Policy on Decisions to Acquire or Develop Software Applications and Services
PURPOSE
This policy is intended to assist campus units in making decisions about software-based technologies and applications to meet their needs and the needs of the university. This policy is intended to reduce both direct and indirect software expenses, to better assess aggregate campus demand for potential site licenses, and to minimize the potential impact of adverse or unintended consequences to the University or its affiliated functional units and auxiliaries. It is important to recognize not only the value of the software to the functional area but also that it must integrate effectively with Cal Poly and CSU requirements for service, support, security, or compliance to regulation or law.
POLICY STATEMENT
Acquisition or development of software applications or services that materially affect the assets, operations, or business continuity of the University, or its ability to comply with existing policies, laws and related regulatory, legal or administrative practices, must conform to established campus standards, guidelines, and practices for making software decisions.
The standards and practices created to implement this policy shall establish the criteria for reviewing and making decisions, provide guidelines for required or recommended reviews and their conduct, and define the roles and responsibilities of those involved in the review process. The criteria shall consider total cost of ownership; security, policy and regulatory compliancy issues; operational and support issues; and integration with existing University services, systems and standards.
This policy shall apply to all software decisions that meet the campus criteria for review, regardless of who initiates the acquisition or funding source.
COMPLIANCE AND OVERSIGHT
The Vice Provost for Information Technology/Chief Information Officer is responsible for application and enforcement of this policy.
This policy and accompanying standards, guidelines and procedures were developed in consultation with campus computing advisory committees. The Information Resources Management Policy and Planning Committee (IRMPPC), and Management Staff when appropriate, shall review this policy on an annual basis or as the need arises, make recommendations for any changes, and provide oversight and periodic review of the practices used to implement this policy. Recommended changes shall be reviewed and approved by the VP/CIO in consultation with the IRMPPC and the President.
The current version of the policy will be posted and maintained on the Cal Poly web site. A hard copy will be available at the Robert E. Kennedy Library Reserve Desk.
POLICY DEVELOPMENT HISTORY
EFFECTIVE DATE |
ACTIONS TAKEN |
March 22, 2007 |
Posted online. Linked to from IT policies, procurement, other websites. Accompanied by related standards, guidelines, and practices. |
Pending, March 2007 |
Approved by President Warren J. Baker |
January 16, 2007 |
|
2003-04 to 2006-07 |
|
|
