{"660669":{"#nid":"660669","#data":{"type":"news","title":"New Data Security Review Process Introduced in Vendor Contracts","body":[{"value":"\u003Cp\u003EGeorgia Tech recently implemented a new process for assessing supplier contracts in an effort to enhance data security. The process introduces a new assessment intake inform that satisfies requirements outlined within the University System of Georgia\u0026rsquo;s (USG) Business Process Manual (BPM).\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EHow the Process Works\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EUpon the creation of a new contract, amendment of an existing contract, or renewal of an existing contract, all USG institutions and organizations must ensure that suppliers (or other third parties) with access to USG data are adequately protecting that data. This protection must be at least the same level of protection provided by Georgia Tech and\/or the USG and as required by policy, law, or regulation.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGeorgia Tech has created an USG approved process for review by both Cyber Security and Procurement as required by the BPM. When data is shared with or can be accessed by the supplier, the departmental end user must complete the BPM 3.4.4 Supplier Contracts Assessment Intake Form and the Contract Checklist in order to satisfy USG requirements.\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EWhat does this mean for you?\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAfter August 1, 2022, requesters must complete a Supplier Contracts Assessment Intake Form and Contract Checklist when attempting to create or renew a supplier contract. This form will assess the supplier\u0026rsquo;s access and utilization of any Georgia Tech or USG data and ensure that any access is adequately managed and protected. All requests will be reviewed by Georgia Tech Cyber Security prior to execution. This also includes zero ($0) dollar purchases.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPlease note that this new process \u003Cstrong\u003E\u003Cem\u003Edoes not\u003C\/em\u003E\u003C\/strong\u003E replace the existing CTR (campus technology request) process. However, the Office of Information Technology is working with Cyber Security, Procurement, and other offices to review and identify ways to optimize how technology is requested across the Institute.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThis Supplier Contracts Assessment Intake Form is located in ServiceNow: (\u003Ca href=\u0022https:\/\/gatech.service-now.com\/home\/?id=sc_cat_item\u0026amp;sys_id=cae57d8e1bdcc55829eba8e2b24bcb2b\u0022\u003Ehttps:\/\/gatech.service-now.com\/home\/?id=sc_cat_item\u0026amp;sys_id=cae57d8e1bdcc55829eba8e2b24bcb2b\u003C\/a\u003E).\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Georgia Tech recently implemented a new process for assessing supplier contracts in an effort to enhance data security. "}],"uid":"34822","created_gmt":"2022-08-29 20:50:47","changed_gmt":"2022-09-06 15:54:44","author":"Malynda Dorsey","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2022-07-26T00:00:00-04:00","iso_date":"2022-07-26T00:00:00-04:00","tz":"America\/New_York"},"extras":[],"groups":[{"id":"174291","name":"OIT"}],"categories":[{"id":"129","name":"Institute and Campus"}],"keywords":[{"id":"183656","name":"oit feature"}],"core_research_areas":[],"news_room_topics":[{"id":"71871","name":"Campus and Community"}],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003E\u003Ca href=\u0022mailto:teresa.holcomb@business.gatech.edu\u0022\u003ETeresa Holcomb\u003C\/a\u003E\u003Cbr \/\u003E\r\nPurchasing Manager \u0026ndash; IT \u0026amp; Scientific\u003Cbr \/\u003E\r\nProcurement and Business Services\u003C\/p\u003E\r\n","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}