Publication Date: February 1, 2006

Author: G. Kay Jacks, General Manager, FSA Application, School Eligibility and Delivery Services

Summary: Updated COD Web Site Access for Schools

Posted on 02-01-2006

This announcement provides updated instructions for schools seeking access to the Common Origination and Disbursement (COD) Web site, www.cod.ed.gov/. These instructions supersede all previous versions that we have posted on the IFAP Web site.

The first step to gaining access to the COD Web site is to set up a security administrator for your school. The questions and answers that follow below explain how to complete the set up process. Once the security administrator is set up, he or she will be able to set up other COD Web site users at your school.

Third party servicers should refer to the Electronic Announcement entitled "Updated COD Web Site Access for Third Party Servicers" (that we are posting to the IFAP Web site along with this one) for the procedures they follow to access the COD Web site.

What is a security administrator for the COD Web site?
A COD security administrator provides access to the COD Web site for users at his or her school. Your school can determine the number of security administrators for the school, although we suggest that this number be limited for security purposes.

How do we set up a security administrator for our school?
Your school must submit a security administrator request letter by mail, so that we have a signature on file. This letter must be printed on your school's letterhead and include the following information:

• School's name;
• School's COD ID (if you do not know your school's COD ID, contact the COD School Relations Center);
• School's Third Party Servicer (if applicable);
• Security administrator's first name;
• Security administrator's last name;
• Keyword - security administrator's mother's maiden name, favorite dessert, or pet's name (include only one keyword of 20 or fewer characters that will be used to identify an administrator if he or she forgets the Web site password);
• Security administrator's work telephone number;
• Security administrator's e-mail address;
• Security administrator's job title;
• Security administrator's work address;
• Security administrator's work fax number;
• Security administrator's signature; and
• Approving authority's name, title, work telephone number, e-mail address, and signature (this must be a different and higher-ranking school official unless there is no higher-ranking school official than the security administrator).

Note: Your school may provide the name of its third party servicer (if applicable). Including this information in your letter helps us provide better customer service. Providing the name of your school's third party servicer does not authorize the third party servicer to access your school's data. As noted above, the third party servicer must submit a separate request to access the COD Web site.

Where does our school send the security administrator request letter?
Mail the signed security administrator request letter (printed on your school's letterhead) to:

U.S. Department of Education
Attn: COD Web Access
COD School Relations Center
P.O. Box 9003
Niagara Falls, NY 14302

How will our school's security administrator receive his or her user name and password?
The COD School Relations Center will send the security administrator's user name and password to the e-mail address provided in the security administrator request letter. For security purposes, the COD School Relations Center will send the user name and password in separate e-mails. The security administrator's password is sensitive information and should not be shared with anyone.

How does our school's security administrator reactivate his or her user ID if it is automatically deactivated due to one of the established inactivity events?
A security administrator's user ID will be automatically deactivated when-

• A temporary password is not changed within a 24-hour period;
• The COD Web site is not accessed for a consecutive 6-month period following the first visit and change of temporary password; or
• The COD Web site is not accessed for a consecutive 3-month period following the last visit of a user who has logged in to the COD Web site more than one previous time.

To reactivate his or her user ID, the security administrator must call the COD School Relations Center.

Once our security administrator is set up, how does he or she create user accounts for staff members at our school?
To create user accounts for staff members at your school, the security administrator completes the following steps:

• Log in to the COD Web site, www.cod.ed.gov/, and click on the User tab to display the User Search screen.
• Click on the Create New tab at the bottom of the User Search screen to display the Create Profile screen.
• Enter the following information for the new user:
  • First name;
  • Last name;
  • Keyword;
  • Phone number; and
  • E-mail address.
• Select the new user's security access level from the User Role drop down box. For a listing of the COD Web site functionality available to each User Role, refer to the "School User Roles" section of the "Common Origination and Disbursement (COD) Web Site User Roles" chart attached to this announcement.
• Select the appropriate COD ID from the Entity ID Type drop down box.
• Enter a new password in the New Password field. (Passwords are case sensitive and must be 8 characters consisting of 6 alpha, 2 numeric or 5 alpha, 3 numeric.)
• Re-enter the new password for confirmation in the Re-enter New Password field.
• Click on the Submit button at the bottom of the Create Profile screen. A Profile screen with the new user's information (including the COD system-generated User Name) then displays.
• Click on the Submit button at the bottom of the Profile screen to confirm the new user.
• The new user's user name and password will then be sent to the new user in separate e-mails.

Notes:
1. Each user (School User 1-4 as well as security administrator) is responsible for keeping his or her own "Keyword" field current. A user may change his or her "Keyword" at any time.
2. If the user ID for a School User 1-4 is automatically deactivated due to one of the inactivity events listed in "How does our school's security administrator reactivate his or her user ID if it is automatically deactivated due to one of the established inactivity events?", the user must contact the security administrator to reactivate his or her user ID.
3. When a School User 1-4 no longer requires access to the COD System, the school's security administrator has the responsibility to deactivate the user ID for that user in the COD database.

Should we create a user account for the third party servicer that supports our school?
No. It is not necessary to create a user ID and password for a third party servicer that supports your school. As previously noted, third party servicers are responsible for setting up their own COD security administrators and user accounts.

Will our school's third party servicer be able to view information and records for our school?
Yes, provided that your school's third party servicer has requested and received access to the COD Web site. COD receives information about the relationships between schools and third party servicers from data stored in the TG Numbers at SAIG. This information allows users within a third party servicer organization to access data for the school or schools they support, provided that the TG Numbers at SAIG reflect that a relationship exists. If a change in relationship occurs, the school must contact CPS/SAIG Technical Support about the change. The toll-free telephone number is 800/330-5947, and the e-mail address is CPSSAIG@ed.gov.

How does our school update information about a security administrator or set up an additional security administrator?
When your school needs to update information about your current security administrator or set up an additional security administrator, it must submit a new signed security administrator request letter that includes all of the required information.

How does our school deactivate a security administrator's account if we no longer want him or her to be our security administrator?
When your school needs to deactivate a security administrator's account, it must notify the COD School Relations Center in writing. The written notification may be-

• Mailed to the address provided in "Where does our school send the security administrator request letter?";
• Faxed to 877/623-5082; or
• E-mailed to CODSupport@acs-inc.com.

In all cases, the written deactivation request must include the following information:

• Name of Security Administrator (whose account is to be deactivated);
• School's name;
• Approving authority's name;
• Approving authority's title;
• Approving authority's work telephone number; and
• Approving authority's e-mail address.

Note: The approving authority should be the same official who requested the set up of the security administrator. However, if the initial approving authority no longer serves your school in that capacity, the new person in that capacity should be named. As a reminder, the approving authority must be a different and higher-ranking school official than the security administrator unless there is no higher-ranking school official than the security administrator.

If the deactivation request is mailed or faxed to the COD School Relations Center, it must be printed on your school's letterhead.

If the deactivation request is e-mailed to the COD School Relations Center, it must be sent from an address that clearly identifies your school.

Contact Information
If you have any questions about this announcement or experience any difficulty setting up a COD security administrator, contact the COD School Relations Center at 800/4PGRANT for Pell Grant or 800/848-0978 for Direct Loan. You may also e-mail CODSupport@acs-inc.com.

Attachments/Enclosures:

Common Origination and Disbursement (COD) Web Site User Roles in MS Word Format, 39KB, 1 page

Common Origination and Disbursement (COD) Web Site User Roles in PDF Format, 17KB, 1 page

FOIA | Privacy | Security | Notices WhiteHouse.gov | USA.gov | ED.gov