Information Technology Services
Virtual Visit Request info Apply
MENUMENU
  • Services
    • Services for...
      • Students
      • Faculty
      • Staff
      • Affiliates
    • Hardware & Software
      • Computer Purchasing
      • Printing
      • Web Browsers
      • Software for NAU Students
      • Software for NAU Faculty & Staff
    • Communication & Collaboration
      • Email & Calendars
      • NAUgo Mobile App
      • Phones, Mobile, & Voicemail
      • Video Conferencing & Messaging
    • Professional Services
      • Development
      • Project Management
      • Training & Documentation
      • User Experience & Design
      • Web & Mobile Development
    • General Services
      • A-Z Index
      • Service Catalog
      • Service Management
    • Infrastructure & Networking
      • File Sharing & Storage
      • Remote Services
      • Servers & Hosting
      • Wi-Fi & Networking
    • Academic & Research Technology Services
      • Blackboard Learn
      • Classroom Support
      • Computer Labs
      • Survey & Statistical Services
  • Security
    • Information Security
    • Phishing
    • Two-Step Verification
    • Antivirus
  • Get Help
    • Search Knowledge Articles
    • Submit a Ticket
    • View My Tickets
    • Contact Information & Hours
  • About
    • About Us
    • Contact Information & Hours
    • Directory
    • ITS Employee Forms
    • ITS Communications
    • ITS Meeting Spaces
    • News
    • Organizational Structure
    • About our CIO
  • IN
  • ITS
  • Technology Purchasing

Questions?

CPRM:
NAU-Purchasing@nau.edu

Disability Resources:
Accessibility@nau.edu

System Analyst:
ITS.SA@nau.edu

Request ITS Support

Know the rules

All NAU employees and students should read and be familiar with the Appropriate Use of IT Resources policy.

Information Technology Policy Manual


Supplemental documentation

    • Higher Education Cloud Vendor Assessment Tool (HECVAT)
    • Vendor Question Form

Purchasing Technology at NAU

ITS has partnered with Accessibility and Contracts, Purchasing, and Risk Management (CPRM) to develop a process for purchasing technology, software and hardware, that aligns with NAU’s current policies and needs. This process is under constant refinement, so we appreciate your patience as we grow and improve to better serve you.

What to do?

  • Step One Tab Open

  • Step Two Tab Closed

  • Step Three Tab Closed

  • Step Four Tab Closed

Step One Accordion Open

Gather your supporting documentation from the vendor.
These will be attached at a later step, but compiling everything early streamlines the process.
    • Always required – Accessibility Documentation.
      • Ask the vendor to provide a Voluntary Product Accessibility Template (VPAT) which may also be called an Accessibility Conformance Report (ACR).
      • If they do not have a VPAT or an ACR, request an accessibility statement or Section 508 Statement.
    • Required if vendor hosted or “Cloud Based”
      • Higher Education Cloud Vendor Assessment Tool
      • Technical specifications
      • Technical support contact information
    • Optional Additional Documentation
      • Vendor Question Form
        • Send this form to Vendors to collect technical information that is required later in the process.
        • This form is not the ITS Checklist and will not be accepted in place of the ITS Checklist.

Step Two Accordion Closed

Determine if the Contract Signature Request (CSR) is required.
Please see the CPRM webpage for more information or contact NAU-Contracts@nau.edu.

A CSR is required if:

  • You are agreeing to Terms and Conditions to gain access to technology, website, or download software.
  • The purchase requires a new contract or a renewal to an existing contract.

When filling out the CSR:

  1. Select Information and Communication Technology for the Contract Type.
  2. Select Yes to “Does the contract include any online interfaces, software, software subscriptions for cloud based application, and software as a service contracts?”
  3. Select No for “Have you submitted an ITS Software Checklist?”

After completing the CSR, you will receive an email with a link to complete the ITS Checklist. The Checklist is generated by the Contract Signature Request process and is populated with information entered previously.

A CSR is NOT required if:

  • The purchase is an annual review of a perpetual software license/middle of a multi-year purchase (ie: Paid for 3 year software license up front/signed a multi-year agreement with annual payments). Please complete the ITS Checklist.

Step Three Accordion Closed

Complete the ITS Checklist.

If you do not need a CSR you can go directly to the ITS Checklist.

After completing the CSR, you will receive an email with a link to complete the ITS Checklist. The Checklist is generated by the Contract Signature Request process and is populated with information entered previously.

Step Four Accordion Closed

After submission.

After you have successfully submitted the ITS Checklist, you will receive a confirmation email that ITS received the request. This dashboard displays ITS Checklists that are currently in progress, provides real time updates, and can be filtered by date, software title, and submitter name.

During the ITS and Accessibility review process, you will receive updates via automated email until final review is provided by the CIO. If you have questions regarding the status of a checklist or cannot find it on this dashboard, submit a ServiceNow ticket to the Systems Analyst Team or call 928-523-3335.


FAQ

What is the ITS Checklist? Accordion Closed

It is a required process that allows ITS, Accessibility, and CPRM to review and evaluate technology, subscriptions, or hardware prior to use.  The intent of this review is to address a number of concerns including mitigating risk to NAU, ensuring accessibility for all users, maintaining fiscal responsibility by reducing the number of redundant purchases, complying with data management policies, and contributing to an “OneNAU” feel.

