What Is an IT Procurement?

Per N.C. General Statute 143B-1320(11), the definition and scope of information technology, or IT, is a set of tools, processes and methodologies, including, but not limited to:

Equipment and services employed to collect, process and present information to support the operation of an organization
Coding and programming
Systems analysis and design
Planning
Office automation, multimedia and telecommunications
Storage and retrieval
Architecture
Systems control
Any personnel and support personnel required for planning and operations
Data communications, data conversion and data analysis
Mobile applications

Criteria for IT Procurements

If a procurement meets any of the following four criteria, it is an IT procurement. If the procurement does not meet any of these criteria, it is not an IT procurement.

Criteria 1	The procurement requires signing any of these agreements: Licenses End user license agreements Service level agreements Master service agreements Privacy policies related to processing or storing state data
Criteria 2	North Carolina’s state data is: Stored or in transit from a device to a state-hosted device that does not connect to a network In transit regardless of where it travels (e.g., vendor to state or vendor to the federal) Stored on a device or vendor (non-state entity) server – whether or not the data is personally identifiable information (PII) Note: • The vendor must meet security requirements (e.g., data is being encrypted). • Correct IT terms and conditions and security requirements must be included in the contract to protect the state and its data.
Criteria 3	The procurement is an online database subscription. These are defined as: Accessible online databases Online business research services Services that provide information to the user through online means Databases where login credentials are required to access data or information Subscriptions to online databases include: Westlaw ATSM Standards and Specifications Online libraries Nursing procedure manuals Kelley Blue Book for automobile
Criteria 4	The procurement involves credit card payment processing: Automated Clearing House (ACH) and/or credit card payment processing (CCPP) system procurements over the agency’s delegation. State agencies must submit all ACH/CCPP systems procurements to the NCDIT agency (EPMO, enterprise architecture, IAM Operations and ESRMO).

Examples of IT Procurements

Any product or service that connects to the internet or a network
A system that processes patient data (personally identifiable information, medicines or database of historical information) that connects to a network
A system that collects data in a created customized software database for managing the information and for subsequent distribution
A system where there are real-time feeds that are transmitted over a network
A system where a user gains access via NCID or an identity access management system
If the offer from a vendor for the products or services your agency wants to procure includes any links to vendor agreements, such as licenses, end user license agreements, service level agreements, master service agreements and/or privacy policies related to processing or storing state data.

Examples of Procurements That Are Not Considered IT

A system or equipment that does not connect to a network and does not store state data
Manufacturing data that contains software that only connects to an internal network
A locked cabinet with prescriptions that is not connected to a network
A medication dispenser with software that does not connect to a network
Surveying equipment that collects data in the field and connects to a device at an agency or school but goes no further

Questions & Support

If you have questions in determining whether a business need is considered an IT procurement that the N.C Department of Information Technology needs to review, please contact Chief IT Procurement Officer James Tanzosch at james.tanzosch@nc.gov.