17.3.4 Procurement, Outsourcing and IT Assets

OIST IT Asset purchases must be fit for purpose. They must also be procured, audited, re-used and disposed of appropriately. In addition to University procurement policy, rules and procedures [Link: 28], the purchase of IT Assets are also subject to the rules herein.

Regardless of procurement path or budget, all IT assets procured, donated to or otherwise received by OIST must be physically inspected by IT Division staff upon receipt. This inspection will include indelible asset marking (exceptions to which must be approved by CIO), and registration into the Configuration Management System (CMDB) [Link: 17.8.32] to allow for the efficient tracking and auditing of assets.

Exemptions may exist where the IT asset is an integral part of a larger research device or apparatus, i.e. a control PC bundled with a microscope. In this case the party receiving the asset is to coordinate with IT Division.

Consultation with IT Division is required before the purchase of any IT asset intended to be housed in IT Division facilities (server rooms, network spaces etc.) [Link: 17.3.30].

17.3.4.1 Procurement of IT Assets within the Administration
Within the administration and the Core Facilities, the procurement or upgrade of any IT asset (including any software procurement with a price above a 10,000yen) must be conducted via IT Division. This is to ensure standardization where applicable, and to ensure the devices are purchased in an efficient fashion. The procedure for requesting the purchase or upgrade of an IT device within the administration is detailed at PRP 17.5.1 [Link: 17.5.1].

All IT assets within the administration fall under control of the IT Division, and are subject to this policy regardless of how they were acquired or funds used to purchase them.

17.3.4.2 Procurement of IT Assets within Research Units
Research units are strongly encouraged to consult with IT Division before purchasing any IT asset. Where the research unit elects to purchase without consultation, the level of support IT Division can deliver to the IT asset may be limited. Connectivity with OIST networks is not guaranteed in this case. The support levels available to the various device categories are detailed in the SLA [Link: 17.8.6]. The procurement process for IT assets within research units is covered under PRP 17.5.3 [Link: 17.5.3].

IT assets to be procured as part of a larger research equipment purchase, or to be attached to research equipment should be specified with thought to reliability and performance. The reliability of these assets has substantial impact on the productivity of critical research equipment. Guidelines for specifying these purchases are part of the process for procurement of IT assets within research units [Link: 17.5.3].

17.3.4.3 Procurement of IT Assets via Corporate Credit Card
The purchase of IT assets using corporate credit card (P-Card) is restricted, please see PRP 26.3.7 [Link: 26.3.7]. The purchase of IT assets from online vendors  can only be conducted via IT Division.

17.3.4.4 IT Asset Tracking
All IT assets which are wholly or partially owned by the university are to have the OIST asset tracking agent installed. This agent allows for the dynamic audit of IT assets, resulting in substantial savings in costs and personnel time during mandatory yearly asset audits. This requirement is mandatory for all assets in the administration, and strongly advised for assets within research units.

17.3.4.5 IT Asset Transfer
The transfer of usage or ownership of any IT device, including between users, sections or research units, must be conducted via IT Division. In this way the asset register and CMDB is kept up to date, and data in the devices is securely erased [Link: 17.8.21] prior to transfer to prevent breaches in security or personal information protection. The process for transferring an asset between users or sections and units is described at PRP 17.5.5 [Link: 17.5.5].

17.3.4.6 IT Assets Outside of OIST Premises
Where any IT asset is to be taken off-site, including for the purposes of business trips or working from home, prior authorization must be given by IT Division. In the case of laptops and mobile devices this authorization is normally incorporated into the agreement signed by the user upon physical issuance of the device [Link: 17.5.4].

17.3.4.7 IT Asset Disposal
The disposal of all OIST IT assets must be conducted via IT Division, regardless of how they were acquired or the nature of the funds used to purchase them or if they are partially or wholly owned by OIST.

17.3.4.8 IT Asset Theft, Loss or Damage
Users must report the loss, theft or damage of any IT Asset to the IT Helpdesk promptly [Link: 26.3.3].

Table of Contents