SlideShare uma empresa Scribd logo

Navigating saa s agreements

Transferir como PPTX, PDF
K
kevin_donovan

Navigating saa s agreements

Educação
1 de 13
FAS IT Stakeholders’ and CAIT Managers’ Forum Wednesday, January 27, 2016 Lamont Library Forum Room Navigating Click-Through SaaS Agreements
Announcements  Noah Selsby – Network Maintenance: March 11-12  Gretchen Grozier – HarvardKey Update 2
Framing the SaaS Environment  Eric D’Souza – HUIT PMO Panelists  Peter Katz – Office of the General Counsel  Rick Kellan – Risk Management and Audit Services  Sandy Silk – IT Security  Chris Gambon – Strategic Procurement  Ellen Gulachenski – HUIT PMO / Vendor Management Office 3
The Business Case  I am an administrator  I have a specific business need  I found a small SaaS-based application, and I have a click-through agreement in front of me on my screen. Should I click “agree?” 4
Legal Questions 1) Am I authorized to sign or click through an online license agreement on behalf of the University? 2) How important is the service I am acquiring? Should I be signing a boilerplate license for an important service? 3) Is there an existing negotiated University contract for the service? 5
Risk Management Questions 4) What type of data is it? Is it Level 3 or above? 5) Do we need to control vendor access to or use of the data? 6) Can Harvard recover the data if we exit the agreement or if the vendor goes out of business? 6
7) What is the potential harm if data gets corrupted, deleted, or exposed? 8) Who is going to manage access to the system and remove access when people leave? 9) If I leave, can Harvard still use the service and the data? IT Security Questions 7
Vendor Performance Questions 10) Is the service defined concretely enough in the click-through agreement (e.g., customer support)? 11) What aspects of the service will be used to measure quality (e.g., availability)? 12) What recourse do you have if there is an issue with delivery or quality? 8
Vendor Management Life Cycle Vendor Management Life Cycle Service Sourcing Strategy 1. Define Service Sourcing Strategy and align to organizational strategy Procurement 2. Vendor evaluation and selection 3. Contract negotiations Vendor Performance Management 4. Contract management & administration 5. Vendor relationship management 6. Risk management (financial, operational and compliance) 7. Service, license, and deployment management
Key Questions - Summary 1) Am I authorized to sign or click through an online license agreement on behalf of the University? 2) How important is the service I am acquiring? Should I be signing a boilerplate license for an important service? 3) Is there an existing negotiated University contract for the service? 4) What type of data is it? Is it level 3 or above? 5) Do we need to control vendor access to or use of the data? 6) Can Harvard recover the data, either if we exit the agreement or if the vendor goes out of business? 7) What is the potential harm if data gets corrupted, deleted, or exposed? 8) Who is going to manage access to the system and remove access when people leave? 9) If I leave, can Harvard still use the service and the data? 10) Is the service defined concretely enough in the click-through agreement? 11) What aspects of the service will be used to measure quality? 12) What recourse do you have if there is an issue with delivery or quality? 10
The Business Case - Revisited Should I click “agree?” Has the discussion today impacted the way you will approach answering this question? 11
Helpful Resources  General IT Questions or Assistance: ithelp@harvard.edu  Vendor Security Risk Assessment Requests: itsec-ec@harvard.edu  General Security Guidance: http://security.harvard.edu  Sourcing or Contract Questions christopher_gambon@harvard.edu  HUIT VMO Questions or Contact: huitvm@harvard.edu  Cloud Service Providers: http://rmas.fad.harvard.edu/cloud-service-providers  Harvard Cloud and DevOps: http://cloud.huit.harvard.edu/  Cloud Connect Event – Fri., Feb. 19: cloud.huit.harvard.edu/event/cloud-connect 12
Thank you.

