Purpose

Changes to systems that handle internal and sensitive data requires serious thought, careful monitoring, and follow-up evaluation. This policy outlines the rational, predictable, and consistent way that changes are logged at ACS Technologies Group, Inc. ("ACST"). A change log ensures that ownership and accountability of changes made are properly attributed.

Scope and Applicability

This policy covers all resources that affect critical business processes and assets owned or operated by ACST. This policy also covers any information system that is owned, operated or controlled by ACST.

Policy

A change management log must be maintained for all changes made to ACST servers and information systems. At a minimum the log must contain, but is not limited to:

• Date of submission

• Date of change

• Nature of the change

• Identity of those making the change

Enforcement

Any employee found to be in violation of this policy may be subject to corrective action, up to and including termination of employment.

Variance Process

The Chief Ventures Officer is responsible for the review, documentation, and management of any and all exceptions to this policy.