A SaaS product used for the Stanford community must meet these requirements:
Business requirements:
- The product provides functional support for Stanford's business.
- The service provider is viable and provides support for the product.
- The service provider has a process to notify the user about changes in the product (e.g., functionality, UI).
Technical/integration requirements:
- The product integrates with Stanford's IAM (Identity and Access Management) and account provisioning systems.
- The product has the capability for service health monitoring.
- The product includes log and/or event notification (e.g., it tracks administrative access or configuration changes to deployment).
- The product has testing and staging environments.
- The product is scalable and fault-tolerant.
Risk management requirements:
- The product supports Stanford's data security requirements.
- The product complies with University policy and legal requirements.
- The product supports business continuity and disaster recovery.
See the content below for details about the items in this checklist. If the product meets these criteria, see Choosing and Purchasing a Cloud Solution, Step 3 for next steps in acquiring and managing the product.