What do I do when I need a subscription to a website instead of technology/software? Accordion Closed

There has been a change to how subscriptions will be processed through the ITS Checklist. To ensure the safety of NAU data and systems, ITS will need to review subscription checklists that contain the following:

          • The subscription service processes or stores protected NAU data (FERPA, FISMA, HIPAA, etc.)
          • The subscription service integrates with an existing NAU system (i.e. PeopleSoft, Salesforce, CAS, etc.)
          • The subscription has a high number of NAU users (more than 100)

Please Note: If the subscription meets any of the criteria above, it requires an NAUVAT completed by the vendor attached to the checklist.  If the subscription does not meet any of the above criteria,  the checklist still needs to be submitted for Accessibility review but will take less time to process because ITS will not review it.

If you have any questions or concerns, please contact its.sa@nau.edu.

Why do I have to do this? Accordion Closed

There are many reasons for the ITS Checklist. Below are 3 of the most common answers you will hear, but a summary of all of this is that “It’s dangerous to go alone!”. The threat from being connected to the rest of the virtual world is real, but the benefits are unlimited. The ITS Checklist allows NAU to have experts from all areas of the University review and ask the hard questions. By taking a proactive approach to protecting our data, our students, and NAU we are maximizing our resource usage and minimizing our risk.

Security:

Because of the inherent risk to NAU when using any technology, a review by subject matter experts allows us to lower the risk of data breaches. In 2018 alone, 14 higher education institutions reported data breaches. Four of those breaches were due to a third party entity (i.e., hosted vendor). Over 40 million records were compromised costing the institutions an average total of 60 million dollars in fines and lawsuits. The ITS Checklist is the first step to maintaining data integrity at NAU. If you use unapproved technology at NAU, there could be serious ramifications. As of 2018, the average cost of a data breach is $3.86 million. If NAU has all of its data stolen it would be over $9 million.

Accessibility:

Usability is a key factor when developing products and websites.  Universally designed products and websites allow as many users as possible to interact within the digital world without the need of additional technology. Designing with accessibility in mind goes one-step further to ensure individuals with disabilities that use assistive technology have the opportunity to interact with products and websites in that same digital world.

Section 504 of the Rehabilitation Act and the Americans with Disabilities Act cover accessibility.  Information and Communication Technology (ICT) purchased, developed, maintained, or used by the University must meet federally recognized accessibility guidelines.  As such, we are required to follow the Web Content Accessibility Guidelines (WCAG) 2.0 at the AA level.

The Department of Education Office for Civil Rights (OCR) enforces compliance with accessibility requirements.  OCR has created over 1,000 resolution agreements with schools around ICT accessibility.

Fiscal Responsibility:

As a government institution we have a fiscal responsibility to allocate resources appropriately.  The ITS Checklist allows us to build a central repository of the technology that is being utilized.  With this information, metric based decisions can be made regarding whether or not we already have a solution available that will meet requirements and identify opportunities where it would be beneficial to purchase group licensing.

Why doesn’t ITS fill out the Checklist? Accordion Closed

We do, when it is technology that we own and maintain. However, many times the business is far more familiar with how the technology is going to be used, what modules or add-ons have been purchased, and the exact business needs of the technology. ITS will not be aware of the detailed understanding of the business needs.  Having the business involved early on allows us to find the right solution for ITS, the business, and NAU as a whole.

Why are there so many questions? Accordion Closed

Multiple departments are involved in this review, so rather than have each of them reach out to you individually, the departments worked together to compile a single questionnaire.

Why can’t the vendor fill it out? Accordion Closed

The checklist is only accessible to NAU employees, so the vendor cannot access it. The form contains questions that the vendor will not be able to answer because they are specific to how you intend on using the technology.

To make it easier for you to get accurate information in order to complete the checklist, we have provided this ITS Checklist Vendor Form. It has a limited number of questions that you can provide the vendor.

How do I know what we have already purchased? Accordion Closed

Please refer to the ITS Software Page to see what is available at NAU.  If you have additional questions, please open a ServiceNow ticket or call 928-523-3335.

How do I know where my Checklist is? Accordion Closed

ITS checklists currently in progress can be viewed on a dashboard. If your checklist is not showing on this dashboard, it could be 1 of 2 things:

          1. It has not been started.
          2. It has already completed the review process.

If you know the checklist has been submitted, but never received email confirmation, check your spam folder.  If you have additional questions or concerns, please open a ServiceNow ticket or call 928-523-3335.

When do I need to do this? Accordion Closed

The ITS Checklist is required annually and must be completed before a contract will be signed or payment made.  It is recommended you start a month or two prior to renewal or purchase.

Who is involved with the Checklist Review? Accordion Closed

The Checklist Review is completed through a collaborative process between Accessibility, Contracts, Purchasing, and Risk Management (CPRM), and Information Technology Services (ITS).

Who should complete the checklist? Accordion Closed

After informing the fiscal authority in the department, the person who is most knowledgeable about the technology and its intended usage should fill out the ITS Checklist. Because many times it is a collaborative process between the department and the vendor, we have provided this ITS Checklist Vendor Form. This is not the ITS Checklist and will not be accepted in lieu of required documentation, but it will allow the submitter to get required information.

 


Information Technology Services
Location
Building 54
Information Technology Services
1301 S. Knoles Drive
Flagstaff, AZ 86011
Mailing Address
PO Box 5100
Flagstaff, AZ 86011
Email
ITS@nau.edu
Phone
928-523-3335
888-520-7215
Social Media
Visit us on Twitter Facebook Instagram