Software and Web-based Services Review Process

Learn about the roles played by the person requesting software, IT staff, and the review team, how requests will be evaluated, and a rough timeline for the process.

On this page:

Roles and Responsibilities

Review Completion

Outcomes: Final disposition of software review.

  • Cleared: Product aligns with policies, security standards, and accessibility requirements and may be acquired and/or used
  • Cleared with Conditions: Product aligns with polices, security standards and accessibility requirements but also needs to comply with conditions, requirements, or restrictions for acquisition/use
  • Rejected: Product does not align with policies, security standards and/or accessibility requirements and may not be acquired or used

Next Steps:

  • Provide Cleared Review Outcome email notification and Web-based Services and Software Under $50,000 Pre-purchase Form to Purchasing to complete purchasing process.
  • Contact service area provider for implementation if needed (add-ins, SSO, integration, etc.) and provide Cleared Review Outcome email notification as proof of Cleared review outcome.

Review Timeframe

The time required for a review can vary based on a product's complexity and availability of the required documentation. Complexity may include additional documentation review, testing of software, use case, etc.  

  • Low complexity: 1 - 2 weeks
  • Medium/high complexity: 3 - 5 weeks

Please allow adequate time for the software review and additional time if the product is a new purchase or renewal as procurement may have other requirements and reviews to process.

Examples

Red Flags in the Software Review Process

Reg Flags are common indicators that a software package may pose significant risk to the university in one or more of the following areas:

  • Accessibility
  • Data Security
  • Compatibility with university IT infrastructure
  • Vendor support

Understanding these may help you choose more appropriate software.