Cal Poly
Information Security  
Skip to Content
C a l i f o r n i a   P o l y t e c h n i c   S t a t e   U n i v e r s i t y  
Home > Policies (Information Technology) > Standards, Guidelines and Procedures > Policy on Decisions to Acquire or Develop Software Applications and Services
:: Information Security: Top Ten
:: What Employees Should Know
:: What Everyone Should Know
:: What Technical Support Staff Should Know


:: Policies
:: Report a Violation
:: Contact Us

 
 
Policy on Decisions to Acquire or Develop Software Applications and Services: Standards, Guidelines and Procedures
  • Standards - These are mandatory or required to comply with campus policy
  • Guidelines - These are recommended or suggested to comply with policy
  • Practices - Procedures for complying with policies, standards and guidelines

CSU and Cal Poly policies, including the Policy on Decisions to Acquire or Develop Software Applications and Services, require close review of all software decisions. These standards and practices establish the criteria for reviewing and making software decisions, provide guidelines for required or recommended reviews and their conduct, and define the roles and responsibilities of those involved in the review process.

In developing the criteria, consideration has been given to total cost of ownership, security, policy and regulatory compliancy issues, operational and support issues, and the overall integration of new software with the technical and services architectures, platforms and standards of the University.

STANDARDS (REQUIRED)
  • The Software Decision Process is required for all decisions to acquire or develop software with a Total Cost of Ownership (TCO) exceeding $5,000. TCO is defined as the complete cost of a product or service including the purchase, implementation, integration, and on-going maintenance costs. These costs should encompass all elements of a system including software, hardware, staffing, consulting, etc.
  • This process is required for decisions about software acquisitions that require annual maintenance or support fees.
  • This process is required for donated software or software-based services whose estimated value and/or TCO exceeds $5,000 or that require annual maintenance or support fees.
  • This process is required for software or software-based services that must be integrated with the existing campus information technology infrastructure. This includes but is not limited to Cal Poly’s network, portal, data warehouse, directory, identification and authentication services, applications, storage systems, security systems, central and distributed servers, etc.
GUIDELINES (RECOMMENDED)

  • The Software Decision Process is recommended for the acquisition or development of all software or software based services, regardless of cost.

PROCEDURES
  [return to top]
Cal Poly Home | Cal Poly Find It | Get Adobe Reader | MS Office Converters & Viewers
 


Information Security: Top Ten | What Everyone Should Know | What Employees Should Know | What Technical Support Staff Should Know

Policies | Report a Violation | Contact Us | Search


Last Update:

03/22/2007
Information Security
California Polytechnic State University
San Luis Obispo, CA 93407
805.756.2258
security@calpoly.edu