Learn about the roles played by the person requesting software, IT staff, and the review team, how requests will be evaluated, and a rough timeline for the process.
A version of the VAR in Microsoft Word is available for your convenience.
Outcomes: Final disposition of software review.
Next Steps:
The time required for a review can vary based on a product's complexity and availability of the required documentation. Complexity may include additional documentation review, testing of software, use case, etc.
Please allow adequate time for the software review and additional time if the product is a new purchase or renewal as procurement may have other requirements and reviews to process.
| Data Type | Software | Description | Outcome |
|---|---|---|---|
| Cat 1 | MySQL Enterprise | Database server system | Cleared: Runs on IT-supported equipment, protected by firewalls, patched regularly. |
| Cat 1 | GitHub | Code repository with local or cloud options | Cleared with conditions: The data it includes might include passwords or impact operations of UB's infrastructure, may be used to collaborate with external vendor, so UBIT is pursuing a centrally-supported enterprise implementation. Departments are allowed to use GitHub independently in the meantime. |
| Cat 1 | KeePass | Desktop application that stores user's passwords (CAT1 data) | Rejected: Unable to obtain documentation necessary to review. |
| Cat 2 | Avant Assessment | Cloud product for language proficiency assessment | Cleared with conditions: While the product takes appropriate steps to secure data, its Single Sign-on solution needs to be updated to work with UB's systems within one year. |
| Cat 2 | LabFlow | Cloud product that integrates with Brightspace | Cleared: UB Learns team approved integration before request was submitted, vendor provided requested documentation, user interactions are protected by UBIT login. |
| Cat 3 | Calendly | Cloud product for scheduling, integrates with MS365 | Rejected: Vendor captures more than Cat 3 data; duplicates functionality UBIT already provides through Microsoft Bookings / Bookings for Me / FindTime. |
| Cat 3 | LabView | Desktop software that communicates with lab equipment | Cleared: No integrations with cloud services, vendor provides updated versions of the software. |
| Impact | Software | Description | Outcome |
|---|---|---|---|
| High | SONA | Software to perform experiments for research in a lab, controlled environment | Cleared: Accessibility testing found minimal issues. Vendor is committed to remediation of issues. |
| High | Career Leader | Career assessment tool | Cleared with conditions: Significant accessibility issues identified. Vendor quickly remediated the issues prior to purchase of the software. |
| High | Interview Query | Job interview preparation for data science and business analytics students | Rejected: Serious accessibility issues identified that will present barriers to people with disabilities. |
| Medium | UbiSim | Immersive virtual lab simulations | Exception Granted: No other vendor provides the content and functionality of this product. The department has an Equity Effective Alternative Access Plan in place to provide timely access to students who cannot access the platform due to a disability. |
Reg Flags are common indicators that a software package may pose significant risk to the university in one or more of the following areas:
Understanding these may help you choose more appropriate software.