Recomendados

Standard i sites migration
Standard i sites migrationStandard i sites migration
Standard i sites migrationkevin_donovan
 
Information security
Information securityInformation security
Information securitykevin_donovan
 
I sites migration
I sites migrationI sites migration
I sites migrationkevin_donovan
 
Uber Operations - 2012 Capabilities Presentation
Uber Operations - 2012 Capabilities PresentationUber Operations - 2012 Capabilities Presentation
Uber Operations - 2012 Capabilities PresentationEduardo Gonzalez Loumiet, MBA, PMP, CPHIMS
 
Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04kevin_donovan
 
The infrastructure review process and aggregated results, by Rohan Slaughter
The infrastructure review process and aggregated results, by Rohan SlaughterThe infrastructure review process and aggregated results, by Rohan Slaughter
The infrastructure review process and aggregated results, by Rohan SlaughterJisc
 
Top 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationTop 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationWatchful Software
 
Contributing to the pursuit of excellence, by Caroline Cooke
Contributing to the pursuit of excellence, by Caroline CookeContributing to the pursuit of excellence, by Caroline Cooke
Contributing to the pursuit of excellence, by Caroline CookeJisc
 

Recomendados

Standard i sites migration
Standard i sites migrationStandard i sites migration
Standard i sites migrationkevin_donovan
 
Information security
Information securityInformation security
Information securitykevin_donovan
 
I sites migration
I sites migrationI sites migration
I sites migrationkevin_donovan
 
Uber Operations - 2012 Capabilities Presentation
Uber Operations - 2012 Capabilities PresentationUber Operations - 2012 Capabilities Presentation
Uber Operations - 2012 Capabilities PresentationEduardo Gonzalez Loumiet, MBA, PMP, CPHIMS
 
Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04Information security fasit-cait-20150129_v04
Information security fasit-cait-20150129_v04kevin_donovan
 
The infrastructure review process and aggregated results, by Rohan Slaughter
The infrastructure review process and aggregated results, by Rohan SlaughterThe infrastructure review process and aggregated results, by Rohan Slaughter
The infrastructure review process and aggregated results, by Rohan SlaughterJisc
 
Top 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationTop 10 Best Practices for Implementing Data Classification
Top 10 Best Practices for Implementing Data ClassificationWatchful Software
 
Contributing to the pursuit of excellence, by Caroline Cooke
Contributing to the pursuit of excellence, by Caroline CookeContributing to the pursuit of excellence, by Caroline Cooke
Contributing to the pursuit of excellence, by Caroline CookeJisc
 
Hadoop in Healthcare Systems
Hadoop in Healthcare SystemsHadoop in Healthcare Systems
Hadoop in Healthcare SystemsDataWorks Summit/Hadoop Summit
 
OpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
OpenAthens Conference 2018 - Trevor Hough - Case study - University of LeedsOpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
OpenAthens Conference 2018 - Trevor Hough - Case study - University of LeedsOpenAthens
 
APAN50 - Removing barriers to knowledge
APAN50 - Removing barriers to knowledgeAPAN50 - Removing barriers to knowledge
APAN50 - Removing barriers to knowledgeOpenAthens
 
Hongsermeier app store for health
Hongsermeier app store for healthHongsermeier app store for health
Hongsermeier app store for healthTrimed Media Group
 
Schwing Challenges to Successful Authentication Change
Schwing Challenges to Successful Authentication ChangeSchwing Challenges to Successful Authentication Change
Schwing Challenges to Successful Authentication ChangeNational Information Standards Organization (NISO)
 
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens
 
Access Lab 2020: FOLIO + OpenAthens integration
Access Lab 2020: FOLIO + OpenAthens integrationAccess Lab 2020: FOLIO + OpenAthens integration
Access Lab 2020: FOLIO + OpenAthens integrationOpenAthens
 
Real-Time Clinical Analytics
Real-Time Clinical AnalyticsReal-Time Clinical Analytics
Real-Time Clinical AnalyticsDataWorks Summit
 
Make a case for Data Classification in your organization
Make a case for Data Classification in your organizationMake a case for Data Classification in your organization
Make a case for Data Classification in your organizationWatchful Software
 
Introduction to SeamlessAccess
Introduction to SeamlessAccessIntroduction to SeamlessAccess
Introduction to SeamlessAccessOpenAthens
 
Authority and VValidation in Digital Communications
Authority and VValidation in Digital CommunicationsAuthority and VValidation in Digital Communications
Authority and VValidation in Digital CommunicationsORCID, Inc
 
