Centralized review and approval process for departmental acquisition of technology products and services at Georgia Tech.
Review CTR thresholds from the chart below prior to submission.
Support Hours: Mon-Fri, 8:00AM-5:00PM EST
For assistance with CTRs, contact firstname.lastname@example.org.
Approved and signed CTRs are valid for one calendar year.
Watch the Online Tutorial.
The goal of the CTR process is to mitigate potential risks that include:
- Acquiring applications or equipment for which there is no support on campus.
- Acquiring redundant applications or equipment on campus.
- Acquiring systems that have inherent systems security deficiencies.'
- Acquiring systems that are incompatible with the campus information architecture.
To submit a request, follow the procedures listed below:
- Review the CTR Threshold Chart below to determine if the purchase requires a CTR request.
- Create a new CTR at: http://ctr.gatech.edu.
- Complete the required fields, upload your vendor quote and Voluntary Product Accessibility Template (VPAT) statement, then submit your CRT.
OIT will update you via email of any questions/concerns regarding your CTR.
Approved CTR will be sent to you via email as a PDF attachment.
508 Compliance Documentation
The CTR process requires submission of a 508 Compliance Voluntary Product Accessibility Template (VPAT) statement from the supplying vendor. The purpose of a VPAT is to assist Federal contracting officials and other buyers in making preliminary assessments regarding the availability of commercial “Electronic and Information Technology” products and services with features that support accessibility. Note that not all products require a VPAT statement.
Here are the categories of products for which a VPAT statements must be submitted along with your CTR:
- Software Applications & Operating Systems
- Telecommunications Products
- Web-based Internet Information & Applications
- Video & Multimedia Products
- Self-Contained, Closed Products
- Desktop & Portable Computers
- Information, Documentation and Support
- Functional Performance Criteria
Your vendor should have a prepared VPAT statement they can supply to you.
When purchasing hosted services where a third party will be housing Georgia Tech data, Cyber Security may require a security questionnaire to be completed by the vendor. If OIT Cyber Security contacts you for this information, have the vendor complete the Georgia Tech Third Party Risk Assessment Questionnaire.