Procedures

Software Acquisition and Use - Procedure

Printer-friendly version
Body

1.0    Purpose and Scope

This procedure outlines the requirements for acquiring and using software at The University of Queensland (UQ or the University) and applies to all UQ consumers as defined in the UQ Information and Communications Technology (ICT) Policy.

Note that this procedure also applies to software (including cloud software) that is free.

1.1    Context

This procedure should be read in conjunction with other UQ policies and procedures, including:

2.0     Process and Key Controls

  1. Before purchasing or acquiring any new software (including cloud/Software as a Service applications and free software), UQ consumers must refer to UQ’s Standard Software Catalogue, which lists software available for academic, research and administrative use.

  2. To purchase or request new software, UQ consumers must follow the processes listed via the Purchasing or requesting software page.

  3. UQ consumers must review software terms (using the low-risk licence review checklist) to ensure they are fit for purpose at UQ and do not contain any unacceptable legal risks.

  4. Software terms are ICT Contracts and can only be accepted for UQ by a Contract delegate or Sub-Delegate with the appropriate delegation.

  5. UQ consumers that acquire and use software must comply with all usage restrictions, licence conditions, purchasing and installation requirements.

3.0     Key Requirements

3.1    Accessing and using UQ-licensed software

The Standard Software Catalogue lists all software that UQ consumers can install on UQ-owned computers and use for UQ purposes (academic, research or administrative use). In some cases, software can also be installed on personal devices for personal or UQ purposes. The Standard Software Catalogue also provides licensing, purchasing, usage, and installation information for each software product.

The following conditions apply when using UQ-licensed software:

  • Unless personal use is explicitly allowed, software licensed to UQ must only be used for purposes legitimately associated with UQ’s operations as a teaching and research institution. This includes online services (i.e. Software-as-a-Service) licensed to UQ.

  • UQ consumers must comply with the installation requirements of the software product as specified in the Standard Software Catalogue. UQ consumers can self-install some UQ-licensed software products to their UQ device. Some software can only be installed with assistance from IT support.   

  • Certain software cannot be self-installed as technical or licence checks must occur. UQ consumers must submit an IT support request to access the software. If approved, and a consumer does not have administrator access, a staff member from the UQ consumer’s IT support team must install the software.

  • All UQ consumers obtaining or using UQ-licensed software must understand and comply with the terms and conditions for use of the software.

3.2    Student-licensed software

In addition to the Standard Software Catalogue, the Free student software for personal use page lists software available for students to use on their personal computers for the duration of their studies at UQ. This page also lists specialist software available to students to support remote study. Note that for certain software, eligibility criteria may apply, and students must comply with all usage and access requirements as specified on the web page.

3.3    Computer labs and the UQ digital workspace

UQ staff and students can access certain software (for teaching and learning) via UQ’s computer labs or personal and work devices by using the UQ Digital Workspace. View the list of software available via the UQ Digital Workspace.

Staff and students can request access to existing software and request new software for the UQ Digital Workspace by completing the relevant request form:

If requesting new software, UQ staff and students must comply with any relevant requirements stated in section 3.4 below.

3.4    Acquiring new software

If the required software is not available via the Standard Software Catalogue, UQ consumers must follow the requirements below, based on the type of software. This is required even if the software is free.

Procurement of new software at UQ must comply with UQ’s Procurement Policy and Procedure, the ICT Procurement Framework and UQ’s Financial and Contract Sub-delegations Procedure. Visit the ICT Procurement webpage for additional information and relevant forms, templates and guidelines.

If UQ consumers acquire new software, ITS Customer Support Services (or local IT support) will not be able to provide user support (e.g. how to use the software) unless this is agreed and resourced during the procurement process.

UQ consumers should visit the Purchasing or requesting software web page for more information, and guidance. UQ staff should also visit the External learning tools web page for guidance if they are acquiring new software for teaching and learning.

If a UQ consumer is considering entering into a software agreement they must also:

Where software must be registered with the publisher(s) or vendor(s) of the software, “The University of Queensland” must be used as the licensee name.

If software can only be purchased with a UQ credit card (not preferred), UQ consumers must record the relevant software details (listed on the Purchasing and requesting software page) when reconciling the credit card transaction in the expense management system.   

3.4.1   Software for widespread use

If UQ consumers require software for widespread use (e.g. UQ-wide, all professional staff, or all students) they must visit the Projects with IT requirements web page for information, guidance and assistance completing an IT project proposal.

3.4.2    Individually licensed software

Individually licensed software includes software that is:

  • installed locally on a device; or

  • linked to a UQ consumer.

To acquire new software licences, UQ consumers must:

  • follow the process listed on the Purchasing or requesting software page to request a quote from UQ’s preferred software suppliers;

  • ensure an appropriate number of licences are purchased to cover installation and usage of the software; and

  • ensure the provisions of licences purchased are appropriate for the type of use intended (e.g. academic, research, commercial).

