Updated for 2025–26 Administration Print This Guide

Access, Logons, and Passwords

Overview

It is required that LEA superintendents are the first to sign on and begin the process of creating LEA accounts and assigning roles. Superintendents, LEA coordinators, or site coordinators must create an account for any additional user before they can access TOMS, the Test Administrator Interface, interim assessments, CERS, or Tools for Teachers.

The first time a TOMS account is accessed during an administration year, the user must complete the associated security forms. Users with the Test Administrator, Test Examiner, LS Correspondence Administrator, and LS Data Entry roles must complete the Test Security Affidavit. Those serving in coordinator roles must complete the Test Security Affidavit as well as the Test Security Agreement. Users who have access to both CAASPP and ELPAC must complete the forms for both programs.

This chapter provides information on the following:

Single Sign-On (SSO)

Single Sign-On allows a user to have a single set of credentials to access all the California assessment-related systems. Users can log on to the individual systems through the CAASPP & ELPAC Website and can also transition among systems once they are logged on to a system. In TOMS, hyperlinks for these systems can be found under the [Links] navigation tab in the top navigation bar. Please refer to External Links for details.

The following are hyperlinks to the California assessment systems available through SSO:

Access to TOMS

The superintendent role in TOMS is assigned on the basis of information received from the California School Directory, which is maintained by the CDE. Users designated with the superintendent role receive an email notification indicating that a new account has been created.

To receive a password, first-time superintendent users select a secure link in the email notification to create a password and log on to TOMS. If a superintendent role is added to an existing account, the user is able to log on to TOMS using existing credentials. New LEAs or direct-funded charter schools should ensure that their current information is maintained with the CDE, including the California School Directory, for it to be updated in TOMS.

A superintendent can designate LEA CAASPP coordinators and LEA ELPAC coordinators for the LEA. For existing LEA CAASPP coordinators and LEA ELPAC coordinators, once the superintendent designates the LEA coordinator for a new test administration, the LEA coordinators can log on to TOMS using their current user ID and password. For new LEA coordinators, once the superintendent designates the role, the coordinators receive a welcome email containing a link to set up a password to log on to TOMS.

New users must select the [Reset Password] link to establish a new password. For assistance with passwords, refer to Resetting a Password.

Security Agreements and Security Affidavits

Security forms for LEA coordinators—the Test Security Agreement form and the Test Security Affidavit form—are found in TOMS and must be renewed every year. Existing users are presented with the form(s) connected to the users’ assigned role when logging on for the first time for the test administration year or after being assigned a new role. New users are presented with these forms after setting up the new account and logging on to TOMS.

The Test Security Agreement states that, as a coordinator, the signer will not only safeguard information, but ensure that all persons with access to the assessments will also take the appropriate steps to safeguard the assessments. The agreement also states that coordinators are responsible for confirming that all appropriate roles have signed the Test Security Affidavit.

The Test Security Affidavit states that the signer will follow each of the listed items to safeguard the assessments as well as administer them in manners that match the directions for administration of the assessments.

Each LEA coordinator and site coordinator must use the Security Form s and Remote Administration Status Report to ensure that all coordinators have signed the Test Security Agreement and that all coordinators, test administrators, test examiners, and designated staff members who will have access to test materials have signed the Test Security Affidavit.

A signed copy of the Test Security Agreement is required for the following roles:

  • Superintendent
  • LEA coordinator
  • Site coordinator

A signed copy of the Test Security Affidavit is required for the following roles:

  • Superintendent
  • LEA coordinator
  • Site coordinator
  • Test administrator (CAASPP only)
  • Test examiner
  • LS correspondence administrator (ELPAC only)
  • LS data entry (ELPAC only)

Staff who will not have access to TOMS but will have access to testing materials or will be present when testing materials are accessible must complete the Test Security Affidavit for Non-TOMS Users. Non-TOMS affidavits must be stored locally for the entirety of the administration. LEAs may copy the Non-TOMS affidavits into an electronic version to aid in getting staff to sign.

The Test Security Agreement (figure 1) or Test Security Affidavit appears when a designated user logs on to TOMS for the first time. Designated users are required to read and sign the stipulations of the required agreements prior to gaining access to TOMS.

Unsigned CAASPP Test Security Agreement.

Figure 1. CAASPP Test Security Agreement—unsigned

Figure 2 displays a signed Test Security Agreement.

The signed Test Security Agreement or Test Security Affidavit displays the following information about the user:

  • Name (first and last)
  • Assigned role
  • Administration year applicable to the Test Security Agreement or Test Security Affidavit
  • Saved signature, in the form of the user’s first and last names, as well as the date and time the signature was applied to the agreement

Signed Test Security Agreement.

