Guide for Deploying Digital Solutions (Applications) in UCD
Steps to take when Buying, Developing, or Deploying new Applications
This page provides guidance for those who are considering deploying an application locally within their team, school or unit.
It should be noted that this is a guide and not an approval process.
Applications being delivered by IT Services will follow the established IT projects planning process. See here for details and how to submit a project request.
Assistance outside of the above will depend on the nature and complexity of the request and other commitments.
Overview
Purpose
To ensure alignment with UCD principles, policies, and standards, and compliance with regulatory & legal requirements.
The steps outlined should be followed, and requirements met before any application is brought into use in UCD.
For assistance in navigation through this process contact IT Partnership ((opens in a new window)itpartners@ucd.ie), and we will respond to you as soon as possible.
In Scope
Any application used to store or process UCD data, deliver research, academic, and administrative services, regardless of whether the application is on-premise or in the cloud, and regardless of whether it is obtained free of charge or for a fee.
Step 1. Enterprise Architecture Principles
Alignment to Enterprise Architecture Principles
The UCD Enterprise Architecture Principles inform, guide and govern the design and deployment of applications across the University.
Alignment with these principles is a requirement for all applications, from departmental solutions in individual schools and units, to centrally-managed university-wide platforms.
Step 2. Engage Procurement
Adherence with UCD Procurement Guidelines is a Requirement
As part of any project, it is important that project team engage with UCD Procurement as early as possible. They will guide on thresholds, particular frameworks available, and timeline considerations.
The University is subject to EU and National Public Procurement legislation and all staff with responsibility for purchasing should be familiar with UCDs Purchasing Unit procedures and quotation & tender compliance requirements.
Step 3. Technical & Security Considerations
Applications must be designed and built securely, aligned to the enterprise architecture
Adherence to University Policies is a requirement
IT related Policies and Guidelines are provided to protect applications, safeguard data, and comply with legislation.
To help protect University applications and data from internal and external cybersecurity threats, you should review (opens in a new window)Assessing the Security of Digital Solutions with whoever will manage your application, before buying, developing or deploying a new application.
Step 4. University Data
Personal Data
Where an application involves processing or storing UCD personal data, full compliance with GDPR regulations is required.
A DPIA must be completed where UCD collects, stores or processes personal data, and a Transfer Impact Assessment must be undertaken where personal data is exported outside the EEA.
The UCD DPO has developed a (opens in a new window)comprehensive UCD Data Protection Checklist to guide UCD academic and administrative units through the key steps involved in the selection and acquisition of applications.
A library of policies, procedures, training, guidance, templates, and contact information to support you through this are available on the UCD GDPR website.
Research Data
Where an application involves processing or storing of Research Data, then UCD's (opens in a new window)Research Data Management site will help you ensure that your research data is stored, retained, made available for use and reuse, and disposed of according to best international practices, as well as in compliance with legal, statutory, ethical, contractual and intellectual property obligations, and the requirements of funding bodies and publishers.
Step 5. Accessibility & Integration Requirements
Accessibility standards (e.g. W3C WCAG2.1 or ISO/IEC 40500) and legislation (e.g. EU Directive 2016/2102), must be assured for all applications. For UCD websites (managed through T4 CMS), IT Services provides Silktide to test and assess website accessibility.
Single Sign On (SSO) should be used wherever possible.
Where SSO integration is required, please contact the IT Helpdesk.
For other application or data integration requests, please contact IT Partnership (itpartners@ucd.ie)
Step 6. Rollout, Routine Management, and Retirement
Applications deployed should be (opens in a new window)registered in the UCD Applications-in-Use Repository.
It is recommended that applications are routinely assessed to ensure they are fit for purpose and meeting University requirements.
Applications that are no longer required should be decommissioned, including secure data destruction, cleanup and release of infrastructure resources such as virtual instances, physical servers, DNS registration, and removed from the Applications-in-Use Repository.
IT Services can help you follow the correct decommissioning steps.
Quick Links
- UCD Procurement site
- (opens in a new window)UCD Procurement Guidelines
- UCD Data Protection and GDPR site
- (opens in a new window)UCD Data Protection Checklist
- UCD IT Policies and Guidelines
- Cloud Computing Guidance
- UCD EA Principles
- (opens in a new window)UCD Applications-in-Use Repository
- (opens in a new window)UCD Research Data Management
UCD IT Services
Computer Centre, University College Dublin, Belfield, Dublin 4, Ireland.Contact us via the UCD IT Support Hub: www.ucd.ie/ithelp