HOUSE BILL REPORT
ESSB 5891
This analysis was prepared by non-partisan legislative staff for the use of legislative members in their deliberations. This analysis is not a part of the legislation nor does it constitute a statement of legislative intent. |
As of Second Reading
Title: An act relating to state technology expenditures.
Brief Description: Concerning state technology expenditures.
Sponsors: Senate Committee on Ways & Means (originally sponsored by Senators Hill and Hargrove).
Brief History:
Committee Activity:
None.
Brief Summary of Engrossed Substitute Bill |
|
Staff: Marsha Reilly (786-7135).
Background:
The Office of the Chief Information Officer (OCIO) was created in 2011 as part of an agency reorganization and consolidation of central service functions. The OCIO is within the Office of Financial Management (OFM). The OCIO is responsible for the preparation and implementation of a strategic information technology (IT) plan and enterprise architecture for the state. The OCIO works toward standardization and consolidation of IT infrastructure and establishes IT standards and policies. The OCIO prepares a biennial state performance report on IT, evaluates current IT spending and budget requests, and oversees major IT projects, including procurements.
As part of the agency reorganization, a majority of service provision duties were transferred from the Department of Information Systems to the Consolidated Technology Services Agency (CTS), including server hosting, network administration, telephone, security administration, and email.
–––––––––––––––––––––––––––––––––
Summary of Engrossed Substitute Bill:
The OCIO must coordinate with state agencies with an annual IT expenditure that exceeds $10 million to implement an IT business management program to monitor financial performance and identify savings and efficiencies. In conjunction with the CTS, the OCIO must develop statewide purchasing standards for technology networking equipment and services.
In addition to services and activities, equipment necessary to establish, operate, or manage the state data center is exempt from competitive contracting. Competitive purchasing statutes also do not apply to IT purchases by state agencies if the purchase is $100,000 or less, the purchase is approved by the OCIO, and the agency director and the OCIO prepare a public document providing a detailed justification.
Higher education institutions must provide the OCIO with information on proposed expenditures on business and administrative IT applications to allow the OCIO to evaluate the expenditure. Legislative and judicial agencies must provide the OCIO with information on proposed IT expenditures to allow the OCIO to evaluate the expenditure on an advisory basis.
The OCIO must evaluate proposed IT expenditures and establish a priority ranking of the proposals. Not more than one-third of the proposed expenditures may be ranked in the highest priority category.
Subject to funding, the OFM may establish an IT investment pool and enter into contracts for IT purchases if the purchase replaces IT systems with more modern and efficient systems, the project improves the ability of an agency to recover from a major disaster, or the project provides future savings and efficiencies for an agency through reduced costs, improved customer services, or increased revenue collections. Preference for project approvals must be given to an agency that has prior project approval from the OCIO and an approved business plan, and the primary hurdle to project funding is lack of funding capacity. The OFM must report to the Governor and the fiscal committees of the Legislature by November 1 of each year on the status of distributions and expenditures on IT projects and improved performance results achieved by project funding.
The CTS must review state telecommunications and information networks with the objective of agency network consolidation in CTS, with a report due to OFM and the Legislature in September 2013.
The OCIO must inventory state legacy IT systems and develop a plan for modernization and funding, with a report due to the OFM and the Legislature in September 2014.
The OCIO must establish security standards and policies to ensure the confidentiality, availability, and integrity of the information transacted, stored, or processed in the state’s IT systems and infrastructure. State agencies, institutions of higher education, the Legislature, and the judiciary are required to develop an information technology security plan and program.
An exemption from public disclosure pertaining to security and infrastructure of computer and telecommunications networks is expanded to include information that may increase risk to the confidentiality, integrity, or availability of agency security, information technology infrastructure, or assets. An exemption regarding emergency preparedness plan system security is updated.
–––––––––––––––––––––––––––––––––
Appropriation: None.
Fiscal Note: Available.
Effective Date: The bill takes effect 90 days after adjournment of the session in which the bill is passed.
Staff Summary of Public Testimony:
(In support) None.
(Opposed) None.
Persons Testifying: None.
Persons Signed In To Testify But Not Testifying: None.