Purpose #

The purpose of this SOP is to ensure all software installation requests are assessed, approved, installed, and documented consistently. This protects PrecisionTech clients from unsupported applications, licensing issues, malware risk, business disruption, and undocumented configuration changes.

Scope #

This SOP applies to requests involving:

• New software installation on client devices
• Reinstallation of approved software
• Software upgrades or version changes
• Browser extensions and plug-ins
• Cloud application desktop agents
• Line-of-business applications
• Trial software requests
• Software requiring administrator access
• Software requiring licence, subscription, or vendor account access

Request Classification #

Approval Rules #

• No new software may be installed without documented approval.
• Approval must come from the client’s authorised contact, manager, business owner, or licence owner.
• Software requiring payment must have licence or subscription confirmation before installation.
• Software requiring administrator rights must be reviewed carefully before approval.
• Free software is not automatically safe or approved.
• Browser extensions must be treated as software and reviewed before installation.
• Unknown, cracked, pirated, unsupported, or unsigned software must not be installed.

Workflow Steps #

1. Receive and review the request.
   Confirm the requesting user, client, device, software name, business reason, urgency, and whether the software is already approved for that client.
2. Confirm business need.
   Ask why the software is needed, who will use it, what task it supports, and whether an existing approved application can already meet the requirement.
3. Check approval status.
   Review the client’s documentation, application list, previous tickets, or internal notes to confirm whether the software is already approved.
4. Confirm licensing requirements.
   Check whether the software requires a paid licence, subscription, vendor account, activation key, user assignment, or client-side purchase approval.
5. Perform basic security review.
   Confirm the vendor is legitimate, the download source is official, the installer is not cracked or modified, and the software does not introduce unnecessary risk.
6. Obtain documented approval.
   If the software is new, paid, high-risk, or outside the approved list, obtain written approval in the ticket before proceeding.
7. Prepare for installation.
   Confirm device availability, user availability, admin access process, backup considerations, compatibility, and whether a restart may be required.
8. Install from an approved source only.
   Download installers from the official vendor website, approved client portal, Microsoft Store, company software portal, or trusted deployment platform.
9. Configure only approved settings.
   Apply standard configuration, licence activation, user sign-in, and required client settings. Do not alter security, firewall, VPN, or system policies unless approved.
10. Validate installation.
    Confirm the software opens correctly, the user can access it, licensing is active, and core functionality works.
11. Document the completed work.
    Record software name, version, source, licence status, approver, device name, installation result, and any follow-up action required.

Software Installation Checklist #

• ☐ Requesting user confirmed
• ☐ Client and device confirmed
• ☐ Software name and purpose confirmed
• ☐ Business reason documented
• ☐ Approved software status checked
• ☐ Licence or subscription requirement confirmed
• ☐ Official vendor source verified
• ☐ Security risk reviewed
• ☐ Written approval obtained where required
• ☐ Installation completed using approved method
• ☐ Software opened and tested
• ☐ User access confirmed
• ☐ Version, licence, source, and outcome documented

Security Awareness Notes #

• Do not install software from search ads, third-party download sites, file-sharing links, or personal cloud storage links.
• Do not install cracked, pirated, unofficial, or licence-bypassed software under any circumstance.
• Do not install remote access tools unless they are approved and documented.
• Do not approve software simply because the user says it is free.
• Do not grant local administrator rights to users as a shortcut for installation.
• Escalate software that requests broad system permissions, browser data access, file system access, or persistent background services.
• Unknown installers, unsigned executables, or suspicious vendor websites must be treated as security risks.

Escalation Triggers #

Escalate to Level 2, senior support, cybersecurity, or the client decision-maker when:

• The software is not on the approved application list
• The requester cannot provide a valid business reason
• The software requires payment, subscription, or licence assignment
• The software requires local administrator rights after installation
• The software installs drivers, VPN clients, browser extensions, remote access tools, or background services
• The vendor or download source cannot be verified
• The installer is unsigned, blocked by security tools, or flagged as suspicious
• The installation requires firewall, antivirus, endpoint protection, or policy changes
• The software may duplicate, replace, or conflict with existing approved systems

Documentation Standards #

Every software installation ticket must include:

• Requesting user and client name
• Device name or asset identifier
• Software name and version installed
• Business purpose for the software
• Approval source and approver name
• Licence or subscription status
• Download or installation source
• Security review notes, if required
• Installation date and technician name
• Testing performed after installation
• Any restart, configuration change, or follow-up required

Client Communication Scripts #

Common Mistakes to Avoid #

• Installing software without documented approval
• Downloading installers from Google ads or third-party download websites
• Assuming free software is safe or business-approved
• Ignoring licence limits or subscription requirements
• Granting administrator rights to avoid proper installation process
• Installing browser extensions without review
• Failing to document the installed version and source
• Closing the ticket before confirming the software works for the user

Completion Criteria #

• The software request has been reviewed and approved where required.
• The software was installed from an approved and trusted source.
• Licence, subscription, or activation requirements were confirmed.
• The software was tested and confirmed working for the user.
• No unauthorised security, firewall, admin, or policy changes were made.
• The ticket contains complete documentation of the request, approval, installation, and outcome.

Quality Standard #

A completed software installation request should clearly show why the software was needed, who approved it, where it came from, how it was installed, whether licensing was valid, and whether the user confirmed it works. Another PrecisionTech technician should be able to review the ticket and understand the full decision trail without needing extra explanation.

Version History #