manual

Background: Allocation of COTAX and CT Online user roles: system security

As Role Authoriser, you are responsible to the senior responsible officer for ensuring the maintenance of appropriate levels of security for COTAX and CT Online Services within your MUID. See COM31030 for more information.

You are also responsible for ensuring that individual users are aware of the security issues in relation to the COTAX and CT Online Services by issuing a Security Reminder (Word 47KB) when you authorise a new user role.

The security of data held on the Department’s computer systems must be protected at all times.

The Department must ensure that its IT systems are not abused in order to comply with the requirements of the:

  • Data Protection Act 1998
  • Computer Misuse Act 1990.

If you suspect abuse of any computer system, you must immediately inform the senior responsible officer.

The guidance given here does not replace existing instructions regarding conduct and discipline proceedings. Abuse of, or unauthorised access to, any computer system is a matter for action under conduct and discipline rules. You can find further information in HMRC’s Acceptable Use Policy under ‘A’ in the intranet Library A-Z.

As Role Authoriser, you must make COTAX and CT Online Services users aware of their obligations concerning the security of the data held on the computer. You should therefore give a Security Reminder (Word 47KB) to all COTAX and CT Online Services users as follows.

  • All staff on first being set up as COTAX or CT Online Services users for your MUID.
  • All staff allocated a new user role or service in your MUID.
  • All COTAX and CT Online Services users in your MUID at approximately annual intervals.

You should record the issue of the information slip in the COTAX Authorised User Registered File, which you are responsible for maintaining.

See COM31051 for legislation applying to this subject.