Vendor/Product review

Jane DelFavero jane.delfavero at nyu.edu
Mon Nov 12 18:40:04 GMT 2001


Greetings,

I'm on a committee to discuss and develop a mechanism for doing a 
technical review of new products/vendors, for projects that are 
developed internal to our IT group, as well as in consultation with 
other University divisions. There are many issues that come up in 
this process, so I'm interested to see how other universities handle 
this process. In particular:

1) Do you have any formal body for review of new projects? If so, is 
it just within your IT group, or across some portion of your 
institution?

2) How is review done (especially review of security concerns and 
issues)? Are there specific standards, a checklist of concerns, 
general policies, as hoc discussions? Web pages/forms you can point 
us to?

3) What happens if someone purchases a product or hires a vendor 
against your recommendation?

4) What are the potential pitfalls that we might encounter -- any 
disasters (or successes) that you didn't expect?

Thanks, Jane
-- 
===================================================
Jane DelFavero
Network Security Manager		security at nyu.edu
Information Technology Services		jane.delfavero at nyu.edu
New York University			phone: (212) 998-3053 
http://www.nyu.edu/its/security

PGP fingerprint: 4F56 0A88 3AF9 60A0  DB73 E726 DA94 CBDD



More information about the unisog mailing list