Clickable AggieBuy logo image.
Clickable AggieShip logo image.
Clickable AggieTravel logo image.
Clickable AggieSurplus logo image.
AggieSupply logo image.
Clickable icon to contact staff.

Buying Software/Software Services

Procurement & Contracting Services works with the Information and Educational Technology (IET) organization to meet your software needs here at UC Davis. 

The preferred method for purchasing computer software is outlined below.  

Departments do not have the authority to accept or sign any supplier terms and conditions or agreements on behalf of the university, whether there is an associated cost or not.   

Any supplier agreements requiring acceptance of any terms and conditions (by signature, click-through, or auto-acceptance) must be reviewed and approved by the appropriate Procurement & Contracting Services staff. 


What is Sensitive Data?

There are many different types of sensitive data. If you are purchasing software or utilizing a cloud-based service that will utilize sensitive data, it is critical that you are aware of how that software will protect and secure that data.  Refer to the list of Personally-Identifiable Information (PII) examples (low, moderate, and high risk). 

We strongly advise that you review the UC Davis policy PPM 320-20, as well as the University of California Security Protection policy documentation to familiarize yourself with the applicable rules and regulations.


Consult with your computer technical team FIRST.  

Make sure you understand  what type(s) of software you need (quantity, licenses, compatibility with other equipment, etc.). Since some software purchases are non-returnable/non-refundable, it is very important to ensure that you are purchasing the correct software for your specific needs. 


Locate an existing university software agreement whenever possible. 

With an existing agreement, the due diligence is already done! This means no supplier set-up, no contract negotiation and, in many scenarios, no additional security assessment requirement.   Agreements are available in:

  • Kuali Financial System (KFS): Use the Agreement Number Lookup; in the Description field, enter *SOFTWARE* (including the asterisks) to retrieve software agreements.
  • CalUSource: This agreement lookup provides another way to locate software agreements; enter software in the search field.  (NOTE: Google Chrome and Internet Explorer are the recommended Internet browsers, additional browsers will soon be compatible with this lookup.)

To purchase against an existing software agreement, complete a KFS Requisition, citing the software agreement in the Agreement # field.  This can help ensure that the terms and conditions associated with the software are properly followed and applied.


If there is no existing software agreement, check to see if a Vendor Risk Assessment (VRA) is in place or in process.

Review the information on the Vendor Risk Assessment page to identify vendors that have a Vendor Risk Assessment in place (or in process) and the level of data for which the assessment is valid.  Contact the Information Security Office (ISO) at cybersecurity@ucdavis.edu for guidance before proceeding to create a KFS Purchase Agreement.

If the request is approved, you should then complete a KFS Purchase Agreement for the specific agreement, and the signed VRA must be electronically attached to your KFS Purchase Agreement document.  Specific purchases would then be processed against the agreement on a KFS Requisition.


If there is no existing software agreement and no Vendor Risk Assessment in place, a Vendor Risk Assessment (VRA) must be completed.

The online VRA requires complete information on the type of software being requested, purpose of the software, as well as the name of your department Unit Information Security Lead (UISL).  The completed request will be reviewed by Strategic Sourcing and the Information Security Office (ISO).  The supplier’s terms and conditions and the security practices of the company will be fully reviewed.   See the UC Electronic Information Security Policy for more information. 

If the request is approved, you should then complete a KFS Purchase Agreement for the specific agreement, and the signed VRA must be electronically attached to your KFS Purchase Agreement document.  Specific purchases would then be processed against the agreement on a KFS Requisition.


Check AggieBuy. 

There are several computer software catalogs available in AggieBuy, including those from CDWG and SHI.   Because there are various terms and conditions associated with software, we recommend identifying the items you want and confirming any restrictions with our Strategic Sourcing team at strategicsourcing@ucdavis.edu BEFORE purchasing software in AggieBuy .

NOTE: Additional information is also available on the Software at UC Davis website.