The Office of Information Technology’s IT Purchase Compliance applies to all software purchases of $5,000 or more. This includes new software purchases as well as previously purchased software during maintenance and support renewals.
Software purchases must be reviewed BEFORE the purchase to ensure the software complies with University standards and follows Federal and State guidelines. To accomplish this, IT Purchase Compliance will include reviews of the following if determined necessary:
- Data Security
- IT Accessibility
- PCI Compliance
- Email Communication
- Integration with Enterprise Systems
- Vendor Screening
Only after the requested software has been reviewed and approved by OIT will the Purchasing Department process the requisition or execute the software agreement.
For more in depth information regarding this process, please see About IT Purchase Compliance.
The depth of the review process will depend on the impact and scope of the product or service. At this time, OIT only requires software purchases that cost $5,000 or more to be reviewed.
Although not required at this time, software purchases under $5,000 may also be submitted for review. If a department decides to not have a purchase under $5,000 reviewed, it must still meet University security and accessibility standards and it will be up to the department to ensure compliance.
Software that should be submitted only applies to end user application software and services, possibly including middleware depending on its use. This extends to cloud services or any services that host university data. It does not include driver software or system software that is used to operate computers and machinery.
Roles and responsibilities of the requestor, vendor and the Office of Information Technology can be found on the Roles and Responsibilities page.
What to expect during an IT Purchase Compliance review can be found on the Submit a Request for Review page.
Once all reviews have been completed, the Requestor will be notified if the review has been approved or denied. The Requestor will also be informed if there are any conditions that must be met prior to the approval if a Conditional Approval is provided.
If more than one product is available that meets the needs of the department or college, the purchaser should consider the one that best meets NC State’s compliance standards.
Requestors should plan in advance for these reviews to be conducted. Depending on the complexity, reviews may take upto 2-12 weeks, based on the depth of the review required and the supplier responsiveness.
Feel free to submit reviews early even before funding is established. This will allow the purchase process to move quicker when the department is finally ready to purchase. This is especially important for end of fiscal year purchases.