Roles and Responsibilities

NCSU Requestor (Customer) Responsibilities

  • Completes the IT Purchase Compliance review form.  It is highly encouraged the the requestor also complete the Pre-Assessment to get a better idea of what will be required.
  • Requests the vendor to provide everything necessary to conduct the review.  This may include security questionnaires, access to software for testing, certification documentation, etc..
  • Obtains Data Steward approval if applicable

 

Vendor Responsibilities

  • Completes all questionnaires and provides information needed to conduct the review.
  • If the product is partially compliant, Vendors will also need to provide a roadmap addressing gaps, remediation plan timelines and interim workarounds while remediation is in progress.

 

NCSU Reviewer Responsibilities