Involving Lewis-Clark State College’s IT team early ensures that new technology fits our campus ecosystem, protects sensitive information, and keeps us compliant with audit requirements.

How the Review Process Works

1. Submit the Software/System Request Form

Start by completing the brief questionnaire: Software & System Request Form

Tell us who will use the product, what kind of data it will store or process, and your desired timeline.

2. Initial IT Leadership Review

We evaluate the intended use, data classification, and how the product fits with existing campus solutions.

Low-risk, low-cost tools that do not touch protected data are typically approved quickly.

3. Enhanced Vendor Assessment (if needed)

If the application handles confidential or restricted data (see classification categories), or integrates deeply with College systems, we request additional documentation from the vendor.

Use this template to send an email to your vendor contact to request the required documentation for our review.  Please copy itapprovals@lcsc.edu.  

Dear Vendor:

Please provide a copy of any applicable audit or security assessment reports or certifications such as: 

  • SSAE 16
  • SOC 2
  • HECVAT
  • VPAT 
  • ISO 27001 

Also, copies of any applicable corporate information security policies or other supporting documentation is needed. This may include your disaster recovery plan or incident response plan.

<end of email>

4. Decision & Next Steps

Once reviews are complete, IT will issue an approval, request modifications, or recommend an alternative solution. 

Your Role

Plan ahead – Start the form as soon as you begin exploring a purchase or renewal.

Provide details – Accurate information accelerates our review.

Stay engaged – Respond promptly to follow-up questions so we can meet your timeline.

 

Questions? Contact the IT Help Desk at helpdesk@lcsc.edu or 208-792-2231.

Partnering with IT from the outset helps protect College data, saves money, and delivers a smoother experience for you and our students.