Know the rulesAll NAU employees and students should read and be familiar with the Appropriate Use of IT Resources policy. Information Technology Policy Manual
Wi-Fi Map in ArizonaInteractive Map for access to free Wi-Fi hotspots throughout the state.
Purchasing, Licensing, and Using Technology at NAU
ITS has partnered with Accessibility and Contracts, Purchasing, and Risk Management (CPRM) to develop a process for purchasing technology, software and hardware, that aligns with NAU’s current policies and needs. This process is under constant refinement, so we appreciate your patience as we grow and improve to better serve you.
What to do?
Step One Accordion Open
- Always required – Accessibility Documentation.
- Ask the vendor to provide a Voluntary Product Accessibility Template (VPAT) which may also be called an Accessibility Conformance Report (ACR).
- If they do not have an ACR, request an Accessibility statement or Section 508 Statement.
- Required if vendor hosted or “Cloud Based”
- Higher Education Cloud Vendor Assessment Tool
- Technical specifications
- Technical support contact information
- Optional Additional Documentation
- Vendor Question Form
- Send this form to Vendors to collect technical information that is required later in the process.
- This form is NOT the ITS Checklist and will not be accepted in place of the ITS Checklist.
- Vendor Question Form
Step Two Accordion Closed
Step Three Accordion Closed
Step Four Accordion Closed
After the ITS Checklist has been successfully submitted, the submitter and the requestor will receive a confirmation email that ITS received the request. This dashboard displays ITS Checklists that are currently in progress, provides real time updates, and can be filtered by date, software title, and submitter name.
During the ITS and Accessibility review process, you will receive updates via automated email until final review is provided by the CIO. If you have questions regarding the status of a checklist or cannot find it on this dashboard, submit a ServiceNow request by calling 928-523-3335 or by going to ServiceNow.
What is the ITS Checklist? Accordion Closed
It is a required process that allows ITS and Accessibility to review and evaluate technology, subscriptions, or hardware prior to use. The intent of this review is to address a number of concerns including mitigating risk to NAU, ensuring accessibility for all users, maintaining fiscal responsibility by reducing the number of redundant purchases, complying with data management policies, and contributing to an “OneNAU” feel.
What do I do when I need a subscription to a website instead of technology/software? Accordion Closed
There has been a change to how subscriptions will be processed through the ITS Checklist. To ensure the safety of NAU data and systems, ITS will need to review subscription checklists that contain the following:
- The subscription service processes or stores protected NAU data (FERPA, FISMA, HIPAA, etc.)
- The subscription service integrates with an existing NAU system (i.e. PeopleSoft, Salesforce, CAS, etc.)
- The subscription has a high number of NAU users (more than 100)
Please Note: If the subscription meets any of the criteria above, it requires an NAUVAT completed by the vendor attached to the checklist. If the subscription does not meet any of the above criteria, the checklist still needs to be submitted for Accessibility review but will take less time to process because ITS will not review it.
If you have any questions or concerns, please contact firstname.lastname@example.org.
Why do I have to do this? Accordion Closed
There are many reasons for the ITS Checklist. Below are 3 of the most common answers you will hear, but a summary of all of this is that “It’s dangerous to go alone!”. The threat from being connected to the rest of the virtual world is real, but the benefits are unlimited. The ITS Checklist allows NAU to have experts from all areas of the University review and ask the hard questions. By taking a proactive approach to protecting our data, our students, and NAU we are maximizing our resource usage and minimizing our risk.
Because of the inherent risk to NAU when using any technology, a review by subject matter experts allows us to lower the risk of data breaches. In 2018 alone, 14 higher education institutions reported data breaches. Four of those breaches were due to a third party entity (i.e., hosted vendor). Over 40 million records were compromised costing the institutions an average total of 60 million dollars in fines and lawsuits. The ITS Checklist is the first step to maintaining data integrity at NAU. If you use unapproved technology at NAU, there could be serious ramifications. As of 2018, the average cost of a data breach is $3.86 million. If NAU has all of its data stolen it would be over $9 million.
Usability is a key factor when developing products and websites. Universally designed products and websites allow as many users as possible to interact within the digital world without the need of additional technology. Designing with accessibility in mind goes one-step further to ensure individuals with disabilities that use assistive technology have the opportunity to interact with products and websites in that same digital world.
Section 504 of the Rehabilitation Act and the Americans with Disabilities Act cover accessibility. Information and Communication Technology (ICT) purchased, developed, maintained, or used by the University must meet federally recognized accessibility guidelines. As such, we are required to follow the Web Content Accessibility Guidelines (WCAG) 2.0 at the AA level.
The Department of Education Office for Civil Rights (OCR) enforces compliance with accessibility requirements. OCR has created over 1,000 resolution agreements with schools around ICT accessibility.
As a government institution we have a fiscal responsibility to allocate resources appropriately. The ITS Checklist allows us to build a central repository of the technology that is being utilized. With this information, metric based decisions can be made regarding whether or not we already have a solution available that will meet requirements and identify opportunities where it would be beneficial to purchase group licensing.
Why doesn’t ITS fill out the Checklist? Accordion Closed
We do, when it is technology that we own and maintain. However, many times the business is far more familiar with how the technology is going to be used, what modules or add-ons have been purchased, and the exact business needs of the technology. ITS will not be aware of the detailed understanding of the business needs. Having the business involved early on allows us to find the right solution for ITS, the business, and NAU as a whole.
Why are there so many questions? Accordion Closed
Multiple departments are involved in this review, so rather than have each of them reach out to you individually, the departments worked together to compile a single questionnaire.
Why can’t the vendor fill it out? Accordion Closed
The checklist is only accessible to NAU employees, so the vendor cannot access it. The form contains questions that the vendor will not be able to answer because they are specific to how you intend on using the technology.
To make it easier for you to get accurate information in order to complete the checklist, we have provided this ITS Checklist Vendor Form. It has a limited number of questions that you can provide the vendor.
How do I know what we have already purchased? Accordion Closed
How do I know where my Checklist is? Accordion Closed
ITS checklists currently in progress can be viewed on a dashboard. If your checklist is not showing on this dashboard, it could be 1 of 2 things:
- It has not been started.
- It has already completed the review process.
If you know the checklist has been submitted, but never received email confirmation, check your spam folder. If you have additional questions or concerns, please open a ServiceNow request or call 928-523-3335.
When do I need to do this? Accordion Closed
The ITS Checklist is required annually and must be completed before a contract will be signed or payment made. It is recommended you start a month or two prior to renewal or purchase.
Who is involved with the Checklist Review? Accordion Closed
Who should complete the checklist? Accordion Closed
The person who is most knowledgeable about the technology and its intended usage should fill out the ITS Checklist. Because many times it is a collaborative process between the department and the vendor, we have provided this ITS Checklist Vendor Form. This is NOT the ITS Checklist and will not be accepted in lieu of required documentation, but it will allow the submitter to get required information.