It has come to OIT’s attention that software is being purchased/renewed without routing to the Office for the required information technology security review. As a reminder, when a software product is purchased or renewed, several required forms must be completed and reviewed at the campus level, attached to the CUNYBuy requisition, and then reviewed by CUNY Central prior to the vendor providing access to its software. This has been the established process all along and is necessary to ensure compliance with institutional policies and proper approval workflows, but multi-step review and routing has only recently become a part of the CUNYBuy workflow approval process.
The online documents (OITS Proposal Request Form and Information Security Review Form, v 1.5) are the documents that must first be reviewed approved by Michael D’Eredita, before uploading to a CUNYBuy requisition. This will ensure that the requisition approval workflow is not subject to any delays in processing or approval. The Information Security Review Form is subject to ongoing updates–please note that the most up-to-date version of the form will be maintained on the homepage of CUNYBuy.
Once OIT confirms its approval, the forms can then be uploaded to a CUNYBuy software requisition. If the software requires further security review, Central will automatically be notified through the requisition workflow. Non-compliance with this process may result in significant delays, and will prevent your Department from getting the software it needs within its desired time frame.
Thank you for your assistance.
By Patricia Kahn, PhD
