Technology Acquisition Review (TAR) Tips

If there is any doubt about whether a TAR is necessary or not, please submit a TAR.

For questions regarding TARs, please do not contact individual analysts who may be out of the office. Please contact the security team at security@sfsu.edu.

Keep your eyes on your inbox. After the request for a TAR security review has been assigned, the ITS Security Team usually responds within 24 hours with approval or questions.

  • Most subsequent delays are the result of customers not responding to our questions.

Maintain Open Channels of Communication

  • Even if you don't have the answers to all our questions, kindly let us know that you're investigating and provide a timeline for getting back to us. In other words, please let the ITS Security team know if there will be any delays in communication when submitting a TAR.

Before making a TAR submission that involves sensitive SF State data (e.g. Level 1 or Level 2) in a cloud service, please acquire the necessary documentation around such a request before launching the TAR process.

Don’t submit a TAR if you’re going to be out of the office following the submission.

  • Open and responsive communication channels go a long way toward expedient processing.

Ensure the best person to answer the required questions submits the TAR.

  • It would be helpful if the person with the deepest understanding of technology conducts the submission. This will minimize impact and help to move the TAR through faster.

Providing Incomplete Information/Description of the Technology Requested

  • Please ensure all information regarding the requested technology is provided so that subsequent data requests are not required. This will minimize impact and help to move the TAR through faster.