Figure 2. CAASPP Test Security Agreement—signed

Users will take the following steps to complete the required form:

  1. Log on to TOMS.
  2. Read the entire agreement.
    • Select the [Submit] button.
    • Select the [Print] button to print the signed agreement. (Printing is optional.)
    • Select the [Continue] button to continue to the next security form or, if there are no more security forms to sign, to continue working in TOMS.
  3. If a user has multiple roles, select a role.

Log On to TOMS

Take the following steps to log on to TOMS:

  1. Access the CAASPP & ELPAC Website, and then select the [Test Operations Management System (TOMS)] button.

  2. When the Logon screen appears (figure 1), enter the username (user’s email address) and password, and then select the [Secure Logon] button.

    Logon screen.

    Figure 1. TOMS Logon screen

  3. The user may be prompted to enter a verification code: The two-step verification process is initiated the first time a user logs on to TOMS using a new device or browser.

    Email verification screen, requesting that you enter an emailed code.

    Figure 2. TOMS Confirm Account screen

    1. The Confirm Account screen (figure 2) requesting an emailed code appears.
    2. An email is sent to the user from ca-assessments@ets.org with the required code, which is valid for 15minutes.
    3. The user must enter the code and select [Submit] to gain access to TOMS.

    The Welcome to TOMS dialog box (figure 3) displays the user’s name, email address, and the associated role(s). A user can have more than one role but can use only one role at a time.

    Welcome to TOMS—Select a Role.

    Figure 3. Select a role from the Welcome to TOM S screen

  4. Select a role and administration year, and then select the [Logon] button.

    The user’s selected role and administration year is displayed in the top-right portion of the screen, above the top navigation bar (figure 4).

    User role display in the top-right of the screen.

    Figure 4. User role display

Change Roles

  1. To change roles without logging off TOMS, select the [Change Role] down arrow [Down arrow-head icon representing the Change Role action.] icon next to“Logged on as” in the upper-right side of the application window (figure 4).
  2. Select a role and test administration year from the drop-down list.

Passwords

A user who is new to CAASPP and ELPAC must first be added to TOMS by an existing user and then establish user credentials by creating a password.

The password must follow these rules:

  • Minimum of 12 characters
  • None of the last 24 passwords used
  • At least one character from each of the following categories:
    • An uppercase letter (A–Z)
    • A lowercase letter (a–z)
    • A one-digit numeral (0–9)
    • A special character (%, #, !, etc.)

Upon creation of the new account, the new user will receive a welcome email from CA-Assessments-DoNotReply@ets.org with information about the user role. When logging on for the first time, the user should select the [Reset Password] link, enter an email address, and then follow the instructions to create a password, which aresimilar to the instructions in the next subsection, Resetting a Password.

Existing users who have had user roles during previous test administration years must reset passwords and security questions to gain access to the current California assessment systems.

Resetting a Password

Existing users will receive an email from ca-assessments@ets.org.

In addition, users will be asked to enter a verification code as part of the two-step authentication process upon the first use of TOMS on a web browser or device. This code is sent from the ca-assessments@ets.org email address. This step must be taken within 30 minutes of receipt of the email.

To reset a forgotten password, access TOMS to request the password reset email. Take the following steps:

  1. Use a web browser to access the CAASPP & ELPAC Website, and then select the [Test Operations Management System (TOMS)] button.

    The Logon screen appears (figure 1).

    Logon screen.

    Figure 1. TOMS Logon screen

  2. Select the [Reset Password] link on the Logon screen.

    The Reset Your Password screen appears (figure 2).

    Reset Your Password screen.

    Figure 2. Reset Your Password screen

  3. After entering the email address in the Email Address field, select the [Send Link to Email] button. Then, check for an email message from ca-‍assessments@ets.org containing the secure link to reset the password.

  4. The user will receive an email from ca-assessments@ets.org with a link to reset the password. The link must be used within 30 minutes of receipt of the email (figure 3).

    Secure Link message.

    Figure 3. Secure link message

  5. When the link is selected, the Reset Your Password screen appears (figure 4). Enter a new password in the New Password field; reenter it in the Re-Enter New Password field. The password must follow these rules:
    • Minimum of 12 characters
    • None of the last 24 passwords used
    • At least one character from each of the following categories:
      • An uppercase letter (A–Z)
      • A lowercase letter (a–z)
      • A one-digit number (0–9)
      • A special character (%, #, !, etc.)

    Reset Your Password screen.

    Figure 4. Enter a new password in the Reset Your Passwor d screen

    When the password has been entered and confirmed, select the [Reset Password] button.

  6. After the user successfully logs on, the MyTOMS Home screen will appear.