Home | Overview | Initiator Guide | Who Next? | Training | eSARF Login

eSARF Overview


CSUEB's Electronic System Access Request Form (eSARF) is used to manage requests to access many of the systems and applications found on campus. The eSARF application allows:

  • Managers, supervisors, and employees to submit requests for their faculty, staff, student assistants and others to access University systems.
  • Data stewards to designate and approve access levels.
  • The Information Security Officer (ISO) to authorize access.
  • Account stewards to assign and implement access that has been approved.

The eSARF application is also used to provide a record of all phases of the data access process and to comply with requirements of auditors who conduct security reviews.

Initial access to systems and reports will be granted only after other security requirements are fulfilled such as FERPA and functional training. For additional information about data access procedures, please see eSARF Training Requirements or review the University's Information Security site at: http://www.csueastbay.edu/its/infosec/


System and Application Access Which Require a SARF

You can find a listing of systems and applications which require a SARF for access at: https://webapps.csueastbay.edu/secure/eSARF_info/systems.cfm


Areas Of Responsibility and Role Definitions

  • Business Owner of the eSARF system: Information Security Officer
  • Technical Responsibility: ITS - Application Systems
  • End users come from all areas of campus that require access to information systems with sensitive data.


Role Definitions in the Initiation and Approval Process

Below are the roles involved in the eSARF process in the order of actions taken:

  1. Initiator - Creates the eSARF request. The user requiring the access can initiate the eSARF or someone can initiate the eSARF in their behalf. The initiator can request to be notified when the eSARF has been approved.
  2. MPP Approver - Provides management approval of the request. The MPP Approver is not necessarily the immediate supervisor of the user, but the MPP designated as the final approver by the department or division.
  3. eSARF Administrator - Ensures that the user has met all other security requirements, such as FERPA training.
  4. Data Steward (Data Owner) - Approves the access to the requested application systems and reports.
  5. Information Security Officer - Grants final approval.
  6. Account Steward - Creates and/or changes account permissions.
  7. User - Faculty, staff, student assistant or other person for whom the access is being requested. The user receives email advising them that access was granted from the eSARF Administrator.

More information on the eSARF approval process can be found at Who do I send this SARF to Next?


Access to the eSARF

An employee can initiate a SARF at: https://webapps.csueastbay.edu/secure/eSARF/  logging in with his/her NetID and password.



Home | Overview | Initiator Guide | Who Next? | Training | eSARF Login