IT Standard: Electronic and Information Technology (E&IT) Decisions - Responsibilities

  1. E&IT Process Liaison (ITS-ES)
  2. Campus Section 508/E&IT Compliance Officer (IS-OCIO)
  3. Campus Information Security Officer (IS-OCIO)
  4. VP/CIO or Designee (IS-OCIO)
  5. University Technology Governance Council (UTGC)
  6. Department/Requester/Admin Support
  7. Campus IT Coordinator (Local IT Support)
  8. Information Security Coordinator (College/Division)
  9. Contracts and Procurement Buyer (AFD)
  10. Vendor/Contractor/Developer
  11. Disability Resource Center (Student Affairs)
  12. Human Resources/Office of Equal Opportunity
  13. Accessible Technology Specialist (CTLT)

E&IT Process Liaison (ITS-ES)

  • Serves as campus contact to answer questions regarding the E&IT review process
  • Ensures that E&IT checklists and related documentation, reviews and approvals are complete
  • Reviews and approves E&IT products/services for compliance with campus technical standards
  • Documents findings and requests clarification or additional information as needed
  • Escalates issues and concerns to the VP/CIO or designee for resolution as needed
  • Coordinates periodic reviews, updates and changes to the E&IT review standards and practices
  • Maintains the E&IT review database and coordinates campus reporting
  • Coordinates campus communication/outreach/training on the overall E&IT review process
  • Serves as E&IT review consultant/expert in competitive bid processes, e.g., RFP development
  • Serves as backup to the Section 508 Campus E&IT Compliance Officer

Campus Section 508/E&IT Compliance Officer (IS-OCIO)

  • Serves as point of contact to answer accessibility related questions throughout the process
  • Reviews and approves E&IT products/services for compliance with Section 508 requirements
  • Evaluates Vendor-provided accessibility compliance documentation, e.g., VPAT, and requests clarifications or additional information as needed
  • Documents findings, grants exceptions, and requests additional documentation as needed
  • Escalates issues and concerns to the VP/CIO or designee for resolution as needed
  • Develops and maintains accessibility related forms and related process documentation
  • Reviews and approves Equally Effective Alternative Access Plans (EEAAP)
  • Ensures that all ATI-related documents have the required approvals
  • Consults with buyers to develop accessibility language for incorporation into bids and contracts
  • Coordinates campus communication/outreach/training on accessibility reviews

Campus Information Security Office (IS-ISO)

  • Serves as point of contact to answer information security related questions during the process
  • Establishes criteria for reviewing E&IT products/services for information security compliance
  • Reviews E&IT Checklist and related security documentation, including exception requests, and notes findings, raises questions or concerns, and makes recommendations where applicable
  • Develops and maintains information security forms and related process documentation
  • Consults with requester/others regarding campus information security requirements
  • Consults with buyers to develop security language for incorporation into bids and contracts
  • Coordinates campus communication/outreach/training on information security reviews

VP/CIO or Designee (IS-OCIO)

  • Provides management oversight of the E&IT review policy and related standards and practices
  • Presents E&IT projects and initiatives requiring ITS resources to UTGC for review and approval
  • Facilitates executive level discussions regarding technology decisions
  • Serves as escalation point to resolve conflicts or concerns raised during the review process, e.g., impact on ITS/other resources, consistency with established priorities/initiatives, etc.
  • Reviews and approves exception requests to this and other IT policies and standards
  • Reviews and approves E&IT decisions submitted by ITS management

University Technology Governance Council (UTGC)

  • Reviews proposed E&IT projects and initiatives for alignment with and potential impact on university resources, optimal use of campus IT resources, and opportunities for leveraging technology across campus
  • Establishes priorities for E&IT projects and initiatives involving ITS/campus resources
  • Recommends changes to related policies, standards and practices

Department/Requester/Admin Support

  • Establishes functional requirements for the E&IT product/service being acquired
  • Conducts market research and identifies the E&IT product/service that best meets needs
  • Selects the most accessible product available that meets the functional requirements
  • Consults with management, local/central IT and other affected campus entities regarding potential impact and fit with existing priorities, e.g. Unit/Division Roadmap, etc.
  • Obtains accessibility documentation from the vendor if available
  • Obtains security compliance documentation from vendor if applicable; works with local IT and Information Security (IS) coordinators to review for accuracy/completeness; otherwise, consults with ISO as needed
  • Obtains and records departmental approvals, e.g., IT/IS Coordinators, management
  • Submits completed E&IT Checklist and related documentation
  • Consults with E&IT reviewers as needed to provide clarifications or additional information
  • Develops and implements mitigating security controls and accessibility accommodation plans for non-compliant products/services, e.g., Security Exception Requests, EEAAP, etc.
  • Works with SBSS to submit appropriate purchasing documentation
  • Works with vendors to update compliance documentation as needed

Campus IT Coordinator (Local IT Support)

  • Provides technical expertise and assistance with the planning, purchase and deployment of E&IT
  • Assists department/requester in developing functional and technical requirements
  • Assists department/requester in conducting and evaluating market research
  • Assists department/requester in evaluating/testing the selected product/service for compliance with CSU/campus requirements, e.g., accessibility, security, etc.
  • Helps determine if a product or service requires ITS or other campus support and facilitates discussions with those units to assess potential impact
  • Evaluates Vendor documentation for completeness and accuracy and notes any compliance variances or other concerns prior to submitting it for E&IT review
  • Consults with ITS, OCIO, ISO or others as needed
  • Submits requests for related enterprise IT services, e.g., authentication, app data, DNS, etc.

Information Security Coordinator (Division/College)

  • Provides management oversight of E&IT purchases from an information security perspective
  • Ensures completion and submission of security related documentation as needed

Contracts and Procurement Buyer (AFD)

  • Reviews E&IT purchases to ensure all procurement requirements have been met
  • Reviews contract language, including terms and conditions, general provisions, scope of work, insurance, sole source, etc.
  • Reviews requisitions and statements to determine if a product or service is considered E⁢ if yes, directs requesters to complete the E&IT review process
  • Ensures that E&IT review requirements are incorporated into competitive bid process, e.g., RFPs
  • Completes all authorized purchases of E&IT products and services
  • Maintains records and documentation of procured E&IT products/services
  • Establishes contracts with third-party consultants to perform conformance testing
  • Coordinates campus communication/outreach/training on related purchasing processes

Vendor/Contractor/Developer

  • Provides or completes required documentation to facilitate completion of campus reviews
  • Provides sample of product or services for testing or demonstration of compliance as needed
  • Works with the campus to mitigate identified technical and compliance issues and concerns

Disability Resource Center (Student Affairs)

  • Provides expert guidance on accommodations and assistive technologies to provide students with disabilities with equal access to university programs and services
  • Provides expertise as a consultant in identifying potential issues that result from the interaction between the product/service and individual user, including testing for accessibility compliance
  • Assists departments/requesters in preparing Equally Effective Alternate Access Plan (EEAAP)

Human Resources/Office of Equal Opportunity

  • Provides expert guidance on accommodations and assistive technologies to provide employees with disabilities with equal access to university programs and services
  • Assists departments/requesters in preparing Equally Effective Alternate Access Plan (EEAAP)

Accessible Technology Specialist (CTLT)

  • Provides expertise as a consultant in identifying potential issues that result from the interaction between the product/service and individual user, including testing for accessibility compliance
  • Facilitates use of available tools for testing products and services for accessibility compliance

 

Return to IT Standard: E&IT Decisions Main Page

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips