Information Technology

Change Advisory Board (CAB) Policy

Responsible Official: Chief Information Officer
Responsible Office: Information Technology
Effective Date: 2025-10-03
Last Revision Date: 2026-01-30

Associated Documents

• Change Advisory Board (CAB) Procedure
• Change Advisory Board (CAB) Standard

Purpose
The Change Advisory Board (CAB) provides oversight and recommendations for IT changes to ensure that they are properly reviewed, authorized, and aligned with business requests and objectives. The CAB aims to minimize risk and disruption while facilitating the smooth implementation of necessary IT changes to Reed’s shared networked environment.

Scope
This policy applies to all proposed changes to IT systems, services, infrastructure, and applications that may impact operations, performance, or security.

Policy Statement
All significant changes to production IT systems, including software, hardware, networks, and security configurations, must be documented, assessed for risk, and approved prior to implementation. Review effort must be proportional to the potential impact on college operations.

Compliance

• Policy Compliance: Compliance with this policy is required for all people, items, or systems outlined in the scope. 
• Policy Review: This policy shall be reviewed and updated periodically to reflect changes in technology, threats, and legal/regulatory requirements.
• Non-Compliance: Violations of this policy may result in disciplinary actions in accordance with Reed’s misconduct and disciplinary processes, up to and including termination of employment and legal action where applicable.

Policy Exceptions

Any exceptions to this policy must be approved by the Chief Information Security Officer and IT Leadership.