Facebook pixel tracker

Checklist for New Information Systems & Services

Hamilton College regularly licenses software and services to store and manipulate data in support of college activities. In order to fully evaluate systems and services and associated costs, and assure that the providers comply with information security, accessibility and legal requirements, we developed the following checklist.
Anyone considering the purchase of such software or services should contact the VP for Libraries and Information Technology (jshelley@hamilton.edu) or the Director, Enterprise Information Systems (msweeney@hamilton.edu) to assure the steps are followed. 
Parties involved are indicated in parentheses ( ).


  1. Needs Analysis (Department, LITS)
  • Understand business needs
    • What problem are you trying to solve?
    • How do you currently perform tasks?
      • What works well and needs to be preserved?
      • What don't you have the functionality to do?
  • Are policies and procedures being reviewed/changed? E.g., will the problem remain after the new software is put into place due to policies and procedures that did not change?
  • Will the changes affect other offices? How are you planning to include them early on in the process?
  • Is the business process being reviewed/changed?
  1. Evaluation of alternatives and new software (Department, LITS)
  • Evaluate existing systems that could be used to build a solution (Department, LITS)
  • Evaluate new candidates using your needs assessment (must have, nice to have, not important) (Department, LITS)
  • Analyze integration with existing systems (LITS)
  1. Budget approval (VPAF, VPLITS)
  • Negotiate pricing - check different vendors, check consortium arrangements (Department, LITS)
  • Determine costs (one time purchase, implementation, training, and ongoing)
  • Analyze necessary resources to provide ongoing support (LITS or contract), and who will provide and manage them
  • Determine personnel impact
  1. Compliance (this can take 4-8 weeks to complete)
  • Assess vendor compliance with information security standards (LITS - Information Security Officer)
  • Assess vendor compliance with accessibility standards (LITS - Information Security Officer)
    • Ask vendor for their Voluntary Product Accessibility Template (VPAT)
  • Obtain PCI attestation if credit card payments are involved (LITS - Information Security Officer)
  • Perform internal contract review (Auxiliary Services)
  • Perform external legal review (if deemed necessary based on risk) (Bond, Schoeneck & King)
  • Assess compliance with institutional graphic standards (Communications)
  • The contract will be signed by the Vice President for Libraries and Information Technology or another member of Senior Staff. 
  • Develop an implementation plan with a focus on identifying timelines, resources, and communication - (include resource commitments from Department and LITS)
  • Begin implementation
  • Complete implementation and communicate to campus


Back to Top