...
SUNY Fredonia is committed to securing and protecting the information within its possession. The University is comprised of a growing number of students, faculty, and staff with disabilities that may impact the ways in which they access and successfully use electronic information. This growth comes at a time when essential information and services critical to student application and registration, academic course and program completion, employee hiring and evaluation, and more, are increasingly delivered via electronic means. The purpose of the Technology Request Process (TRP) is to gather information for technology requests to be compliant with the SUNY's security, accessibility, and procurement policies as well as ensure the campus can provide adequate support for the given technology. (SUNY Compliance Requirements: SUNY Information Security Policy: 6900, SUNY Electronic and Information Technology (EIT) Accessibility Policy: 6901, Information Security Guidelines: Campus Programs & Preserving Confidentiality: 6608.)
What types of requests need to go through the TRP?
...
- a quote with the companies name, address, point of contact, item description, NYS OGS/SUNY/Other SUNY Local Contract number (if applicable), and term dates
- copy of the software contract, multi-year agreement, Memorandum of Understanding (MoUs), or EULA (End User License Agreement) for this step of the TRP review. Please contact the vendor directly to obtain either a PDF or WORD version of their contract, master service agreement, or End User License Agreement (EULA) to be uploaded with the Technology Request Form.
- VPAT - Voluntary Product Accessibility Template. Please use sample emails for requesting a VPAT and requesting documentation if a vendor does not have a VPAT.
- confirm the risk category for the University data that you are requesting to be used with this solution
- Higher Education Community Vendor Assessment Tool (HECVAT)
- SOC2 Type 2 report - for cloud-hosted solutions only
Step 2: Submit a Technology Request and FREDMart Requisition - Customer completes the Technology Request Form and FREDMart Requisition. Upon submitting the TRP form, a Tracker ticket is created to initiate the review of the request. All other non-technology contracts and licenses should be sent directly to www.fredonia.edu/contractreviewContract Review.
Please review Tying FREDmart and Tracker Together.
...
If you have questions regarding this documentation, please contact the Information Security Office at security@fredonia.eduFredonia ISO.
Step 6: Electronic Accessibility Technology Review - In accordance with SUNY EIT Accessibility Policy, the Academic and Collaborative Technology (ACT) Office performs a review for EIT accessibility. This includes the review of documentation verifying EIT accessibility conformance (VPAT - Voluntary Product Accessibility Template), reviewing accessibility roadmaps, and evaluating high-impact EIT products. Documentation verifying EIT accessibility conformance is required. If you have questions regarding this documentation, please contact the the Academic and Collaborative Technology (ACT) Office at ACT@fredonia. edu. After the EIT Accessibility review has been completed, the Tracker ticket will be reviewed by the CIO or designee before being forwarded on to the Contract Services department.
Step 7: Software Terms and Conditions Review: The Contract Services department will conduct a review of the terms and conditions of all contracts to ensure that standard NYS contract terms are applied (e.g. Appendix A: Standard Clauses for New York State Contracts). The Contract Services will need a copy of the software contract, multi-year agreement, Memorandum of Understanding (MoUs), or EULA (End User License Agreement) for this step of the TRP review.
...
NOTE: All Software licenses need to be registered using the ITS .ServiceCenter@fredonia.eduService Center email account (not in the name of an employee or another department etc.).
...