Leahy - What can SAML/Shibboleth do for your institution?
Leahy - What can SAML/Shibboleth do for your institution?Leahy - What can SAML/Shibboleth do for your institution?
Leahy - What can SAML/Shibboleth do for your institution?National Information Standards Organization (NISO)
 
Oracle data integrator suite services
Oracle data integrator suite servicesOracle data integrator suite services
Oracle data integrator suite servicesYASH Technologies
 
Health Information Exchange Standards - Compliance via Integration Testing
Health Information Exchange Standards - Compliance via Integration TestingHealth Information Exchange Standards - Compliance via Integration Testing
Health Information Exchange Standards - Compliance via Integration TestingHealth Informatics New Zealand
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standardkevin_donovan
 
New Zealand on FHIR - HiNZ 2019
New Zealand on FHIR - HiNZ 2019New Zealand on FHIR - HiNZ 2019
New Zealand on FHIR - HiNZ 2019Peter Jordan
 
HL7 FHIR FoundationTopics for Non-Developers
HL7 FHIR FoundationTopics for Non-DevelopersHL7 FHIR FoundationTopics for Non-Developers
HL7 FHIR FoundationTopics for Non-DevelopersPeter Jordan
 
Healthcare Intelligence Solutions through Datanex
Healthcare Intelligence Solutions through DatanexHealthcare Intelligence Solutions through Datanex
Healthcare Intelligence Solutions through DatanexTravis Leonardi
 
Keeping FE on track and progressing, by Rob Rawlinson
Keeping FE on track and progressing, by Rob RawlinsonKeeping FE on track and progressing, by Rob Rawlinson
Keeping FE on track and progressing, by Rob RawlinsonJisc
 
The Future of Standards
The Future of StandardsThe Future of Standards
The Future of StandardsHealth Informatics New Zealand
 
A Sharing Economy
A Sharing EconomyA Sharing Economy
A Sharing EconomyTorque Data
 
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?centralohioissa
 

Mais conteúdo relacionado

Mais procurados

OpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
OpenAthens Conference 2018 - Trevor Hough - Case study - University of LeedsOpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
OpenAthens Conference 2018 - Trevor Hough - Case study - University of LeedsOpenAthens
 
APAN50 - Removing barriers to knowledge
APAN50 - Removing barriers to knowledgeAPAN50 - Removing barriers to knowledge
APAN50 - Removing barriers to knowledgeOpenAthens
 
Hongsermeier app store for health
Hongsermeier app store for healthHongsermeier app store for health
Hongsermeier app store for healthTrimed Media Group
 
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens
 
Access Lab 2020: FOLIO + OpenAthens integration
Access Lab 2020: FOLIO + OpenAthens integrationAccess Lab 2020: FOLIO + OpenAthens integration
Access Lab 2020: FOLIO + OpenAthens integrationOpenAthens
 
Real-Time Clinical Analytics
Real-Time Clinical AnalyticsReal-Time Clinical Analytics
Real-Time Clinical AnalyticsDataWorks Summit
 
Make a case for Data Classification in your organization
Make a case for Data Classification in your organizationMake a case for Data Classification in your organization
Make a case for Data Classification in your organizationWatchful Software
 
Introduction to SeamlessAccess
Introduction to SeamlessAccessIntroduction to SeamlessAccess
Introduction to SeamlessAccessOpenAthens
 
Authority and VValidation in Digital Communications
Authority and VValidation in Digital CommunicationsAuthority and VValidation in Digital Communications
Authority and VValidation in Digital CommunicationsORCID, Inc
 
Oracle data integrator suite services
Oracle data integrator suite servicesOracle data integrator suite services
Oracle data integrator suite servicesYASH Technologies
 
Health Information Exchange Standards - Compliance via Integration Testing
Health Information Exchange Standards - Compliance via Integration TestingHealth Information Exchange Standards - Compliance via Integration Testing
Health Information Exchange Standards - Compliance via Integration TestingHealth Informatics New Zealand
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standardkevin_donovan
 
New Zealand on FHIR - HiNZ 2019
New Zealand on FHIR - HiNZ 2019New Zealand on FHIR - HiNZ 2019
New Zealand on FHIR - HiNZ 2019Peter Jordan
 
