CSUEB's Electronic System Access Request Form (eSARF) is used to manage requests to
access many of the systems and applications found on campus. The eSARF
- Managers, supervisors, and employees to submit requests for their
faculty, staff, student assistants and others to access University systems.
- Data stewards to designate and approve access levels.
- The Information Security Officer (ISO) to authorize access.
- Account stewards to assign and implement access that has been
application is also used to provide a record of all phases of the data access
process and to comply with requirements of auditors who conduct security
to systems and reports will be granted only after other security requirements
are fulfilled such as FERPA and functional training. For additional information
about data access procedures, please see eSARF Training Requirements or review the University's Information
Security site at: http://www.csueastbay.edu/its/infosec/
System and Application Access Which Require a SARF
You can find a
listing of systems and applications which require a SARF for access at: https://webapps.csueastbay.edu/secure/eSARF_info/systems.cfm
Areas Of Responsibility and Role Definitions
- Business Owner of the eSARF system: Information Security Officer
- Technical Responsibility: ITS - Application Systems
- End users come from all areas of campus that require access to
information systems with sensitive data.
Role Definitions in the Initiation and Approval Process
Below are the roles involved in the eSARF process in the
order of actions taken:
Initiator - Creates the eSARF request. The user requiring the
access can initiate the eSARF or someone can initiate the eSARF in their
behalf. The initiator can request to be notified when the eSARF has been
MPP Approver - Provides management approval of the request. The
MPP Approver is not necessarily the immediate supervisor of the user, but the
MPP designated as the final approver by the department or division.
eSARF Administrator - Ensures that the user has met all other security
requirements, such as FERPA training.
Data Steward (Data Owner) - Approves the access to the requested
application systems and reports.
Information Security Officer - Grants final approval.
Account Steward - Creates and/or changes account permissions.
User - Faculty, staff, student assistant or other person for whom
the access is being requested. The user receives email advising them that
access was granted from the eSARF Administrator.
More information on the eSARF approval process can be found at Who do I send this SARF to Next?
Access to the eSARF
An employee can initiate a SARF at: https://webapps.csueastbay.edu/secure/eSARF/
logging in with his/her NetID and password.