Division:
Administration & Finance
Department:
Information Technology Services
Contact Information:
Nish Malik / Chief Information Officer, San Francisco Bay Region Network / (415) 405-4105 / nish@sfsu.edu
Effective Date:
Tuesday, June 1, 2010
Revised Date:
Friday, February 20, 2026
Authority:
Objective:
This Policy defines requirements for system change management for SF State owned information technology systems, network resources and applications.
Statement:
Purpose and scope
This Policy defines requirements for system change management for San Francisco State University-owned information technology systems, network resources (such as switches, routers and firewalls) and applications.
Policy:
All information technology systems, network resources and applications owned by San Francisco State University will be administered according to a documented and management approved change control process.
Changes made to information technology systems, network resources and applications will be documented in a change management system, reviewed and have documented approval by a designated change control authority as defined in the SF State change control guidelines before being put into production.
A selective review of configuration changes will be performed periodically to verify accountability and identify misconfigured information technology systems, network resources and applications.
Non-Compliance
Noncompliance with applicable policies and/or practices may result in suspension of access privileges. In addition, disciplinary action may be applicable under other University policies, guidelines, implementing procedures, or collective bargaining agreements.