Quick Tips for Your Review Request
Get IT involved early
Engage with the IT department early in the review and purchase process to ensure a smoother and faster compliance review. They can help you identify any additional information that you might need to ask your vendor representative during the purchase process.
Address research system configuration early
For research-related IT purchases, consider compliance aspects like access attribution, operating system security, standard user privilege, centralized logging, and external dependencies early in the process. Data security concerns surrounding how your data is protected surface quickly if the solution includes artificial intelligence or cloud. Have a good understanding of how the third party will handle your data. This will prepare you for any questions regarding data during the review and help avoid delays and ensure a smoother compliance review.
Communicate with IT for time-sensitive requests
If an IT purchase request is time-sensitive, communicate this clearly to the IT department. While it does not guarantee that the process can be rushed, it allows for better planning and prioritization on their end.
Submit complete and accurate requests
When submitting a request for IT product or service approval, ensure that all necessary information is included and accurate. This includes details about the product or service, its intended use, cost, funding source, and any relevant vendor information.
Be prepared to provide additional documentation
Depending on the complexity of the IT product or service, be prepared to provide additional documentation such as vendor security assessments, data processing agreements, or other compliance-related materials. This proactive approach can help avoid delays in the review process.
If your instrumentation comes with software, dedicated computer system, or other item that is identified as being an IT related purchase, get as much information from your vendor representative upfront. We have provided guides that help to identify additional information that might be required.
For Researchers For Educators For Administration and Support Teams
Be aware of vendor responsiveness
The time taken for compliance review can also depend on the vendor's responsiveness in providing necessary documentation. Choosing vendors known for their timely cooperation can contribute to a faster overall process.
Understand data classification requirements
Familiarize yourself with the university's data classification system (DCL) and ensure that the IT products and services being purchased adhere to the security requirements for the specific data classification level they will be handling.
Work with IT for certain purchases
Even for items that do not require approval, it is recommended to work with the IT department, especially for items like flash drives. This ensures compatibility with the university's technology environment as well as cost saving and helps avoid potential issues later.
Use pre-approved purchases or existing solutions
Utilizing pre-approved items can significantly reduce the time spent in the compliance review process. Before purchasing new software, review the university's software technology catalog to see if an existing solution can meet your needs. This can save time and costs associated with purchasing and implementing a new system.
Leverage existing site licenses or contracts for software purchases as they often do not require CIO approval, although purchasing through the IT department might still be necessary.
Utilize the Show Me Shop
Using the Show Me Shop to purchase IT products and services can expedite the process. This is because the shop automatically submits items for review in the checkout process.