The Solutions Life Cycle Management Standard provides information and processes for managers and decision makers who are considering purchasing new information technology solutions or services. The standard defines required engagement with purchasing and the RIT Information Security Office and provides additional information about managing solutions from initial consideration of the solutions to their retirement.

Current Solutions Life Cycle Management Standard (reflects 2015 operational transition, comply by 1/23/15)

Who does the standard apply to?

RIT departments exploring new IT services (including third-party and RIT-hosted, and software as a service) that meet any one or more of the following:

• Host or provide access to Private or Confidential information
• Support a Critical Business Process

Key Concepts

• Provides critical vs. non-critical business continuity classifications.
• Requires the establishment of recovery point objectives, creation of appropriate documentation, and contingency planning for disaster recovery and business continuity.
• Provides disaster recovery and restoration requirements for IT support organizations.

Resources

• Information Access and Protection Questionnaire (IAPQ)--provided by the RIT Business Office to the Information Security Office (ISO) and Project Management Office (PMO)