TTUHSC IT Policies
6. I.T. PROCUREMENT REVIEW
With the increased deployment of I.T. resources at TTUHSC, the Institution must strategically review procurements to ensure they are consistent with the Institutional direction to achieve an integrated environment. This policy’s intent is to provide guidelines for I.T. procurements and to establish an I.T. procurement procedure that allows the individual departments and schools flexibility in making their technology purchases.
General Principles
The CIO is the delegated authority for establishing I.T. purchasing procedures that comply with the Institutional purchasing requirements and meet the needs of the Institution.
Prior to making I.T. purchases, schools and departments must ensure:
- I.T. products are supported by the Information Technology Division. Specific hardware and software are recommended based on the ability to provide support for them. For a list of supported products, refer to the Hardware and Software Standards or visit the Information Technology Supported Hardware and Software page.
- I.T. products will not adversely affect the integrity and/or security of the TTUHSC network. (Certain network-related purchases must be pre-approved by the TTUHSC Information Security Officer. Refer to the Procurement Procedure Section.)
In order to standardize the hardware configuration and software packages used in this Institution, schools and departments are strongly encouraged to review the following I.T. recommendations before making any purchases:
Procurement Procedure
The technology needs of the various schools and departments within TTUHSC are admittedly diverse. While units of the Institution have the flexibility to address their departmental I.T. needs, this policy requires strict adherence to the I.T. procurement guidelines contained herein.
First and foremost, TTUHSC Department of Purchasing rules and regulations govern all Institutional purchases, regardless of the nature of the purchase or the items purchased. Detailed purchasing guidelines can be found in the Department of Purchasing’s online Procurement Manual.
In order to ensure the consistency and efficiency of the TTUHSC I.T. environment:
- The CIO must approve all I.T. purchases in the area of hardware, software, and I.T.-related contracts amounting to $50,000 or greater.
- Any I.T. purchases that, when utilized, could affect the normal operation and functionality of the I.T. environment must also be approved by the CIO, regardless of the cost. (Network devices such as routers, hubs, and firewalls could affect the security and integrity of the TTUHSC network infrastructure. For example, an unapproved router could cause IP address conflicts when installed on the network, a remote desktop program could inadvertently advertise the availability of an open port on the network, and a non-standard firewall could prevent access to the network even to legitimate users, and unapproved videoconferencing equipment or systems could create compatibility issues that could adversely affect the quality of distance learning and similar videoconferencing sessions on the TTUHSC network.)
Additionally, the TTUHSC Managing Director of Network, Security, and Systems must approve certain network-related hardware and/or software purchases beforehand. These include, but are not limited to:
- Firewalls
- Network IDS
- Host-based IDS
- Virus protection
- Vulnerability assessment
- Servers
For detailed guidelines, refer to the Security Policy.
Procurements that require prior approval must be submitted to the CIO and/or the Information Security Officer prior to submitting the procurement documents to Purchasing or obligating the Institution.