Access, Logons, and Passwords: Overview

Before users can access TOMS, the Test Administrator Interface, interim assessments, CERS, or Tools for Teachers, superintendents, LEA coordinators or site coordinators must create the account. and LEA superintendents will be the first to sign on and begin the process of creating LEA accounts and assigning roles.

The first time a TOMS account is accessed during an administration year, the user must complete the associated security forms. Test administrators, test examiners, LS Correspondence Administrator, LS Data Entry roles must complete the Test Security Affidavit, and those serving in coordinator roles complete the Test Security Affidavit as well as the Test Security Agreement. Users who have access to both the CAASPP and ELPAC must complete the forms for both programs.

This chapter provides information on the following:

Single Sign-On

Single Sign-On allows a user to have a single set of credentials to access all the California assessment-related systems. Users can log on to the individual systems through the CAASPP website and ELPAC website and can also transition among systems once they are logged on to a system. In TOMS, hyperlinks for these systems can be found under the [Links] navigation tab in the top navigation bar. Please refer to External Links for details.

The following are hyperlinks to the California assessment systems available through SSO:

Access to TOMS

The superintendent role in TOMS is assigned on the basis of information received from the California School Directory, which is maintained by the CDE. Users designated with the superintendent role receive an email notification indicating that a new account has been created.

To receive a password, first-time superintendent users select a secure link in the email notification to create a password and log on to TOMS. If a superintendent role is added to an existing account, the user is able to log on to TOMS using existing credentials. New LEAs or direct-funded charter schools should ensure that their current information is maintained with the CDE, including the California School Directory, for it to be updated in TOMS.

A superintendent can designate LEA CAASPP and ELPAC coordinators for the LEA. For existing LEA CAASPP and LEA ELPAC coordinators, once the superintendent designates the LEA coordinator for a new test administration, the LEA coordinators can log on to TOMS using their current user ID and password. For new LEA coordinators, once the superintendent designates the role, the coordinators receive a welcome email containing a link to set up a password to log on to TOMS.

For users needing assistance with passwords, refer to Resetting a Password.

Security Agreements and Security Affidavits

Security forms for LEA coordinators—the Test Security Agreement form and the Test Security Affidavit form—are now found in TOMS and must be renewed every year. Existing users are presented with the form(s) connected to the users’ assigned role when logging on for the first time for the test administration year. New users are presented with these forms after setting up the new account and logging on to TOMS.

The Test Security Agreement states that, as a coordinator, the signer will not only safeguard information, but ensure that all persons with access to the assessments will also take the appropriate steps to safeguard the assessments. The agreement also states that coordinators are responsible for confirming that all appropriate roles have signed the Test Security Affidavit.

The Test Security Affidavit states that the signer will follow each of the listed items to safeguard the assessments as well as administer them in manners that match the directions for assessments.

Each LEA coordinator and site coordinator must use the Security Form Status report to ensure that all coordinators have signed the Test Security Agreement and that all coordinators, test administrators, test examiners, and designated staff members who will have access to test materials have signed the Test Security Affidavit.

A signed copy of the Test Security Agreement is required for the following roles:

Superintendent
LEA coordinator
Site coordinator

A signed copy of the Test Security Affidavit is required for the following roles:

Superintendent
LEA coordinator
Site coordinator
Test administrator (CAASPP only)
Test examiner
LS correspondence administrator (ELPAC only)
LS data entry (ELPAC only)

Staff who will not have access to TOMS but will have access to testing materials or will be present when testing materials are accessible must complete the Test Security Affidavit for Non-TOMS Users. Non-TOMS Affidavits must be stored locally for the entirety of the administration. LEAs may copy the Non-TOMS Affidavits into an electronic version to aid in getting staff to sign.

The Test Security Agreement (figure 1) or Test Security Affidavit appears when a designated user logs on to TOMS for the first time. Designated users are required to read and sign the stipulations of the required agreements prior to gaining access to TOMS.

Unsigned Test Security Agreement Screen

Figure 1. Test Security Agreement—Unsigned

Figure 2 displays a signed Test Security Agreement.

The signed Test Security Agreement or Test Security Affidavit displays the following information about the user:

Name (first and last)
Assigned role
Administration year applicable to the Test Security Agreement or Test Security Affidavit
Saved signature, in the form of the user’s first and last names, as well as the date and time the signature was applied to the agreement

Security Agreement Screen

Figure 2. Test Security Agreement—Signed

Users will take the following steps to complete the required form:

Log on to TOMS.
Read the entire agreement.
- Select the [SUBMIT] button.
- Select the [PRINT] button to print the signed agreement. (Printing is optional.)
- Select the [CONTINUE] button to continue to the next security form or, if there are no more security forms to sign, to continue working in TOMS.
If a user has multiple roles, select a role.

