Effective Date
October 28, 2014
Date of Last Revision
March 14, 2016
Chapter Name
10.0 Other
Chapter Number
10.9
1.0 Purpose
Title
Pre-Approval Required for all Software Purchases
Eastern Michigan University’s Division of Information Technology is committed to providing information technologies that align with the University's mission. The university’s computer network can be put at risk, though, when new software is introduced that conflicts with university’s requirements for technical interoperability, data security, and maintenance requirements.
This policy outlines the process that must be followed when a user or department wants to purchase software for use on university computers or networks. This will ensure that all software is sufficiently funded, complies with existing I.T.-supported systems, and protects sensitive or confidential university data.
2.0 Scope
This policy shall cover all employees of the University.
3.0 Policy
1.
The university’s Chief Information Officer (CIO) must pre-approve any software purchase that meets any of the following conditions: a.
Is university-wide in scope (i.e., used by individuals outside of the purchaser’s department) b.
Requires university data to be hosted or stored outside of the University’s Data Center c.
Requires a connection to, or data from, the Banner ERP system or modules d.
Requires university I.T. resources to install, upgrade, support, or maintain the software
2.
The CIO will determine if additional requirements must be met prior to approving the purchase. This may include management agreement to supplemental funding for on-going operating costs, or identification of technical or administrative personnel for ongoing systems support and functional assistance.
3.
The CIO reserves the right to withhold approval for any software that is determined to be inadequately funded or supported, conflicts with existing I.T.-supported systems, or has inadequate security protocols to protect confidential or sensitive university data.
4.0 Responsibility for Implementation
The University’s Chief Information Officer and the Director of Purchasing are responsible for the implementation of this policy.
IT Policy 10.9 Page 1 of 2

5.0 Enforcement
Any employee found to violate federal or State of Michigan laws, EMU policies, procedures or standards of conduct, will be subject to disciplinary action under University policy. Any student found to violate federal or State of Michigan laws, EMU policies, procedures or standards of conduct, will be subject to disciplinary action under
EMU’s Student Code of Conduct. Any suspected violation of state or federal laws will be reported to the appropriate legal authority for investigation.
The University reserves the right to protect its electronic resources from threats of immediate harm. This may include activities such as disconnecting an offending computer system from the campus network, terminating a running job on a computer system, or taking other action.
6.0 Definitions
Term
Banner ERP
Chief Information Officer (CIO)
Definition
The University’s Enterprise Resource Planning system that manages all academic, financial, and personnel data. Ellucian’s Banner system is the ERP system for EMU.
The University’s senior Information Technology executive.
7.0 Revision History
Description
CIO Approval
Approval Date
March 14, 2016
IT Policy 10.9 Page 2 of 2