HL7 FHIR FoundationTopics for Non-Developers
HL7 FHIR FoundationTopics for Non-DevelopersHL7 FHIR FoundationTopics for Non-Developers
HL7 FHIR FoundationTopics for Non-DevelopersPeter Jordan
 
Healthcare Intelligence Solutions through Datanex
Healthcare Intelligence Solutions through DatanexHealthcare Intelligence Solutions through Datanex
Healthcare Intelligence Solutions through DatanexTravis Leonardi
 
Keeping FE on track and progressing, by Rob Rawlinson
Keeping FE on track and progressing, by Rob RawlinsonKeeping FE on track and progressing, by Rob Rawlinson
Keeping FE on track and progressing, by Rob RawlinsonJisc
 

Mais procurados (20)

Hadoop in Healthcare Systems
Hadoop in Healthcare SystemsHadoop in Healthcare Systems
Hadoop in Healthcare Systems
 
OpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
OpenAthens Conference 2018 - Trevor Hough - Case study - University of LeedsOpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
OpenAthens Conference 2018 - Trevor Hough - Case study - University of Leeds
 
APAN50 - Removing barriers to knowledge
APAN50 - Removing barriers to knowledgeAPAN50 - Removing barriers to knowledge
APAN50 - Removing barriers to knowledge
 
Hongsermeier app store for health
Hongsermeier app store for healthHongsermeier app store for health
Hongsermeier app store for health
 
Schwing Challenges to Successful Authentication Change
Schwing Challenges to Successful Authentication ChangeSchwing Challenges to Successful Authentication Change
Schwing Challenges to Successful Authentication Change
 
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
OpenAthens Conference 2018 - Adam Snook - Quick wins for an easier user journ...
 
Access Lab 2020: FOLIO + OpenAthens integration
Access Lab 2020: FOLIO + OpenAthens integrationAccess Lab 2020: FOLIO + OpenAthens integration
Access Lab 2020: FOLIO + OpenAthens integration
 
Real-Time Clinical Analytics
Real-Time Clinical AnalyticsReal-Time Clinical Analytics
Real-Time Clinical Analytics
 
Make a case for Data Classification in your organization
Make a case for Data Classification in your organizationMake a case for Data Classification in your organization
Make a case for Data Classification in your organization
 
Introduction to SeamlessAccess
Introduction to SeamlessAccessIntroduction to SeamlessAccess
Introduction to SeamlessAccess
 
Authority and VValidation in Digital Communications
Authority and VValidation in Digital CommunicationsAuthority and VValidation in Digital Communications
Authority and VValidation in Digital Communications
 
Leahy - What can SAML/Shibboleth do for your institution?
Leahy - What can SAML/Shibboleth do for your institution?Leahy - What can SAML/Shibboleth do for your institution?
Leahy - What can SAML/Shibboleth do for your institution?
 
Oracle data integrator suite services
Oracle data integrator suite servicesOracle data integrator suite services
Oracle data integrator suite services
 
Health Information Exchange Standards - Compliance via Integration Testing
Health Information Exchange Standards - Compliance via Integration TestingHealth Information Exchange Standards - Compliance via Integration Testing
Health Information Exchange Standards - Compliance via Integration Testing
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
 
New Zealand on FHIR - HiNZ 2019
New Zealand on FHIR - HiNZ 2019New Zealand on FHIR - HiNZ 2019
New Zealand on FHIR - HiNZ 2019
 
HL7 FHIR FoundationTopics for Non-Developers
HL7 FHIR FoundationTopics for Non-DevelopersHL7 FHIR FoundationTopics for Non-Developers
HL7 FHIR FoundationTopics for Non-Developers
 
Healthcare Intelligence Solutions through Datanex
Healthcare Intelligence Solutions through DatanexHealthcare Intelligence Solutions through Datanex
Healthcare Intelligence Solutions through Datanex
 
Keeping FE on track and progressing, by Rob Rawlinson
Keeping FE on track and progressing, by Rob RawlinsonKeeping FE on track and progressing, by Rob Rawlinson
Keeping FE on track and progressing, by Rob Rawlinson
 
The Future of Standards
The Future of StandardsThe Future of Standards
The Future of Standards
 

Semelhante a Navigating saa s agreements

A Sharing Economy
A Sharing EconomyA Sharing Economy
A Sharing EconomyTorque Data
 
