IT Vendor Assessment Resource Center
Comprehensive list of resources when selecting a new higher ed IT vendor
Explore industry best questions and templates to collect information for complete and accurate vendor product assessment when selecting a new higher ed IT vendor.
As authority to purchase vendor products sprawls across campus, CIOs are often tasked with implementing tech they had little opportunity to weigh in on. And when CIOs are able to assess vendor products, they do so informally and do not collect all of the information they need. Furthermore, their gathered intel is not standardized between potential vendor products, making it hard to compare between products or explain vendor selection decisions.
Mature IT departments utilize a suite of standard templates to collect necessary information on potential products, vendors, and university customers and make informed decisions.
EAB has consolidated research, templates, and questionnaires from industry leaders and higher education IT departments to help you assess potential vendor products.
"“With our RFI we don’t expect vendors to have perfect answers for every item. We just want to surface ‘known unknowns’.”
"
Resource center supports gathering of necessary information for vendor purchases
-
Customer information
Work with customers to articulate your business needs.
-
Vendor information
Define a standard set of vendor questions to assess cloud services for compliance and suitability.
-
Peer information
Understand and standardize peer university’s experience with vendors.
Help customers articulate their business needs
IT Project Prioritization Scorecard Template
Project Prioritization Frameworks that Work
Request intake resources
Customer request intake questionnaire
- What is the problem you are trying to solve? (Describe the business problem your idea will address)
- How will this idea benefit the University? (Describe how this idea aligns with university’s strategic plan)
- How will the University community be impacted? (Describe how this idea will impact students, faculty, staff and other members of the Drake community in areas including, but not limited to, teaching, learning, work and life on campus)
- Additional information about your idea? (Provide any additional information about the business problem and the proposed idea to address it)
Drake University ROI scorecard
This questionnaire guides customers in estimating the return on investment for a potential product. Results will be automatically calculated and graphed to allow for ease of use.
Gather key metrics from vendors
Institutions can use the scorecard standards in RFPs and also to benchmark or evaluate services against key criteria important to your institution’s strategic goals and IT infrastructure.
- Start with this standardized list of questions from Internet2’s standardized RFI Template. This 39-question list succinctly captures the majority of IT leaders’ greatest inquiries of vendor products.
- Customize your vendor template by adding questions from EAB’s list of Supplemental Questions
Supplemental questions and peer university resources
Contracts
- How long has your organization been in business? How long have you been providing this service?
- Are you willing to agree with the terms and conditions of the Institution’s Non-Disclosure Agreement? Need a link/reference.
- Licensing – how is product licensing handled? Are all components licensed from you, or are there certain components that the Institution will need to license directly with the product author? If so, what are these?
- Will you provide advanced notice of pricing changes?
- Have you supplied products and/or services to the Institution or its Campuses in the last five years? If yes, please provide the Institution contact, describe the products and/or services offered and the total value of the services provided.
- Do you offer clear SLAs in writing? Can we review SLAs that exist for other customers? Can we review your base SLA?
Systems support
- What application integration technologies does the solution support?
- Do you provide any standard interfaces to other vendor products (e.g., Workday, Oracle)? If so by what mechanism?
- What Data extraction mechanism and standards you support?
- Do you support real time interaction with external systems? If so, what technologies (e.g. REST, SOAP) do you support?
- Do you provide any standard interfaces to other vendor products (e.g., Workday, Oracle)? If so by what mechanism?
Accessibility
- Do the technologies and services you offer adhere to Section 508 of the Rehabilitation Act and the Americans with Disabilities Act?
- If employing web-based technology, does your application conform with Level AA accessibility standards set forth in the WCAG 2.0?
- If your application does not fully comply with the WCAG 2.0 Level AA standards, please describe areas of weakness within your application and what steps are being taken to remediate these weaknesses.
- In the past 12-18 months, have you engaged an independent firm to evaluate that accessibility of your application? If so, please provide a copy of the audit report.
Peer University Resources
Business continuity
- Does your organization have a comprehensive Business Continuity Plan?
- Is an owner assigned who is responsible for the maintenance and review of the Business Continuity Plan?
- Is the Business Continuity Plan written to address all hazards, or specific scenarios?
- Is your organization’s Business Continuity Plan tested on at least an annual basis?
- Please indicate the last time that the Business Continuity Plan was tested and provide a summary of the scope and results.
Customer support
- Is support available 24 X 7? Please describe your processes, procedures, and technology that enable 24 X 7 support.
- Do you offer an online-based mechanism for reporting errors or bugs with the service?
- Do you have an incident management system for identifying, submitting and tracking cloud service incidents?
- What is your response and resolution commitment for urgent and non-urgent tickets?
- What are the mechanisms for contacting your organization for support? Phone? Web? Other?
- Do you offer live human support via phone and/or instant messaging?
- What level of user and technical support documentation is provided and maintained? Is that doc covered by NDA or is it public?
Identity
- How are new users provisioned in the application? [via an LDAP integration, a one time import, feed file process, when they log into the application for the first time, etc.]
- How are new groups or roles provisioned in the application? [via an LDAP group integration, a one time import, provisioned by an admin inside the application, etc.]
- Does the product store user information in its own database? [yes/no]
- Does the product store group membership or role information in its own database? [yes/no]
- If yes to either of the above questions, how and when is the user or group access deprovisioned from the application?
Disaster recovery
- Can your organization commit to a Recovery Time Objective of 24 hours in the event you experience a disaster or significant business disruption?
- Does your organization have a comprehensive Disaster Recovery Plan?
- Please indicate the last time that the Disaster Recovery Plan was tested and provide a summary of the results.
- Does your organization have a Disaster Recovery site or a contracted Disaster Recovery provider?
- Are back-ups of the operating system software, utilities, security software, application software and data files necessary for recovery stored at the DR site or another off-site location?
Security
- Save Time and Boost Credibility with the HECVAT: Institutions are using the HECVAT to improve their vendor assessments and procurement processes, and this higher education–specific tool can also help vendors streamline responses and save time.
Network
- Where are CDN service nodes or Datacenters located?
- Does service have peering agreements with research/education networks (Internet2, NLR, TransitRail, etc.)?
- Does service use advanced IP protocols (IPv6, IP Multicast, etc.)?
- Describe the bandwidth requirements for connections between your systems and the Institution’s users.
- Describe the typical duration of transactions.
- Describe TCP/IP ports used between the service and any client or system that the Institution operates.
Usability
Understand peer experience with vendors
Supplemental questions
- How responsive is the vendor?
- Did the product implementation go as smoothly as planned?
- What barriers to implementation (e.g., vendor obstacles, customer resistance, etc.) did you face and how did you respond?
- What has our experience been with ongoing support?
- How quickly has the vendor been able to resolve issues?
- How receptive and responsive has the vendor been to enhancement requests?
- Has the product performed as well as advertised?
- How difficult was the vendor during contract renewal?
EAB Resources
Compendium of Interinstitutional Partnerships
This resource requires EAB partnership access to view.
Access the resource center
Learn how you can get access to this resource as well as hands-on support from our experts through IT Strategy Advisory Services.
Learn More