Form TECH358 "Security Policy/Standard Exception Request Form" - California

What Is Form TECH358?

This is a legal form that was released by the California Department of Technology - a government authority operating within California. As of today, no separate filing guidelines for the form are provided by the issuing department.

Form Details:

  • Released on July 1, 2013;
  • The latest edition provided by the California Department of Technology;
  • Easy to use and ready to print;
  • Quick to customize;
  • Compatible with most PDF-viewing applications;

Download a printable version of Form TECH358 by clicking the link below or browse more documents and templates provided by the California Department of Technology.

ADVERTISEMENT
ADVERTISEMENT

Download Form TECH358 "Security Policy/Standard Exception Request Form" - California

756 times
Rate (4.4 / 5) 38 votes
STATE OF CALIFORNIA
CALIFORNIA DEPARTMENT OF TECHNOLOGY
DATA CENTER SERVICES
SECURITY POLICY/STANDARD EXCEPTION REQUEST FORM
TECH 358 (REV. 07/2013)
This form provides the Data Center Services (DCS), Security Management Division (SMD), with the
information needed to properly analyze security exception requests for security policies, standards and
requirements.
Please reference “3502 - Information Security Exception Request” for information regarding the exception
request procedure.
Requestor’s Name:
Phone Number:
Exception Request Title:
Division/Unit or Customer Agency:
Policy/Procedure or Requirement for
which the exception is being requested:
A. Provide an explanation of the exception request. Describe the technical description of the
environment that will exist with the exception. Include specific details such as user IDs, server names
and IP addresses.
B. Explain the reason for requesting the exception and consequences if not granted.
C. Explain the security risk(s) if the exception is approved. Include risks to all stakeholders.
D. Summarize the mitigation to minimize or compensate for the exception risk(s).
Page 1 of 2
STATE OF CALIFORNIA
CALIFORNIA DEPARTMENT OF TECHNOLOGY
DATA CENTER SERVICES
SECURITY POLICY/STANDARD EXCEPTION REQUEST FORM
TECH 358 (REV. 07/2013)
This form provides the Data Center Services (DCS), Security Management Division (SMD), with the
information needed to properly analyze security exception requests for security policies, standards and
requirements.
Please reference “3502 - Information Security Exception Request” for information regarding the exception
request procedure.
Requestor’s Name:
Phone Number:
Exception Request Title:
Division/Unit or Customer Agency:
Policy/Procedure or Requirement for
which the exception is being requested:
A. Provide an explanation of the exception request. Describe the technical description of the
environment that will exist with the exception. Include specific details such as user IDs, server names
and IP addresses.
B. Explain the reason for requesting the exception and consequences if not granted.
C. Explain the security risk(s) if the exception is approved. Include risks to all stakeholders.
D. Summarize the mitigation to minimize or compensate for the exception risk(s).
Page 1 of 2
E. When will compliance occur? (Non-compliance will require annual exception renewal)
AUTHORIZATION
Requestor’s Manager/Supervisor
Date
Phone Number
Printed Name (if applicable)
Note: Supervisor/Manager approval via the Service
Request process is the manager’s approval for this security
Approved
Disapproved
exception request. By approving, you approve and will
adhere to the conditions of the exception request.
Requestor’s ISO Printed Name
Date
Phone Number
Note: ISO approval via the Service Request process is the
Approved
Disapproved
ISO’s approval for this security exception request. By
approving, you approve, will adhere to the conditions of the
exception request, and accept any security risk to your data
or system as a result of this security exception request.
Conditional Approval
Comments:
DCS ISO Printed Name (if different
Date
Approved
Disapproved
from the requestor)
Conditional Approval
Comments:
Exception Request Expiration Date (a maximum of 12 months) :
Submit completed form to the DCS Security Management Division via a Service Request.
Please contact your DCS Customer Delivery Representative for assistance submitting a Service Request.
Page 2 of 2
Page of 2