The Architectural Standards Review Board (ASRB) is responsible for reviewing, verifying compliance, and providing recommendations with regards to new and upgrade software and hardware procurement projects. The purpose of the ASRB process is to communicate business needs to ITS and other stakeholders. The university and ITS may already have supported software or hardware available that may be used. Additionally, the university and ITS may have existing contacts with various vendors that can expedite the procurement process.
Prior to purchasing or making changes to software or hardware that will impact data management, storage, dissemination, security, involve controlled unclassified or sensitive data, or impact user experience, and in order to comply with Mason's procurement policy, the ASRB process should be initiated via a request which can be submitted via Architectural Standards Review Board (ASRB). Once your request has been processed, you will receive a confirmation email with an assigned ticket number. The ticket number is used to identify your request across all review groups and organizations.
Please note that significant architectural changes to software, such as moving the software to a cloud-based solution may require ASRB review.
For questions, please contact the ASRB via email at firstname.lastname@example.org.
Preparing for ASRB Review
The following artifacts can be prepared in advance of the ASRB review to facilitate and expedite the process. Some of the documents are mentioned in specific review sections.
- Data dictionary for any data gathered and/or stored in the solutions (SIA provides templates upon request).
- Data definition and justification for any data requested from Mason systems or offices.
- Data integration documentation specifying, but not limited to:
- transmission method(s)
- vendor supported integration method(s)
- supported file format(s)
- API information
- Business process and data flow diagrams for complicated solutions.
- Architecture diagram showing the proposed solution architecture and proposed integration.
- Vendor security model/design document(s).
- Educause Higher Ed Cloud Vendor Assessment Tool, if applicable
- Assistive Technology Initiative's Vendor Assessment
Several organizations may be a part of the ASRB review process and will have specific areas of the request they will be reviewing. Requirements specific to each organization may be found in the following:
- Solution Integration and Architecture (SIA)
- Project Management Office (PMO)
- Enterprise Applications (EA)
- Enterprise Infrastructure Services (EIS)
- Information Technology Security Office (ITSO)
- Assistive Technology Initiative (ATI)
- The owner of any data requested, if applicable (e.g., HR, Registrar, Finance, etc.)
- Other Departments
All users of the George Mason University network must adhere to the following policies:
If you are purchasing or changing administrative or academic software and/or hardware, the following policies may be applicable:
- University Policy Number 1307: Procurement and/or Development of Systems/Applications
- University Policy Number 1201: Non-Discrimination Policy
- University Policy Number 1203: Non-Discrimination and Reasonable Accommodation on the Basis of Disability
- University Policy Number 1308: University Information Technology Accessibility
Commonwealth of Virginia Law and Regulation:
NIST 800-171 Compliance:
NIST 800-53 Rev. 4 Compliance
Federal Disability Laws and Regulations: