1 / 15

NEW REQUIREMENTS FOR APPROVAL OF MAJOR INFORMATION TECHNOLOGY PROJECTS

NEW REQUIREMENTS FOR APPROVAL OF MAJOR INFORMATION TECHNOLOGY PROJECTS. HOUSE BILL 12-1288. CONCERNING THE ADMINISTRATION OF INFORMATION TECHNOLOGY PROJECTS IN STATE GOVERNMENT ---

abedi
Télécharger la présentation

NEW REQUIREMENTS FOR APPROVAL OF MAJOR INFORMATION TECHNOLOGY PROJECTS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NEW REQUIREMENTS FOR APPROVAL OF MAJOR INFORMATION TECHNOLOGY PROJECTS

  2. HOUSE BILL 12-1288 CONCERNING THE ADMINISTRATION OF INFORMATION TECHNOLOGY PROJECTS IN STATE GOVERNMENT --- Legislative Declaration: It is imperative that the long-term sustainability and eventual retirement of information technology systems be considered when initiating a major information technology project and that plans include the various components that will result in project success.

  3. 24-37.5-109(1)(e) (New Subsection Created) • State agencies shall: . . . In connection with any major technology project that a state agency plans to undertake, satisfy the requirements set forth in section 24-37.5-105(4)(d) Effective August 8, 2012

  4. 24-37.5-105(4)(d) (New Subsection Created) • In connection with any major information technology project that it plans to undertake, a state agency shall: . . . (II) Submit and obtain approval from OIT of the project plan . . . before commencing work on the project.

  5. 24-37.5-102(2.6)(a) (New Subsection Created) What is a “Major IT Project”? • A project of state government that has a significant IT component, including, without limitation, the replacement of an existing IT system. • “Significant” means the project has a specific level of business criticality and manifests either a security risk or an operational risk as determined by a comprehensive risk assessment performed by OIT. OIT has a Project Scaling & Risk Assessment Form

  6. 24-37.5-105(4)(c) (New Subsection Created) What qualifies as a “Project Plan”? • As part of any major IT project by a state agency, classified as such according to a comprehensive risk assessment performed by OIT, the project plan at a minimum shall include: Statute Lays Out 8 Minimum Requirements

  7. Parts of a Project Plan - 24-37.5-105(4)(c) (I-III) I. Identification of a project manager; (OIT assigns Project Managers for Major IT Projects, and the State Agency may as well). • A business case in alignment with the strategic goals of the state agency; • Business requirements for the project developed in collaboration with the state agency and end users; Project Plan Development is Collaborative Process

  8. Parts of a Project Plan - 24-37.5-105(4)(c) (IV-VI) IV. Information security requirements and best practices; • A disaster recovery plan; • Consideration of and inclusion in the business continuity plan of the state agency. (OIT can help develop contingency plans, life cycle plans and recommend solutions to safeguard data, like offsite data storage, encryption, etc.) IT Projects that Put Confidential State and Citizens’ Information at Risk are Likely “Major”

  9. Parts of a Project Plan - 24-37.5-105(4)(c) (VII) • Independent verification and validation of the project; • A funding strategy for the ongoing maintenance and eventual disposal of the IT project. These Final Requirements Potentially Add New Financial Obligations to Major IT Projects

  10. 24-37.5-102(1.8)(New Subsection Created) What is Independent Verification & Validation (IV&V)? • Ensuring that a product, service, or system meets required specifications and that it fulfills its intended purpose. • The review of such product, service, or system is typically performed by an independent party. OIT Has Pre-Approved 10 IV&V Vendors in Colorado Whom Agencies May Select to Provide IV&V through Cooperative Contract

  11. OIT’s IV&V Cooperative Contract • Cooperative Contract under C.R.S. 24-110-201 • 10 Colorado IV&V Vendors pre-approved by OIT to satisfy the statutory requirement. • If State Agency wishes to use one of these IV&V vendors, OIT will conduct a mini-bid among them and State Agency will select best. • State Agency & OIT will enter into an Interagency Agreement for OIT’s provision of the services.

  12. CCU Contract Approval Requirements • HB 12-1288 Created mandatory approval requirements for Major IT Projects. • Contract Packets will need to demonstrate compliance: • OIT Compass Print Out (CCU does not have access to this system); • Email from OIT Project Manager confirming approval of State Agency’s Project Plan by OIT; or • Copy of the Project Plan that has been approved by OIT.

  13. Questions? • Enterprise Portfolio Project Management Office (EPPMO) has a web page dedicated to HB 12-1288. http://www.colorado.gov/cs/Satellite/OIT-EPPMO/CBON/1251635153917 • Ana Riveros, EPPMO Director. ana.riveros@state.co.us • Judy Giovanni, IV & V Contract Admin. judy.giovanni@state.co.us

More Related