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?centralohioissa
 
Cloud - Everyone is doing it, But is it safe?
Cloud - Everyone is doing it, But is it safe?Cloud - Everyone is doing it, But is it safe?
Cloud - Everyone is doing it, But is it safe?Jean-Marie Abi-Ghanem
 
Bringing the Cloud Back to Earth
Bringing the Cloud Back to EarthBringing the Cloud Back to Earth
Bringing the Cloud Back to EarthSri Chalasani
 
From information to intelligence
From information to intelligence From information to intelligence
From information to intelligence Srini Koushik
 
Choosing it managed service provider
Choosing it managed service providerChoosing it managed service provider
Choosing it managed service providerHEMinnovative
 
Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!Continuity and Resilience
 
Vertex_Why_Software_Non_Negotiable_WP
Vertex_Why_Software_Non_Negotiable_WPVertex_Why_Software_Non_Negotiable_WP
Vertex_Why_Software_Non_Negotiable_WPLuke Arrington
 
Learn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow InvestmentLearn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow InvestmentStave
 
DataPorts Survey #1 Identify Market Needs
DataPorts Survey #1 Identify Market NeedsDataPorts Survey #1 Identify Market Needs
DataPorts Survey #1 Identify Market NeedsDataPortsProject
 
AIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECMAIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECMnicarcher
 
Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014GBX Summits
 
mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) Jim Kaplan CIA CFE
 
Technology Governance & Migration In The AI Era
Technology Governance & Migration In The AI EraTechnology Governance & Migration In The AI Era
Technology Governance & Migration In The AI Era2toLead Limited
 
Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)Gord Reynolds
 
How to Sell Security to Your CIO
How to Sell Security to Your CIOHow to Sell Security to Your CIO
How to Sell Security to Your CIORapid7
 
Focused agile audit planning using analytics
Focused agile audit planning using analyticsFocused agile audit planning using analytics
Focused agile audit planning using analyticsJim Kaplan CIA CFE
 
Project 1 Template (Due on Week 4)Name.docx
Project 1 Template (Due on Week 4)Name.docxProject 1 Template (Due on Week 4)Name.docx
Project 1 Template (Due on Week 4)Name.docxsimonlbentley59018
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
Running head RESPONSE .docx
Running head RESPONSE .docxRunning head RESPONSE .docx
Running head RESPONSE .docxtoltonkendal
 

Semelhante a Navigating saa s agreements (20)

A Sharing Economy
A Sharing EconomyA Sharing Economy
A Sharing Economy
 
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?Jeffrey Sweet - Third Party Risk Governance - Why? and How?
Jeffrey Sweet - Third Party Risk Governance - Why? and How?
 
Cloud - Everyone is doing it, But is it safe?
Cloud - Everyone is doing it, But is it safe?Cloud - Everyone is doing it, But is it safe?
Cloud - Everyone is doing it, But is it safe?
 
Bringing the Cloud Back to Earth
Bringing the Cloud Back to EarthBringing the Cloud Back to Earth
Bringing the Cloud Back to Earth
 
From information to intelligence
From information to intelligence From information to intelligence
From information to intelligence
 
Choosing it managed service provider
Choosing it managed service providerChoosing it managed service provider
Choosing it managed service provider
 
Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!Getting your Strategy Right – in a SMAC World!
Getting your Strategy Right – in a SMAC World!
 
Vertex_Why_Software_Non_Negotiable_WP
Vertex_Why_Software_Non_Negotiable_WPVertex_Why_Software_Non_Negotiable_WP
Vertex_Why_Software_Non_Negotiable_WP
 
Learn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow InvestmentLearn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow Investment
 
DataPorts Survey #1 Identify Market Needs
DataPorts Survey #1 Identify Market NeedsDataPorts Survey #1 Identify Market Needs
DataPorts Survey #1 Identify Market Needs
 
AIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECMAIIM and Vamosa - Practical Cosniderations when Implementing ECM
AIIM and Vamosa - Practical Cosniderations when Implementing ECM
 
Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014
 
mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10)
 
Technology Governance & Migration In The AI Era
Technology Governance & Migration In The AI EraTechnology Governance & Migration In The AI Era
Technology Governance & Migration In The AI Era
 
Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)Capgemini ses - security po v (gr)
Capgemini ses - security po v (gr)
 
How to Sell Security to Your CIO
How to Sell Security to Your CIOHow to Sell Security to Your CIO
How to Sell Security to Your CIO
 
Focused agile audit planning using analytics
Focused agile audit planning using analyticsFocused agile audit planning using analytics
Focused agile audit planning using analytics
 
Project 1 Template (Due on Week 4)Name.docx
Project 1 Template (Due on Week 4)Name.docxProject 1 Template (Due on Week 4)Name.docx
Project 1 Template (Due on Week 4)Name.docx
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
 
Running head RESPONSE .docx
Running head RESPONSE .docxRunning head RESPONSE .docx
Running head RESPONSE .docx
 

Mais de kevin_donovan

It summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalIt summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalkevin_donovan
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standardkevin_donovan
 
Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531kevin_donovan
 
It summit 2016_combined
It summit 2016_combinedIt summit 2016_combined
It summit 2016_combinedkevin_donovan
 
It summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosasIt summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosaskevin_donovan
 
Hms crash planitsummit2016
Hms crash planitsummit2016Hms crash planitsummit2016
Hms crash planitsummit2016kevin_donovan
 
It summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosasIt summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosaskevin_donovan
 
Lightbox ham it_summit_final
Lightbox ham it_summit_finalLightbox ham it_summit_final
Lightbox ham it_summit_finalkevin_donovan
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforcekevin_donovan
 
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...kevin_donovan
 
Tlt and friends it summit 2016
Tlt and friends it summit 2016Tlt and friends it summit 2016
Tlt and friends it summit 2016kevin_donovan
 
Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16kevin_donovan
 
Phish, flop, or fine
Phish, flop, or fine Phish, flop, or fine
Phish, flop, or fine kevin_donovan
 
IT Academy at IT Summti
IT Academy at IT SummtiIT Academy at IT Summti
IT Academy at IT Summtikevin_donovan
 
Mobile firstpresentation huit
Mobile firstpresentation huitMobile firstpresentation huit
Mobile firstpresentation huitkevin_donovan
 
Saving our social_media
Saving our social_mediaSaving our social_media
Saving our social_mediakevin_donovan
 

Mais de kevin_donovan (20)

It summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-finalIt summit data mgmt-2016.06.02-final
It summit data mgmt-2016.06.02-final
 
2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard2016 it summit_accessibility_2016-05-24_standard
2016 it summit_accessibility_2016-05-24_standard
 
Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531Fphs informatics for 2016 it summit 160531
Fphs informatics for 2016 it summit 160531
 
It summit 2016_combined
It summit 2016_combinedIt summit 2016_combined
It summit 2016_combined
 
It summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosasIt summit dataverse-bigdata-mercecrosas
It summit dataverse-bigdata-mercecrosas
 
Hms crash planitsummit2016
Hms crash planitsummit2016Hms crash planitsummit2016
Hms crash planitsummit2016
 
It summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosasIt summit facilitate-researchcomputing-mercecrosas
It summit facilitate-researchcomputing-mercecrosas
 
Lightbox ham it_summit_final
Lightbox ham it_summit_finalLightbox ham it_summit_final
Lightbox ham it_summit_final
 
It summit salesforce
It summit salesforceIt summit salesforce
It summit salesforce
 
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
Harvard it summit 2016 - opencast in the cloud at harvard dce- live and on-d...
 
Fa qs 2016-04-21
Fa qs 2016-04-21Fa qs 2016-04-21
Fa qs 2016-04-21
 
Tlt and friends it summit 2016
Tlt and friends it summit 2016Tlt and friends it summit 2016
Tlt and friends it summit 2016
 
Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16Harvard phone it summit demo 06.02.16
Harvard phone it summit demo 06.02.16
 
Phish, flop, or fine
Phish, flop, or fine Phish, flop, or fine
Phish, flop, or fine
 
Waldo Summit 2016
Waldo Summit 2016Waldo Summit 2016
Waldo Summit 2016
 
IT Academy at IT Summti
IT Academy at IT SummtiIT Academy at IT Summti
IT Academy at IT Summti
 
