When purchasing or renewing software/applications there are minimum standards that MUST be met to ensure the University meets all its internal policy and legal requirements. To help you through this process, you will need to fill in a Contract Information for Software Compliance (CISC) request.
This applies to all software applications or services both locally installed and externally hosted e.g. web services / Software-as-a-Service (SaaS) applications including free-of-charge software.
The previously separate New Digital Education System Request form is now part of the CISC request, and it is no longer necessary to complete a separate form for Digital Education Systems.
Please check you have all the information you need before starting.
For software/services which store classified data (The information below can usually be found on the supplier’s website under Privacy Policy / Data Policy)
Details about compliance with web accessibility standards (WCAG 2.1) (This can usually be found on the supplier’s website under Accessibility)
You can find a list of the CISC questions attached on this KB article to help you ensure you have all the information you need before starting. You may not be asked to fill in ALL questions; the questions will vary based on whether you are requesting a new purchase or a renewal and the types of data requirements. Once you are ready, you can fill in Contract Information for Software Compliance (CISC) request.
The University has a duty to ensure that all software and services meet our legal and other policy requirements in areas such as:
Renewals of our existing services are included in this process. This is to enable the University to complete regular compliance checks on the services provided by our current suppliers, as the standards that we need to deliver do change over time. (You can find a list of previously approved requests here on the Excel spreadsheet). You MUST still complete a form, however, if you insert the previous approval code from the list, you will only have to complete a reduced CISC process.
1. Request submitted and the requester is given a reference number
2. Request Review: The request is reviewed by the appropriate teams (IT Contract Management, IT Governance (inc Accessibility), BRM, and Purchasing. If required Digital Education Service and IT architecture).
3. Stage 1 Approval / Decline: Typically less complex requests / Renewals
4. Stage 2 Approval / Decline: More complex requests are discussed on a weekly CISC group call.
5. Outcome: Given to the requester via the request raised.
After completing your CISC request, the software/application will be reviewed to ensure it means the minimum standards.
For items like subscriptions, local installs, and items not sharing data this is usually completed in 7 days. For items that involve sharing confidential data or any integrations, it may take longer depending on the complexity.
You will receive an email with a formal decision from a member of the Contracts Assurance Group.
The Request number should be shared with purchasing via a SIPR.
Please do NOT commit to purchasing the software until the relevant checks have been passed.
If you need to pay a supplier, you will need to raise a requisition (SIPR), contact your local Finance Team to make a credit card purchase, or create a Science Warehouse requisition.
If you require IT to manage the license and raise the SIPR use this request form.
For any requests for software that will be used for teaching and need to be available widely, please complete a Teaching software request, via this link(Licence already purchased).
For installation of software (already purchased) use this request form.
We are working to merge these forms into one form (excluding the SIPR Form); we expect to have this in place by the end of the year.