Skip to main content

The Role of Cornell Procurement in TRAs

This article applies to: Security Risk Assessment

Good Stewardship of University Resources

In general, Procurement and Payments is responsible for assisting all buyers in expediting their purchase and ensuring that all purchases conform to University Policy 3.25, Procurement of Goods and Services, applicable laws and procurement good practice.

The Buying Manual produced by purchasing provides instructions and guidance for a purchase including the purchasing of technology covered in section 618.

You are expected to have a TRA completed ahead of time and the document (or ITSO recommendation to proceed) is attached to your purchase order. If you submit a purchase order for software or other technology that purchasing believes should receive a TRA, you may be referred to the ITSO and asked to submit a TRA request.

Contracts and TRA Risks

If a TRA identifies risks that for which a vendor ought to be accountable and/or identifies action a vendor ought to take, Cornell’s purchasing and legal departments can provide the professional assistance needed to make sure that these are properly addressed in the contract. This can help protect the university and the unit making the purchase in the event that harms associated with a risk are realized.

About this Article

Last updated: 

Tuesday, April 25, 2017 - 1:49pm

Was this page helpful?

Your feedback helps improve the site.