70 likes | 145 Views
Software Life-Cycle Management. OIT Site Licensing Michael J Dangler. History. 2008: Internal Audit reviewed several areas around the University for software management processes Early 2009: OIT begins the Anti-Malware project.
E N D
Software Life-Cycle Management OIT Site Licensing Michael J Dangler
History • 2008: Internal Audit reviewed several areas around the University for software management processes • Early 2009: OIT begins the Anti-Malware project. • Summer 2009: OIT Site License Advisory Team forms from the Anti-Malware project members • Aug. – Nov. 2009: Discussion of Software Life-Cycle, centering on OIT’s process and seeking input on departmental process. • http://oit.osu.edu/site_license/slat.html
Software Life-Cycle Management • Best Practices (not a policy or standard) • Divided in two parts: • How to contact OIT Site Licensing to request licensing of a product • How departments can manage products internally, using OIT Site Licensing’s process as a model • OIT is also working toward these best practices
Goals of Life-Cycle Management • Provide best practices to departments • Help new staff members understand some of the processes OIT does, and help guide them toward best practices • Set a goal within OIT for responsible management of software that minimizes risk and exposure
Overview of the Document • Licensing Software through OIT • Managing software within a department • Needs Assessment • Acquisition • Distribution • Asset Management • Compliance • Retirement and Sanitation • Relies on some ISO controls throughout
Key Points in the Guide • References Site Licensing policies • Makes request forms available • Indicates that OIT will seek to utilize these practices • Offers resources for departments who want to license something other than what OIT has licensed centrally • Provides resources for disability/accessibility testing • Helps define roles for management
Final Notes • OIT-SL considers this a “living” document: we hope for (and expect) feedback on the document, and requests for products to help departments take advantage of these practices • “Best Practice,” not “policy” • Additional resources are expected to become available over time