Skip to Knowledge Base content

Requesting a Software Purchase/Acquisition

Description

This article describes the workflow and processes for the approval of Software Acquisitions and Purchasing.

Workflow/Process Steps and Responsibilities

To request a software acquisition or purchase, select the Service titled Software - Purchase Request (click to view) in the TeamDynamix Service Catalog (listed under the sections Hardware, Software, and Printing|Software Support and Licensing”). 

You will use this form for both “productivity” type software, such as Microsoft Project, Microsoft Visio, Adobe (and others) and shared use, enterprise software, such as TeamDynamix.  Single user, productivity type software that only requires a simple purchase, goes directly to the OIT purchasing group and does not require extensive audit and reviews.  Enterprise/shared/web-based software acquisitions require relatively extensive audits and approvals.

For any software application, whether it is web/cloud or ISU hosted application that requires (1) contract approval or (2) an ISU Portal badge is considered an "Enterprise/Shared/Web-Based License Software" application and must go through the approval audits and technical reviews.

To start the acquisition/purchasing request, select “Begin Software Purchase” and complete the service request administrative information-through “Type of Purchase”.  Follow the steps below depending on whether you are requesting productivity software or an enterprise/shared/web-based license.

Productivity Software

  1. In the “Type of Purchase” field, select “Productivity/License Only”.
  2. In the “Productivity Software Name” select one of the pre-defined options
  3. If the software you want to purchase is not listed select “Other” and provide the name of the software application.
  4. Click “Request” after you have provided information in all the required fields.

The system will route your request to the OIT Technology Support Services (TSS) office for approval and purchasing.  For productivity software, you can expect the approval and purchasing to take no more than 10 business days.

Enterprise/Shared/Web-based License Software

To request the purchase or acquisition of software that requires contracting and approval as you complete the request form:

  1. In the “Type of Purchase” field, select “Shared/Enterprise/Web-based”.
  2. Provide information in the displayed fields. 
  3. Click "Request" to begin the approval process.

The system will route your request to the OIT Technology Support Services (TSS) office, who will begin the approval process.  Due to the extensive nature of the approval process, you can expect that the approval and purchasing process will take up to 30 working days. 

Note:  If the implementation of the software requires OIT support, or an OIT project, the IT Governance Council will need to approve and prioritize the acquisition and project, which may result in the acquisition and implementation falling outside the requested need date.

The following diagram illustrates the approval process workflow:

Software Acquisition Approval Workflow

If necessary, each responsible unit will collaborate with the Client to capture the necessary detail in order to complete the audit/review and the workflow has the following stages:

Stage 1:  Initiation and Verification

OIT Technology Support Services (TSS) will review the acquisition intake information, and work with the Client to verify that all required information has sufficient detail to proceed with the approval process.

Stage 2: Initial Audit

This stage contains the initial contracting, security, and PCI-DSS audits to ensure that the requested application environment adheres to ISU policy, guidance, and constraints. Each of these units will provide any changes in contracting language as part of the service request ticket. If required, these units will collaborate with the Client and Vendor to capture and specify all necessary information.

Based on these units audit, these units have the authority to disapprove the software acquisition based on contracting, security, or privacy reasons.  The following stages of the process will not proceed until all of the Audit authorities approve and pass the audit.

  • ISU-Contracting evaluates the initial contract to determine adherence to legal and other acquisition standards.
  • TIS-Security evaluates the application and its environment to ensure security measures are in place to protect the integrity of the ISU environment, staff, faculty, and students.  Security reviews the application to ensure HIPPA policy and guidelines are enforced.
  • PCI-DSS reviews the application and its environment to ensure all credit card and data security standards are satisfied.
  • FERPA reviews the application and its environment to ensure there is no unprotected FERPA information that will be stored or exposed to unauthorized people.
  • HIPPA reviews the application and its environment to ensure there is no unprotected HIPPA information that will be stored or exposed to unauthorized people.

Stage 3: Unit Reviews

Once the initial audits are complete and approved, the following ISU units will review the application and environment to ensure the ISU environment can support the requested application and environment.

These units, by themselves, do not have the authority to disapprove or approve an acquisition but the failure to pass a unit review will require collaboration with the other units on the impact and may affect the final approval of the acquisition. 

  • FERPA/ORR determines what FERPA data that the application uses and how the application stores and uses the FERPA data.
  • TSC Support determines the application support requirements that might be required of them, if any, and confirms compatibility of non-server related hardware support needed.
  • Banner/ICS determines whether any Banner integration is required, and if required the scope of the integration.
  • DBA/ICS determines data input/output and any local database requirements and whether the existing environment can support the application/environment.
  • Hardware/TIS determines any infrastructure or server hardware requirements and whether the existing environment can support the application/environment.
  • Project/OIT-PMO determines if the work effort required for the integration of the application into the ISU environment warrants the initiation of a project and whether the IT Governance Council needs to approve the acquisition and implementation.
  • TDX Service/TD Admin evaluates whether the software application needs integration into the Team Dynamix Service Catalog, or whether any acquired assets need to be identified as Configuration Items and controlled by the Configuration Control process.
  • Knowledge Base/OIT-KB determines if any knowledge base articles will need to be created and distributed.
  • Portal/TIS determines the requirements for ISU Portal badges and single sign on authentication requirements.

Stage 4: Contracting and Procurement

Once all the audits have been approved, and once all the units have successfully completed their reviews, the ISU Contracting will finalize the contract and procure the application.

 

Was this helpful?
0 reviews

Details

Article ID: 38810
Created
Fri 9/8/17 10:56 AM
Modified
Fri 9/8/17 11:33 AM