What is the Technology Acquisition Review Process that the SCU CIO mentioned in their email?

What is the Technology Acquisition Review Process that the SCU CIO mentioned in their email?

On February 20, 2026, Santa Clara University’s CIO introduced the new Technology Acquisition Review (TAR) process. While the official announcement explains what the policy is, the Law Technology support group wants to show you how it actually works.

Join us for a first-hand look as we walk you through a real example based on our own recent TAR submission.




Chapters:
00:04: Introduction
00:46: TAR site introduction
01:10: First considerations for your TAR candidate
01:33: Does your TAR candidate have a similar solution supported by SCU IT
02:31: Vendor documentation needed for the TAR questionnaire
03:21: Submit a ticket to the vendor and request template breakdown
03:33: Using the Law Tech's request template to gather documentation from vendor
05:07: Trust center site explained
06:58: Download documents and next steps
08:05: Create that request in WorkDay
08:25: Start of the TAR questionnaire rundown
09:08: Important section mention about similar solutions provided by SCU IT
10:52: Data sensitivity question explained
13:53: Attachments
15:04: Outro


Template to use for requesting documents from your vendor

Subject: Action Required: Technology Acquisition Review for [Product Name]


Body:

Greetings,

Our organization is currently conducting a Technology Acquisition Review for all software services used on campus. To initiate this process for [Product Name], could you please provide the following documentation?

  • Security & Compliance: SOC2 (Type II), ISO 27001, and HECVAT

  • Accessibility: Current VPAT

If you maintain a Trust Center or Security Portal where these can be downloaded, please send the link our way. Otherwise, please connect me with your security or legal team so we can gather these materials.

Thank you for your assistance in keeping our campus secure and compliant.