Technology
Software and Hardware
All technology goods or services acquired in the form of software systems, software maintenance, Software as a Service (SaaS), applications, websites, digital subscriptions, or other digital technology products or sensitive items that contain level 1 or level 2 data require review and approval, even if acquired at zero cost.
Any work performed by the contractor before issuance of a PO or Agreement can be considered as having been done at the contractor's own risk and as volunteer work. For more information please reference the CSU Contracts and Procurement PolicyTARP Process
All software requests must use the TARP request form. Requested software can move forward for purchase once all reviews have been approved (Information security, Accessibility, and Procurement).
Please review the Technology Acquisition Review Process (TARP) knowledge article for more information on the TARP process.
NOTE: Only certain SDSU faculty or staff members have access to complete the TARP form. Those SDSU faculty and staff who are most knowledgeable about the technology should work with their designated department IT procurement coordinator to complete and submit the form. The more detailed information received, the quicker the review can be completed.
- Requester provides the requested documentation and responds to additional questions.
- Information Security team members review for security and privacy risks. The requester may need to complete the Procurement Data Security Form if the technology uses PL1 or PL2 data. If the request does not pass the security review, the security review task will be updated, the requester will be notified and the purchase may not go forward.
- Accessible Technology team members determine compliance with ATI policy. If the request does not pass the accessibility review, the requester will need to coordinate with the ATI team to complete an Equal Effective Alternate Access Plan (EEAAP) to determine a potential workaround to provide equivalent access in the instance an individual has an accommodation request or need.
- The P2P team will review the Contractual Obligations to the University which may include a review of the End User License Agreement, Terms and Conditions, and Privacy Policies. P2P will work on this information to create negotiated agreements with companies.
- Once all three (3) priority area reviews have been completed and approved, the requester will receive an email notification with the attached completed review, which can be appended to their requisition.
YES - unless the TARP states low risk, the charge is not recurring, and the total software project is under the Non-PO Procure-to-Pay PCC purchase threshold. For more information please see the Non-PO Procure to Pay Policy (PDF).
Any amount over $10,000 for goods and $1,000 for services must be submitted on a requisition and should not be placed on PCC. These limits can be lower based on the commodity category outlined in the Non-PO Procure to Pay Policy (PDF).
Purchases under $50,000 require at least 1 quote.
All purchases between $50,000 - $499,999.99 require a minimum of 3 competitive quotes. If obtaining quotes from small or disabled veteran businesses, please refer to the SB/DVBE Option section below.
Purchases of $500,000 and over are required to be formally competed. If obtaining quotes from small or disabled veteran businesses, please refer to the SB/DVBE Option section below.
Small Business (SB) and/or Disabled Veteran Business (DVBE) Option
For orders of $50,000 to $250,000, SB/DVBE option is as follows:
- A minimum of 2 quotes are required from the same classification (for example, 2 small business quotes).
- The SB and/or DVBE need to be certified in California. Use CaleProcure to confirm if the vendor you are doing business with is a certified SB or DVBE.
**The University is held responsible to procure a minimum of 25% of its total spent from SB and 3% from DVBE annually.
Supplier/vendor must be appropriately licensed and must submit a Supplier Information Form (Payee Data Record Std.204) in order to do business with SDSU. For more information on how a supplier/vendor can do business with SDSU, visit the New Supplier/Vendor Registration page on the P2P website.
- Permitted Payment Options: Subject to the above requirements.
- PO – Allowed, if TARP ServiceNow Request states PO can be used.
- PCC- Allowed, if TARP ServiceNow Request states PCC can be used.
- Laptop and PCs must be purchased through a PO or via Aztec Shops ONLY.
- Documents required:
- Supplier Invoice
- Suppliers must be registered with SDSU. For more information on how a supplier/vendor can do business with SDSU, visit the New Supplier/Vendor Registration page on the P2P website.
- Completed TARP Form
- Supplier Invoice
- Payment Notes:
- All will route to the appropriate FAH signing authority.
Additional Notes
The University is held responsible to procure a minimum of 25% of its total spent from Small Businesses annually.