Details
Source: ARP Chapter 15 | Information Management and Data Security
Responsible Executive: Chief of Staff
Responsible Administrator: Chief Information Security Officer
Last Updated: Not Available
Related
Revision History:
2017 Recompilation, formerly Rule 2.35.1.3.1
PART 1: PURPOSE
This Rule specifies the approval requirements for the purchase of software systems that interact with university data.
PART 2: RULE
The acquisition of any software system that interacts with university data or has enterprise-wide impact requires approval by the appropriate university data custodian(s), Procurement Services Office and the university’s central computing department, ICT. Failure to do so shall result in one of the following:
- Delay of the software system’s implementation and integration with the university’s central systems
- Postponement of related technology project
- Exclusion of the system from connectivity to university systems and data
Practices such as “vendor exercising,” which is the practice of inviting vendors to demonstrate their products prior to Procurement Services Office’s involvement in the product’s purchase, violate NMSU purchasing guidelines and are prohibited.
PART 3: PROCESS
The acquisition and implementation of software systems Rule process, Security Guidelines, details the software systems evaluation, notification of potential software systems acquisition, and the acquisition approval process.
Details
Source: ARP Chapter 15 | Information Management and Data Security
Responsible Executive: Chief of Staff
Responsible Administrator: Chief Information Security Officer
Last Updated: Not Available
Related
Revision History:
2017 Recompilation, formerly Rule 2.35.1.3.1