Mobile firstpresentation huit
Mobile firstpresentation huitMobile firstpresentation huit
Mobile firstpresentation huit
 
Saving our social_media
Saving our social_mediaSaving our social_media
Saving our social_media
 
Urc it summit-2
Urc it summit-2Urc it summit-2
Urc it summit-2
 
Tlt success
Tlt successTlt success
Tlt success
 

Último

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 

Último (20)

INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 

Navigating saa s agreements

  • 1. FAS IT Stakeholders’ and CAIT Managers’ Forum Wednesday, January 27, 2016 Lamont Library Forum Room Navigating Click-Through SaaS Agreements
  • 2. Announcements  Noah Selsby – Network Maintenance: March 11-12  Gretchen Grozier – HarvardKey Update 2
  • 3. Framing the SaaS Environment  Eric D’Souza – HUIT PMO Panelists  Peter Katz – Office of the General Counsel  Rick Kellan – Risk Management and Audit Services  Sandy Silk – IT Security  Chris Gambon – Strategic Procurement  Ellen Gulachenski – HUIT PMO / Vendor Management Office 3
  • 4. The Business Case  I am an administrator  I have a specific business need  I found a small SaaS-based application, and I have a click-through agreement in front of me on my screen. Should I click “agree?” 4
  • 5. Legal Questions 1) Am I authorized to sign or click through an online license agreement on behalf of the University? 2) How important is the service I am acquiring? Should I be signing a boilerplate license for an important service? 3) Is there an existing negotiated University contract for the service? 5
  • 6. Risk Management Questions 4) What type of data is it? Is it Level 3 or above? 5) Do we need to control vendor access to or use of the data? 6) Can Harvard recover the data if we exit the agreement or if the vendor goes out of business? 6
  • 7. 7) What is the potential harm if data gets corrupted, deleted, or exposed? 8) Who is going to manage access to the system and remove access when people leave? 9) If I leave, can Harvard still use the service and the data? IT Security Questions 7
  • 8. Vendor Performance Questions 10) Is the service defined concretely enough in the click-through agreement (e.g., customer support)? 11) What aspects of the service will be used to measure quality (e.g., availability)? 12) What recourse do you have if there is an issue with delivery or quality? 8
  • 9. Vendor Management Life Cycle Vendor Management Life Cycle Service Sourcing Strategy 1. Define Service Sourcing Strategy and align to organizational strategy Procurement 2. Vendor evaluation and selection 3. Contract negotiations Vendor Performance Management 4. Contract management & administration 5. Vendor relationship management 6. Risk management (financial, operational and compliance) 7. Service, license, and deployment management
  • 10. Key Questions - Summary 1) Am I authorized to sign or click through an online license agreement on behalf of the University? 2) How important is the service I am acquiring? Should I be signing a boilerplate license for an important service? 3) Is there an existing negotiated University contract for the service? 4) What type of data is it? Is it level 3 or above? 5) Do we need to control vendor access to or use of the data? 6) Can Harvard recover the data, either if we exit the agreement or if the vendor goes out of business? 7) What is the potential harm if data gets corrupted, deleted, or exposed? 8) Who is going to manage access to the system and remove access when people leave? 9) If I leave, can Harvard still use the service and the data? 10) Is the service defined concretely enough in the click-through agreement? 11) What aspects of the service will be used to measure quality? 12) What recourse do you have if there is an issue with delivery or quality? 10
  • 11. The Business Case - Revisited Should I click “agree?” Has the discussion today impacted the way you will approach answering this question? 11
  • 12. Helpful Resources  General IT Questions or Assistance: ithelp@harvard.edu  Vendor Security Risk Assessment Requests: itsec-ec@harvard.edu  General Security Guidance: http://security.harvard.edu  Sourcing or Contract Questions christopher_gambon@harvard.edu  HUIT VMO Questions or Contact: huitvm@harvard.edu  Cloud Service Providers: http://rmas.fad.harvard.edu/cloud-service-providers  Harvard Cloud and DevOps: http://cloud.huit.harvard.edu/  Cloud Connect Event – Fri., Feb. 19: cloud.huit.harvard.edu/event/cloud-connect 12