Summary
This revised software procurement process will simplify and improve our current manual review methods. This effort works to streamline operations, enhance cost-efficiency, ensure regulatory compliance, and elevate management of our software solutions across the board.
Body
Overview
This revised software procurement process will simplify and improve our current manual review methods. This effort works to streamline operations, enhance cost-efficiency, ensure regulatory compliance, and elevate management of our software solutions across the board.
How do I use this process?
This replaces the current manual process of requesting a waiver and emailing multiple groups for review.
- ALL software intended for use on UA owned devices, or that handles UA data must use this process. This includes open source, freeware, SaaS, paid subscriptions, bulk licensing, etc.
- When a university employee would like to obtain NEW software, not currently available to the University community, a request will be made via a new form.
- For currently available software, the UA Software Catalog will identify software available via Self Service through the UA Software Center and will not need to use the new form.
- For currently available software that is NOT in the UA Software Center, a new form will need to be submitted, however it will go through a shorter review process.
- Once the request is approved, the user (and designees) will receive an email that they can move forward with procurement or download.
Roles and Responsibilities
The roles and responsibilities identified below are all persons that are required at various points due to the nature of the software and/or funding involved.
-
Requester: This is the end user of the software. End users are asked to gather as much information from the vendor as possible to include; accessibility documentation, data storage location, geographical location among others as identified during the question sequence. If the person entering the information into the form is NOT the end user - they need to identify the individual and put their name as the requester.
-
IT Service Desks: responsible for ensuring the accuracy of the request details entered. Offers alternatives if there is comparable information. Also reviews for MAU specific software restrictions.
-
Department Approver: responsible for accepting/denying the funds expenditure.
-
Contract Administrator: responsible for the life of the software in the system. This includes being responsible for maintaining the subscription, notifying OIT/Procurement of any changes in its use, and closing out the contract when no longer needed. The revised Contract Administrator Guidelines can be found in the above link.
-
PI/Grant Authority: approves the purchase in accordance with the SOW/Terms and Conditions for their specific grant.
-
Reviewer Groups: reviews the software for their specific functional areas.
-
Disabilities Services: ensures the software is compliant with any accessibility obligations.
-
Registrars: ensures student data is compliant with FERPA.
-
Export Control: ensures the software is compliant with any Federal export control regulations.
-
Federal Tax: ensures that software owned by foreign vendors is compliant with Federal regulations.
-
Contract T&C/EULA: ensures that the terms and conditions are in agreement with UA requirements.
-
Privacy/Data Security: provides the data security, data retention, and data privacy reviews.
-
MAU CIO/CMT Exception Approval: reviews requests for exceptions to this process.
Additional Information