Software Intake Process

This knowledge base article outlines what happens after the New Software Request form is submitted, as each software is assessed by various associated departments prior to deployment.

 

The following are key components in the Software Intake Process. There are several review and approval phases to assess each new software request. 

 

Submission of the New Software Request Form:

 

Prior to submission, we recommend reviewing your Software Centre and our Software Catalog in advance to consider alternative software already existing in our ecosystem. 

Next, visit the Software Hub (LINK) to request approval from your Dean/Director.  

Once the software is approved by the head of your area, the Initial Privacy Assessment Form needs to be submitted to the Privacy Office and the New Software Request Form in AskIT. 

For more details on the New Software Request Form, please refer to this knowledgebase article. 

Analysis by Desktop Collaboration Services Team  

Once the New Software Request is submitted, a member from the Desktop Collaboration Services Team will confirm the request and support you throughout the process. 

Departmental Budget & Ownership 

The following are the criteria for budget allocation for software: 

DTS has implemented a shared cost ownership model to promote accountability and ensure that software investments are utilized efficiently. Under this model, DTS would fund university-wide academic and administrative software, while specialized software serving specific departments or faculties would remain funded by their respective business units. 

The Desktop Collaboration and Services Manager will review the budget and ownership parameters with the requester. 

Academic Software – CTE/ETLE Review 

For any academic software request, the Educational Technology and Learning Environments Committee questionnaire section of the New Software Request Form must be completed. The questions have been incorporated from the previous Microsoft Form. 

For more information, please visit the Centre for Teaching Excellence’s (CTE) website and Educational Technology and Learning Environment (ETLE) Committee page on Frontlines. 

Privacy Office’s IPA and/or PIA 

After the submission of the IPA, the Privacy Office will first review the initiative. An IPA may take a few business days.  

Thereafter, a Privacy Impact Assessment (PIA) may be required. The completion of the PIA depends on a few factors such as initiative’s priority, complexity, and current workload of the Privacy Office. The Privacy Office will work with program managers, who oversee the initiative under review, to determine the completion timelines, on a case-by-case basis. 

You can learn more about the Privacy Office here: Privacy and Access to Information - Capilano University Employee Portal 

Cybersecurity Security Threat Risk Assessment (STRA) 

A soft-check will be conducted upon software request to ensure the credibility of the software and assess any immediate risks or potential vulnerabilities.  

After necessary approvals and outcome of the Privacy Office's IPA and/or PIA, the Cybersecurity team will evaluate whether a Lite or Comprehensive STRA is required. The duration for the Lite STRA will span roughly 3 weeks and up to 2 months for the Comprehensive STRA. Please note, total assessment duration could vary depending on the complexity and integration of the systems as well as availability of vendors and internal resources who can provide the requested documentation. 

Purchase Requisition 

Prior to and anytime during the process, a quote can be obtained by any member of the university from the vendor. Please be advised that no commitments should be made to the vendor without Procurement reviewing the terms and conditions of the contract. Low-value contracts can still carry contractual risk, so a proper review is essential. 

To finalize the software implementation, a Purchase Requisition (PR) needs to have a signature from the appropriate signing authority, per alignment and approval from the Director or Dean. 

Based on Procurement Department’s review of the PR, they will decide on one of the three outcomes: 

1. Approve: Procurement proceeds with placing the order for the software. 

2. Approve with Comments: There are deviations that may be acceptable, provided the requestor is comfortable with taking on the associated risks. Procurement and DTS will align on a Risk Mitigation Plan with the requestor. 

3. Reject: The terms and conditions are not acceptable, and Procurement counter-proposes CapU’s terms and conditions and GSA to the vendor. If the vendor accepts the new proposal, a new PR will be submitted and reviewed. 

Deployment 

After the successful purchase of the software, the Desktop Collaboration Service Team will prepare for deployment based on the information provided in the New Software Request Form regarding whether the software is for a lab or device. The software will be packaged accordingly and corresponding license(s) assigned. Depending on the number of target devices, the team will need 1 week to 1 month for deployment. Software requests for upcoming terms outside of the recommended timeline will be handled on a rolling-basis.