[The Software Management Toolkit details below are being finalized and still in draft form.]
University Purchasing, OTDI and additional partners have worked together to make software procurement simpler, faster and more effective for colleges and units. And now we’re ready to fully roll out the new process to the university community!
To assist in that effort, this online Software Management Toolkit shares helpful resources to set up colleges and units for success.
Thank you for your cooperation in strengthening software management across the university.
Software Management Toolkit
What do I need to know? (Ideal for department newsletters)
University Purchasing, the Office of Technology and Digital Innovation (OTDI), and additional university partners have launched a new, streamlined approach to software procurement which makes the process faster, more efficient, and easier to navigate. The Software Preapproval Process (SPP) is now ready for broad use and is strongly encouraged for all software purchases.
By starting with SPP, units can benefit from prioritized processing, reduced approval timelines, and a smarter, risk-based review process that eliminates unnecessary steps for low-risk software. It also helps bring to light any security, legal, and accessibility considerations earlier—reducing delays later in the process.
Colleges and units are encouraged to begin using SPP now and identify staff to support software directory contributions.
What are the benefits of the Software Preapproval Process (SPP)?
Starting with SPP offers clear, early benefits for units and requestors:
- Faster processing - Requisitions submitted with an SPP ID will receive prioritization. Digital Security and Trust assessments initiated through an SPP will also receive priority.
- Reduced cycle times - Early data shows shorter requisition turnaround times for purchases that begin with SPP.
- Streamlined, Risk-Based Reviews - The process uses conditional workflows to route purchases through only the reviews needed based on risk criteria—skipping unnecessary steps for low‑risk software.
- Surfaces security, legal, and accessibility considerations earlier in the process - reducing late‑stage delays at the finish line.
- Incorporates new digital accessibility procurement review process.
Action Required: What do I need to do to start using SPP?
Start using the SPP process. A Create and Approve Software Preapproval job aid is available for guidance.
Where can I obtain help?
While the Create and Approve Software Preapproval job aid is the go-to help resource for Ohio State software purchasing guidance, if you have any questions, please contact out to BF-softwarequestions@osu.edu.
Additional Actions: Software Directory Contributors
For areas that frequently procure software, you may be able to help identify staff who can serve as Software Directory Contributors and help populate the Ohio State Software Directory. A job aid for how to Request Access to Edit the Ohio State Software Directory is available and includes step-by-step instructions and screenshots.
A monthly meeting is held to review software titles that have been submitted throughout the university to get published to the site.
What are the roles of those involved in SPP?
- Software Request Initiator
- Review Software Directory to confirm no available product meets needs
- Confirm supplier is willing to accept OSU terms (Ohio Law, ADA Addendum) by using OSU Vendor Preapproval Form (pdf), Email Template (.doc download), and attaching form back to request
- Attach additional documents (i.e. quote, VPAT, HECVAT) from supplier to the reques
- Work directly with Unit’s IT Director as needed
- IT Software Approver
- Initial step in Software Preapproval Process:
- Confirm no product currently purchased/available that meets the need
- Confirm Purpose/Business justification so downstream reviewer of product use case is understood
- Confirm funding is available
- Confirm OSU Vendor Preapproval Form is attached and supplier is willing to accept OSU terms (Ohio Law, ADA Addendum)
- Confirm number of users needing to access the software is accurate
- If the Accessibility Impact Level is A1, confirm that is accurate, as selecting A1 will bypass the accessibility approver step. If not accurate, correct the rating before you approve.
- Final step of Software Preapproval Process:
- Accepts risks identified by prior reviews and escalates as appropriate
- Final decision on whether the unit can move forward with purchaseNotes what level of legal review is required during purchasing process
- Initial step in Software Preapproval Process:
- Legal Approver
- Conditional routing-based on questionnaire responses
- Skipped if:
- Locally installed
- NOT external customer facing
- S1 or S2 data classification
- OR Supplier will accept OSU’s Terms and Conditions
- Reviews requests where the supplier will not accept OSU’s Terms and Conditions and provides information on risks of proceeding with purchase back to unit
- Unit Accessibility Approver
- Conditional routing based on questionnaire responses
- Skipped if: Accessibility Impact Level is A1
- Reviews the request for accuracy and completeness; works with the requester to obtain additional information needed to complete the accessibility review
- Completes the Digital Accessibility Procurement Review (DAPR) form (outside of Workday)
- Validates product use cases
- Review VPAT/ACR for sufficiency
- Identifies product barriers
- Develops an appropriate exception rationale
- Completes the “Accessibility Approver Use Only” section of the SPP request
- Unit Security Approver
- Reviews the request and adds information for OTDI or Med Center Security teams to perform their assessment
- Ensures request is filled in properly (cloud/not cloud, data classification, etc.)
- Central Risk Assessment Approvers
- Identity and Access Management Approver
- Confirms the authentication method is supported and makes Access Management recommendations
- Digital Security and Trust Approver
- Conditional routing based on questionnaire responses
- Skipped if: Accessibility Impact Level is A1
- Consults with Unit Security Coordinator to verify and understand use case and determine assessment roles and needs
- Identity and Access Management Approver
- Software Requisition Approvers
- University Service Center Rep/Lead
- Determines if agreement/signature is required, level of legal review needed based on IT Software Approver disposition and initiates that process as needed
- Cost Center Category Approver/Health System Category Approver
- Reviews for IT spend categories to ensure adherence to OSU standards and technical requirements
- Accountable for ensuring the Software Preapproval Process was completed
- Central Buyer
- Review for compliance if off-contract spend and over $75k
- For Med Center, determines if agreement/signature is required
- University Service Center Rep/Lead