In order to maintain compliance with USC’s evolving network infrastructure and mandatory University information security policies set by the Office of the Chief Information Security Officer (OCISO), it has become necessary to standardize the procurement process for all Dornsife-funded technology resources and services. Following this process ensures Dornsife Technology Services (DTS) can provide quality support for all Dornsife faculty and staff, as well as fulfill Dornsife’s obligations to the University.
Last updated 11/06/23: Added Affinity to pre-approved software list.
This local policy helps Dornsife departments understand the correct procurement process for the purchase of IT equipment, software, and services in compliance with USC and Dornsife standards. It also helps departments understand the reasoning and methodology behind policy requirements.
This local policy applies to all departments, faculty members, staff, and other employees within Dornsife, and covers all technology resources—such as IT equipment and software—and services procured with Dornsife funds, including research and grant funds administered by Dornsife.
Asset purchasing requirements follow: please email us at firstname.lastname@example.org for questions about specific assets or any assets not listed under either “Assets pre-approved for purchasing” or “Assets which must be purchased through DTS.”
Assets pre-approved for purchasing
At USC Dornsife, an asset is pre-approved for purchasing after a careful assessment of whether the asset’s properties require it to be governed by the OCISO’s policies, which set forth standards and requirements for equipment inventory, asset management, network security, and data protection.
- Computer peripherals: Monitors, keyboards, mice, webcams, microphones, headphones and earphones, cables and adapters
- Other hardware: Local wired printers (not connecting to the USC network), scanners, projectors, cameras and video cameras (non-surveillance), memory cards for cameras, video cameras, and audio recorders
- Ergonomic standing desk converter or adjustable lift system sitting/standing desk (we recommend checking the size and weight rating of the equipment against your desk and computer equipment)
We strongly encourage that all hardware be purchased through DTS whenever possible. Purchasing an asset outside the DTS service catalog may result in the purchase of technology incompatible with existing DTS-managed equipment and University systems, and may hinder or prohibit DTS’s ability to provide setup/installation, maintenance, and support through the asset’s lifecycle.
- ArcGIS Desktop (purchase through https://spatial.usc.edu/software/proprietary-software-faculty/)
- Canvas X Draw
*If purchased through DTS, volume discounts may be available for GraphPad.
We will periodically update this pre-approved software list based on the requests we receive.
How to purchase pre-approved assets
Pre-approved assets can be purchased through one of the following USC-approved methods:
- DTS service catalog
- Dornsife Business Office: Submit your request through your department’s assigned procurement specialist
- Your department: Utilize your departmental p-card
- Workday Finance: Initiate your requisitions in Workday. Catalog suppliers will connect to Marketplace (formerly eMarket) for shopping
While we strongly encourage using one of the methods listed above, reimbursements are permitted if necessary and reasonable to complete the work as per University policy.
Travel card retail purchases are not permitted.
Assets which must be purchased through DTS
USC Dornsife is required to comply with mandatory University information security policies set by the OCISO. The following assets fall under the OCISO’s governance and consequently must be purchased through the DTS service catalog:
- Desktop computers, workstations, laptops, tablets, and servers
- Storage devices such as flash drives and hard drives, and memory cards used for devices other than cameras
- Network devices such as routers and firewalls
- Mobile phones and hotspot devices
- Network/wireless printers
- Streaming devices
Email email@example.com for any other hardware assets not specifically named in the pre-approved list.
The following information security policies apply:
- Asset Management Policy § 5.1 requires that any hardware assets used for information and information processing be inventoried
- Endpoint Security Policy § 5.1 requires the configuration of information systems for protection against unauthorized or malicious use in accordance with industry-accepted system hardening standards
- Endpoint Security Policy § 5.8 requires the installation of encryption on all USC-owned technology resources prior to usage of the resource to store or access USC data
- Third-Party Security Risk Management Policy § 5.1–5.6 set forth the conditions by which third-party services and products must abide
The following software must be purchased through DTS:
- Adobe Acrobat Pro
- Adobe Creative Cloud
- Notability (for iOS)
- Any cloud services that are not on the pre-approved list
- Any or all third-party services handling USC information, whether by accessing, storing, processing, transmitting, or receiving data
Email firstname.lastname@example.org for any other software assets not specifically named in the pre-approved list. We will periodically update this software list based on the requests we receive.
How to purchase assets through DTS
Custom assets not listed in the DTS service catalog
In some cases (for instance, scientific computing and laboratory instrumentation assets), it may be necessary to request custom assets through the following links:
Our criteria for approval of custom assets includes, but is not limited to, the following characteristics:
- Security capability: Does the request comply with USC’s information security policies? For example, if a device, does it contain the required hardware (e.g., Trusted Platform Module) in order to be encrypted, per USC’s endpoint security policy?
- Alignment with DTS recommendations: Does the request meet current DTS recommendations and best practices for the particular purpose?
- Compatibility: Is the request compatible with existing USC and Dornsife systems, processes, networks, and applications?
- Manufacturer/vendor: If a device, is it made by, and sold by, a reputable manufacturer or vendor? Does the manufacturer offer a supportable warranty for the service life of the device? Does the vendor have an existing relationship with USC?
- Server support: Has budgeting been allocated for the support, maintenance, and administration of any servers throughout their projected lifetime?
It is important to note that even if the requested asset meets the criteria above, it may still be prohibited for other reasons. DTS will always provide guidance and work with departments to procure IT equipment and software which comply with policy and meet department technology needs.
Asset return process
Requests to return new IT equipment should be initiated as soon as possible. Please submit your request as a ticket to the DTS Help Desk. Return policies vary by vendor, but DTS will assist Dornsife departments and staff in assessing the options available if the return window has closed.
At the end of the asset’s useful life, or upon the separation of the asset user from the University, all IT equipment must be returned to DTS, per USC’s asset management policy. Please review our guide, “Returning DTS-managed IT equipment.”
IT equipment, software, and services purchased outside the procurement processes detailed above cannot be supported, financially or otherwise, by Dornsife. Purchasers are advised to return such assets to the place of purchase for a refund and to submit a new purchase request through the DTS service catalog.