Background:

Information Technology Work Group.

The state has undertaken a variety of efforts in recent years to examine opportunities to improve the administration and coordination of state information technologies (IT). In 2007, the Legislature created the Information Technology Work Group (Work Group), which is composed of legislative members, state agency directors, chief information officers, and members of the business community. In November of 2007, the Work Group made a number of recommendations regarding IT project approval and oversight, purchasing practices, and the shared use of the Department of Information Services (DIS) infrastructure. The Work Group also recommended that a consultant be hired to conduct an evaluation of IT in support of the continued efforts of the Work Group. In September of 2008, the House of Representatives signed a contract with Pacific Technologies, Inc. to conduct an evaluation of, and develop a strategy for, the governance and delivery of state IT services.

Recent IT Reports.

In 2009, the Legislature received three reports related to the provision of IT in state government. While the scope and objectives of the reports vary, all three reports provide high-level recommendations regarding how the state could increase efficiency in the provision of IT.

Pacific Technologies Inc. Report

The Pacific Technologies Inc. (PTI) report was completed in June of 2009 at the request of the Legislature and the Work Group. In their final report, PTI made a number of recommendations regarding IT governance and service delivery, including recommendations to:

Refocus the Information Services Board (SB) on setting and guiding IT direction for the state;
Establish a Project Review Board for Level 3 projects;
Centralize desktop and infrastructure support functions to achieve economies of scale, while leaving application support in state agencies; and
Optimize and reduce IT infrastructure in alignment with enterprise architecture best practices.

Unisys Report

The Unisys report was commissioned in 2009 as part of the authorization from the Legislature to the DIS to construct a new state data center and office building. Specifically, Unisys was directed to outline how the state could consolidate independent agency data centers to achieve cost savings to offset higher facility costs.

In its report, Unisys recommended that efforts be made to standardize IT in state government. According to Unisys, greater standardization would allow the state to achieve greater economies of scale, reduce costs, and provide for a more efficient transition to the new state data center. Such standardization efforts could include: discontinuing individual agency server purchases; developing virtualization standards; consolidating servers; and establishing data storage requirements.

State Auditor's Report

In January of 2010, the State Auditor issued an "Opportunities for Washington" report, which identified a number of areas with respect to IT where the state could improve service and reduce costs. The State Auditor's Report identified several opportunities for improving service and cutting costs: (1) reduce the number of agency data centers; (2) consolidate IBM mainframes under one shared service provider; (3) standardize and centralize IT support; (4) consolidate servers within the DIS and better use technology to reduce the number of servers needed; (5) use network resources more efficiently by eliminating duplication and using resources provided by the DIS; (6) include e-mail administration as part of the central e-mail service; and (7) provide competitively priced shared data storage at the DIS. However, the State Auditor acknowledged that changes should be made to how the DIS operates before further consolidation or sharing of IT infrastructure services occurs.

Department of Information Services.

The Department of Information Services (DIS) was formed in 1987 as a result of consolidating the state's four independent data processing and communications systems. The Director of the DIS is responsible for overseeing the functions of the DIS, as well as maintaining a strategic planning and policy component for the state by serving as the State Chief Information Officer (CIO).

The DIS provides IT services, upon request, to state agencies, local governments and public benefit non-profit entities in the state on a cost-recovery basis. The DIS also performs work delegated to it by the Information Services Board, including the review of agency portfolios, the review of agency investment plans and requests, and implementation of statewide and interagency policies, standards, and guidelines.

Information Services Board.

The Information Services Board (ISB) was also formed in 1987. The ISB is given a broad range of duties under statute, including policy development, strategic IT planning, oversight of executive branch agencies' IT projects, and delegating authority to the DIS and the agencies. One of the ISB's primary functions is reviewing and providing oversight and spending authorization for larger, higher risk IT projects administered by executive branch agencies.

Wireless Service.

Many state agencies provide portable handheld wireless devices to their employees. Agencies may purchase wireless service plans or phones through an IT Master Contract offered through the DIS, but generally may also purchase wireless service or phones from other sources.

Personal Computers.

State agencies may purchase personal computers (PCs) through an IT Master Contract administered by the DIS. In addition, state agencies may participate in the DIS Lease Program for PCs, which typically reflects a 4-year replacement cycle.

According to the 2009 PTI Report, state agencies maintain approximately 33 percent more personal computers (PCs) than employees. Pacific Technologies Inc. found that the state could reduce its PC inventory by 25 percent and still have one PC for every agency employee, which could reduce support demands.

Data Storage and Data Centers.

The state has both centralized data center capacity, as well as independent data processing capabilities in numerous agency data centers. The capabilities of these in-house data centers ranges from servers placed in office space to full-fledged facilities with dedicated cooling, power and staff.

State agencies currently have varied data storage requirements, equipment, resources, and multiple variations in implementation of data retention policies. The Unisys report found that, among the 21 agencies surveyed, there were over 195 different storage devices within the agencies data centers.

Summary of Bill:

Department of Information Services Authority and Duties.

Provisions related to the duties and responsibilities of the Department of Information Services (DIS) are revised. The DIS must provide data storage services, as well as provide procurement and maintenance of personal computers (PCs), servers, and virtualization services, in addition to other information technology (IT) related services.

Provisions specifying that DIS services are for discretionary use by customers are removed from state law.

Wireless Phone Service.

State agencies must purchase cellular or mobile phone service from the state Master Contract, unless they secure a waiver in advance from the Office of Financial Management (OFM) or the DIS.

Personal Computers.

The DIS is granted full authority over PC purchase, replacement, and inventory for the state. State agencies may not purchase or replace a PC without securing approval from the DIS.

The DIS must develop a PC replacement policy of at least five years for PCs owned or leased by state agencies. The DIS will only grant approval for the purchase or replacement of a PC if it is consistent with the state's PC replacement policy or if the request is to replace a PC that is necessary and no longer operational.

The DIS must revise the state Master Contract for PCs so that it offers up to three contractors with up to four models to choose from for each contractor.

Data Storage.

The Information Services Board must develop a data retention policy for state agencies.

State agencies must develop data storage policies by reviewing what information currently exists in digital format, where it is stored, how it is being used, and the business and legal requirements for retention.

The DIS must offer tiered data storage services to state agencies. If a state agency is purchasing additional data storage, it must purchase the storage through the DIS.

IT Spending Restrictions.

The following limitations are placed upon IT procurement by state agencies for the 2009-11 biennium:

State agencies may not purchase or implement new IT projects without securing prior authorization from the OFM. The OFM may only approve IT projects that contribute towards an enterprise strategy or meet a critical, localized need of the agency.
State agencies may not purchase servers, virtualization, data storage, or related software without securing prior authorization from the OFM. The OFM will grant approval only if the purchase is consistent with the state's overall migration strategy to the state data center and is critical to the operation of the agency.
State agencies are not permitted to upgrade existing software without prior approval from the OFM. The OFM will grant approval only if the agency can demonstrate that upgrade of the software is critical to the operation of the agency.

Legislative Intent.

An existing intent section is repealed from current law and is replaced by a new intent section.