Enterprise Software Definition
Enterprise Software is defined as any software where:
- CIS support is expected or required during the procurement, implementation, or at any time thereafter
- The software/system (locally or remotely hosted) will house, and/or require access institutional data. See Institutional Data Policy.
- Integration or data extracts to or from other enterprise data systems (Banner, Canvas, Raisers Edge, etc.) is needed
- Institutional credentials and identity management systems are used
- The software is a SaaS, IaaS, or PaaS cloud hosted platform with a contract
- CIS supported and maintained servers are being used
CIS Role and Involvement
CIS has the responsibility for ensuring any new software acquisition fits within the campus's existing technology ecosystem and does not create undue cybersecurity risks
CIS Involvement in Enterprise Software Procurement
Involving CIS early and often is the best strategy to ensure that software projects and implementations are successful. There are many areas CIS can provide assistance including:
- "Heads-up" - you are casually looking for a software solution, you saw a demo, a product was recommended by a peer. CIS may have knowledge about the vendor, the product, or other possible systems.
- Do we already have a potential software solution? CIS already supports move than 75 enterprise software systems. An existing investment may already meet your needs.
- Product requirements, requests for proposals, software reviews, technical and functional assessment, vendor assessments, and final product selections? CIS has assisted in many projects and have established valuable procedures to assist you. Take advantage of that expertise.
Technology Risk and Compliance
New enterprise software and cloud services must be reviewed by CIS and the Office of Risk Management to ensure it falls within an acceptable risk tolerance for the University. Cloud services vendors must submit a Higher Education Community Vendor Assessment (HECVAT) to CIS for review and approval prior to the University entering into contract. All new software and cloud services will be reviewed to ensure they meet or exceed the Institution's technology and data regulatory compliance obligations.
Accessibility
CIS must verify vendor services are consistent with federal civil rights and accessibility laws, specifically Section 504 of the Rehabilitation Act of 1973 and the Americans with Disabilities Act Amendments Act (ADAAA).
Enterprise Software Acquisition Process
Departments or individuals interested in purchasing enterprise software systems (described above) should contact Computer & Information Systems prior to purchasing the software or entering into any agreement with a vendor to use the software either remotely or locally. The steps outlined below can guide a department through the process of considering, selecting, purchasing, and implementing enterprise software solutions. CIS can assist in many ways along this process.
Follow these procedures:
- What are your software requirements: Describe the business or functional requirements. What are the needs to be addressed? What data is required and does that data already exist? What departments and/or campus users will interact with the software?
- Review existing systems and solutions: Can the business or functional requirements be met with existing systems or solutions? Can departmental processes or procedures be adjusted to meet your functional requirements without going through an additional software procurement process?
- Determine departmental and institutional strategies and goals: Once a clear statement of business requirements has been completed, and a review of existing systems and solutions has determined that your requirements can't be met with current systems – the department needs to determine whether a new enterprise software solution should be considered. This may involve broad campus discussions, institutional priorities, budget/financial considerations, availability of department skills and resources, availability of centralized CIS programming and implementation resources.
- Vendor and product reviews: There are often many products that could be implemented to meet your business and functional requirements. Due diligence is required to measure and evaluate product and vendor quality, sustainability, cost/benefit considerations, data use and integration, implementation requirements, local vs cloud/remote hosting, and other issues. Some products may deliver full functionality "out-of-the-box" while other solutions may require extensive data integration.
- CIS technical evaluation and assessment: Prior to an enterprise software procurement CIS must evaluate the software to determine resource requirements, compatibility with other University systems, integration capabilities, security challenges, impact on Institutional Data Policy and confirm that there are no existing University systems that provide equivalent functionality.
- Licensing agreement legal and contract review: Software license agreements and contracts need to be reviewed by the Office of Risk Management, Computer and Information Systems, and signed by the appropriate signature authority. Implementations will not proceed until review has been completed.
- Procurement financial considerations: Throughout the software procurement process the financial and budgetary costs should be assessed. These costs should include the initial procurement costs, implementation, hardware costs and requirements, data integration and data conversion costs, product customization costs (initial efforts plus future efforts as upgrades are made), ongoing software maintenance and implementation costs, any staffing costs (internal to the department, or an impact on centralized CIS staffing).
- Implementation and project management: Completing the enterprise software procurement (as described above) is only the fist step. Decisions and priorities around enterprise software implementation need to be included at each step along the procurement process. CIS also provides more details on /wiki/spaces/CIS/pages/36143562 on this page.
Non-Compliance With Acquisition Process
The procurement of enterprise software (as defined above) requires the support and involvement of CIS. Departments or individuals who ignore or fail to contact CIS for the appropriate level of enterprise software support may be restricted from full operation or use of those software system functions. This may include data integration, credential integration, sever and storage resources, or CIS programming or system administration activities.
Technical Support and Resourcing
If the system requires additional resources for server hosting, software licensing, and/or any other services associated with operating a given software application or system, CIS may charge the requesting department or academic unit annual cost recovery fees corresponding to those resources. This will be determined by CIS on a case-by-case basis.