In accordance with CMU policy and Federal and State laws, technology products and services must be appropriately accessible, meet campus security standards, and be technically supportable. This acquisition process is designed to ensure that these standards are met, any residual risk is appropriately managed, and all purchases are appropriately cost effective. This process applies to information technology products and services in the categories listed below:
Desktops and laptops (except as listed here)*
Printers, including 3D printers (except as listed here)**
Web-based services and applications such as storage/sharing services, online courses, web conferencing tools, online business services, etc (click here for more information)
Software of single or bulk licenses costing more than $500 (Please note, you cannot individually purchase software covered as part of an enterprise agreement)
Computer Monitors costing more than $1000 (per unit), click here for suggestions.
Servers and Enterprise Storage
Security cameras and security systems
Audio-Visual, TVs, Projector, video conferencing, other Mediation and supporting software, that is intended to be installed or mounted permanently, click here for examples.
- Unmanned Aerial Vehicles (UAVs, a.k.a. "Drones")
* CMU has a contract with Lenovo to provide a bulk discount to the university. We will entertain special configuration requests for Lenovo machines on the pre-approved computers list. Exceptions for purchasing non-Lenovo computers will only be granted very rarely as unique exceptions.
** CMU requires purchasing certain printers to ensure that we can receive the devices at a bulk discount, and it allows OIT to provide consistent support for these devices due to the reduction in variability. It also increases the reusability of toner and other components. For these reasons, and because OIT already provides an affordable printer option under $100, OIT will not entertain exception requests based on printer cost.
Technology purchasing process
Securing appropriate approval for technology purchases is ultimately your responsibility, and all technology purchases meeting the above qualifications will require completion of the
Technology Acquisition Checklist (TAC). In the case of purchases directly though Purchasing, your buyer will request its completion. In the case of business card purchases, you will be expected to print and submit a copy of your TAC approval email with your monthly business card reconciliation.
The Office of Information Technology (OIT) will review and sign-off on these requests. OIT will engage with the submitter should additional information be required.
EARLY ENGAGEMENT WITH THE APPROPRIATE PURCHASING BUYER WILL ENSURE TIMELY COMPLETION OF THE PROCESSING OF ANY PURCHASES OF TECHNOLOGY NOT ON THE PRE-APPROVED LISTS.
In most cases, the depth of review is minimal and can be performed relatively quickly. However, the length of review may vary depending on whether compliance documentation already exists, and if not, how timely and thoroughly the contractor can be in providing the required documentation. Selecting compliant products and services, and providing as much detailed information as possible, will accelerate the review process.
Please note that any CMU owned standalone computing device (runs an operating system and provides an end user with an interactive graphical interface) that is capable of network connectivity must have an asset tag, so that it can have a “name” / label according to a predefined naming schema. Naming devices according to a unique and predefined number is essential to support in that it allows technical support personnel to determine the appropriate support group, query information about the asset in CMU’s ERP system, and locate the device both in-person and over the network. Peripherals (printers, scanners, monitors, etc) below the $5000 threshold need not have an asset tag number.
Contacts and other information
OIT, Coordinator Admin Services and Software Licensing – Kim Vogel, 1771, email@example.com
Contracting and Purchasing Services, Coordinator – Nathan Hainstock, 1501, firstname.lastname@example.org
Chief Information Security Officer – Mark Herron, 7445, email@example.com