Acquisition and Development addresses the selection, acquiring or development of any IT asset, including hardware, software, data, and IT services. The cybersecurity-related policies in this portfolio are mapped to the NIST SP 800-53 control families.

Policies

• Accounting Services - Credit Card Merchant Services and PCI Compliance (device acquisition, merchant accounts, third-party vendors) _{(on bussvc.wisc.edu)}

• DoIT - Standards for Managing Test and Service Accounts _{(please contact itpolicy@cio.wisc.edu)}

• Purchasing Services - Purchasing Policies & Procedures _{(on bussvc.wisc.edu)}

• UW System _{(on wisconsin.edu)}

  • 1110 Information Technology Acquisitions Approval
  • 25-4 Strategic Planning and Large or High Risk Projects

Related Documents

• IT Policy-related

  • Cloud Services
  • Non-UW-Madison Applications and Services Guidelines

• IT Governance _{(on it.wisc.edu)}

  • Project Intake and Prioritization _{(main entry: Resource Management)}
  • Service Catalog _{(main entry: Resource Management)}