If UQ consumers cannot acquire the necessary software via UQ’s preferred suppliers, they must visit the Projects with IT requirements web page for information, guidance and assistance completing an IT project proposal.

3.4.3    Software-as-a-Service (SaaS) or Cloud software

Software as a Service (SaaS) or cloud applications are software and services that are hosted via remote external servers and accessed through a web browser, instead of locally on a computer. These are also known as web-based applications.

To acquire new SaaS software (even if there is no cost) for use at UQ, consumers must visit the Projects with IT requirements web page for information, guidance and assistance completing an IT project proposal.

When acquiring new SaaS software, the Procurement Coordinator (the UQ consumer acquiring the software) must consider UQ’s information security and cyber security, even if there is no cost to UQ.

The Procurement Coordinator must classify the information to be stored in or accessed by the software, in accordance with the Information Security Classification Procedure. Procurement Coordinators must also consider whether any personally identifiable information will be stored in or accessed by the software.

Based on the information security classification (and whether the software will store/access personally identifiable information), certain security controls will apply and this may mean that certain well known, low-cost SaaS software solutions are not appropriate for use.

The Procurement Coordinator must contact the relevant IT support team (listed on the Projects with IT requirements page) for support classifying information and completing the cloud services cyber security checklist, to ensure that the SaaS solution meets UQ’s security standards.

4.0    Roles, Responsibilities and Accountabilities

4.1    UQ consumers

UQ consumers are responsible for:

  • using the UQ Standard Software Catalogue to access software at UQ;

  • complying with all software usage restrictions, licence conditions and installation requirements;

  • referring to the Purchasing and requesting software page to obtain software not available through the Standard Software Catalogue, noting that software terms can only be accepted by the appropriate ICT Contract Delegate or Sub-delegate;

  • following the instructions on the Purchasing and requesting software page if purchasing software with a UQ credit card (not preferred); and

  • complying with all UQ and ICT requirements if acquiring software outside the Standard Software Catalogue or UQ’s preferred suppliers list.

UQ consumers who are Procurement Coordinators (the individual responsible for undertaking a specific procurement activity) are responsible for:

  • compliance with all relevant UQ and ICT policies and procedures, including procurement, cyber security and financial and contract sub-delegations.

4.2    ITS Customer Support Services and Local IT support

ITS Customer Support Services and local IT support teams are responsible for the following (for the business units they support):

  • installation of software that cannot be self-installed;

  • disposal of software; and

  • providing support to ensure software is installed and functional for UQ consumers.

Additional software asset management responsibilities are defined in the IT Software Asset Management Local Standard Operating Procedure (LSOP).

4.3    Licensing Sub-category Manager

The Licensing Sub-category Manager is responsible for maintaining this procedure, including providing assurance and ensuring compliance.

4.4    Chief Information Officer

As the ICT Category Owner, the Chief Information Officer is accountable for software asset management.

4.5    ICT Contract Sub-delegates

ICT Contract Sub-delegates (and their delegation limits) are defined in the Schedule of Contract Delegations and Sub-Delegations.

ICT Contract Sub-delegates are responsible for:

5.0    Monitoring, Review and Assurance

The Licensing Sub-category Manager will review this procedure as required to ensure its currency and relevance.

ITS also undertakes software asset management activities and software audits to monitor licence compliance, consumption and usage. These processes are outlined in detail in the IT Software Asset Management Local Standard Operating Procedure.

6.0    Recording and Reporting

In compliance with the ICT Contract and Supplier Management Procedure, ICT Procurement will store all software contracts in UQ’s record keeping system, and ensure additional information is logged in the ICT contracts register.

In compliance with the IT Software Asset Management Local Standard Operating Procedure (IT staff only):

  • UQ’s software licence entitlements are recorded in UQ’s Software Asset Management (SAM) tool; and

  • the Information Technology Asset Management (ITAM) committee reports quarterly to the Information Technology Governance Committee (ITGC) on software asset management.

7.0    Appendix

7.1    Definitions

UQ consumer - UQ students, staff, contractors and consultants, visitors, affiliates and third parties.

UQ-licensed software - software available to UQ consumers for use for UQ purposes (academic, research or administrative use).

Individually licensed software - software that is installed locally on a device, or linked to a UQ consumer.

SaaS/Cloud software - software and services that are hosted via remote external servers and accessed through a web browser, instead of locally on a computer.

ICT contract delegate or sub-delegate - individuals who have authority to accept ICT contract terms on behalf of UQ, as specified in the Financial and Contract Sub-delegations Procedure (and associated supporting documentation.

Procurement Coordinator - the UQ consumer responsible for undertaking a specific procurement activity.

 

Custodians
Chief Information Officer Mr Rowan Salt
Custodians
Chief Information Officer Mr Rowan Salt