Skip to Services content

IT Procurement Review (ITPR)

The Information Technology Procurement Review (ITPR) process is part of CSU, Chico’s commitment to making the resources and tools used on campus accessible and secure. Chancellor's Office policy requires the campus to purchase Electronic and Information Technology (E&IT) products that meet Section 508 Accessibility requirements. Systems and applications that are not accessible pose a risk to the campus if a student, faculty, staff, parent, or the public is unable to use them. 

For more information about the CSU Procurement policy visit the CSU System ATI Procurement Process page.

There are 3 main areas assessed as part of IT Procurement Review:

  1. Accessibility Risk
  2. Information Security Risk
  3. System Compatibility

An ITPR may be required when you are acquiring any Electronic and Information Technology (E&IT), regardless of price (including donations). The table below provides some examples of items that require an ITPR and items that do not. If you are unsure whether your item requires an ITPR, please email itpr@csuchico.edu and someone will assist you.

 

ITPR Requirements

Required

Not Required

External storage devices (flash drives, portable hard drives) intended to store Level 1 or Level 2 data

External storage devices (flash drives, portable hard drives) that will not store Level 1 or Level 2 data

Devices that will connect to the campus network

Conference room telephones (e.g. Polycom phones)

Smart boards, streaming devices (e.g. Apple TV, Roku, etc.), or information kiosks (use by faculty, students, staff, visitors)

Computer monitors, displays, and projectors

Cloud applications / web applications 

Wireless presenters for classroom use

Software for computers, tablets, or servers 

Keyboards, mice, digital pens, desktop speakers, headsets

Academic software used for instruction or testing

Lab equipment 

Computer desktops, laptops, and tablet hardware (standard computers purchased through ITSS do not require an ITPR)

Internal computer parts (for repair/upgrade of existing equipment only)

Cameras and video recording devices (except webcams used for videoconferencing)

Webcams for use in video conferencing and lecture recording

Fax machines

USB hubs, docking stations, adapters, and cables (except network patch cables)

 Printers, scanners, copiers, and multi-function devices (standard printers purchased through ITSS do not require an ITPR)

 UPS battery backup for desktop

 Any other electronic device or software application used in the creation, conversion, storage, or duplication of data or information (unless otherwise excluded)

 General office equipment other than software, computers, and printers (e.g. calculators, electric staplers, etc.)

 Electronic articles intended for use as required reading for a course

 Electronic articles used by one person (e.g. online newspaper and journal subscriptions)

 

 Electronic graphics and images (e.g. clipart and SnapChat filters)

 

 Audio/Video equipment (e.g. microphones, video and sound processing equipment)

 

To complete the ITPR process you will need to obtain a Voluntary Product Accessibility Template (VPAT) from the vendor.  If protected/confidential data will be collected you also need to complete a Security Data Requirements Checklist.

To speed the ITPR process, please attach the vendor quote and appropriate vendor documentation. Examples of vendor documentation includes specifications, contract language (e.g., MEA, MSA, EULA, etc.), technical implementation guides, etc.