Log On to TOMS

Take the following steps to log on to TOMS:

Access either the CAASPP website or the ELPAC website, and then select the [Test Operations Management System (TOMS)] button.
When the Logon screen appears (figure 3), enter the username (user’s email address) and password, and then select the [Secure Logon] button.

Figure 3. Log On to TOMS
The user may be prompted to enter a verification code: The two-step verification process is initiated the first time a user logs on to TOMS using a new device or browser.

Figure 4. Verification Process for Access to TOMS
1. The screen (figure 4) requesting an emailed code appears.
2. An email is sent to the user from ca-assessments@ets.org with the required code, which is valid for 15 minutes.
3. The user must enter the code and select [Submit] to gain access to TOMS.
NOTE: The two-step verification process will happen any time the user switches to a new browser, changes devices, or clears the browser cache.

The Welcome to TOMS dialog box (figure 5) displays the user’s name, email address, and the associated role(s). A user can have more than one role but can use only one role at a time.

Figure 5. Welcome to TOMS—Select a Role
Select a role and administration year, and then select the [OK] button.

The user’s selected role and administration year is displayed in the top-right portion of the screen, above the top navigation bar (figure 6).

Figure 6. User Role Display

Change Roles

To change roles without logging off TOMS, select the [Change Role] down arrow [] icon next to “Logged on as” in the upper-right corner (figure 6).
When the Welcome to TOMS dialog box appears (figure 5), select a role and administration year, and then select the [OK] button.

Passwords

A user who is new to the CAASPP and ELPAC must first be added to TOMS by an existing user, and then establish user credentials by creating a password.

The password must follow these rules:

Minimum of eight characters
At least one character from each of the following categories:
- An uppercase letter (A–Z)
- A lowercase letter (a–z)
- A one-digit numeral (0–9)
- A special character (%, #, !, etc.)

Upon creation of the new account, the new user will receive a welcome email from CA-Assessments-DoNotReply@ets.org that contains a link to a secure screen, where a password can be created. The link is found within the email text that reads, “To begin, please verify your identity using the secure verification link to access the Reset Your Password web page.” This step must be taken within 30 minutes of receipt of the email.

Existing users who have had user roles during previous test administration years must reset passwords and security questions to gain access to the current California assessment systems.

Resetting a Password

Existing users will receive an email from ca-assessments@ets.org.

In addition, users will be asked to enter a verification code as part of the two-step authentication process upon the first use of TOMS on a web browser or device. This code is sent from the ca-assessments@ets.org email address. This step must be taken within 30 minutes of receipt of the email.

To reset a forgotten password, access TOMS to request the password reset email. Take the following steps:

Use a web browser to access either the CAASPP or ELPAC website, and then select the [Test Operations Management System (TOMS)] button.

The Logon screen appears (figure 7).

Figure 7. Log On to TOMS
Select the [Forgot Your Password?] link on the Logon screen.

The Reset Your Password screen appears (figure 8).

Figure 8. Reset Your Password
After entering the email address next to the [Email Address] person [] icon and selecting the [Submit] button, check for an email message from ca-‍assessments@ets.org containing the secure link to reset the password.

NOTE: The link expires after 30 minutes. If a message appears saying the link has expired, the user must return to the Reset Your Password screen, enter the user’s email address, and then select the [Submit] button to request a new secure link.
The user will receive an email from ca-assessments@ets.org with a link to reset the password. The link must be used within 30 minutes of receipt of the email (figure 9).

Figure 9. Secure Link Message
When the link is selected, the new Reset Your Password screen appears (figure 10). Enter a new password next to the [Reset Password] amber lock [] icon and reenter it next to the [Confirm New Password] green lock [] icon. The password must follow these rules:
- Minimum of eight characters
- At least one character from each of the following categories:
  - An uppercase letter (A–Z)
  - A lowercase letter (a–z)
  - A one-digit number (0–9)
  - A special character (%, #, !, etc.)
NOTE: If the new password does not match the confirmation password or does not meet the password criteria, an error message will appear.

Figure 10. Reset Your Password—Confirm New Password

When the password has been entered and confirmed, select the [SUBMIT] button.
After the user successfully logs on, the MyTOMS Home screen will appear.

NOTE: After authentication, the TOMS password is valid for the entire test administration year.