BASIC POLICY - 4819.31

Pursuant to Government Code Sections 11545 and 11546, the Director of the California Department of Technology is charged with the duty to advise the Governor on the strategic management and direction of the State's IT resources. In addition to this advisory role, the Department of Technology is responsible for: establishing, maintaining, and enforcing the state’s IT strategic plans, policies, standards procedures, and enterprise architecture; approval and oversight of IT projects; acquisition of reportable IT projects over the DGS Delegated Purchasing Authority; consulting with Agencies/state entities during initial project planning; and suspending, reinstating, or terminating IT projects.

Each Agency/state entity is required to:

1. Establish and maintain a Technology Recovery Plan, so that it will be able to protect its information assets in the event of a disaster or serious disruption to its operations, and submit the plan or its update to the California Information Security Office (CISO) as outlined in the Technology Recovery Plan Reporting Schedule (SIMM Section 05B). See SAM Section 5325.1.
2. Establish an ongoing information management strategic planning process to support the accomplishment of its overall business strategy (e.g., its strategy to carry out its programmatic mission) and submit its strategic plan to the Department of Technology for approval. See SAM Section 4900.2.
3. Adopt standards for an Agency/state entity IT infrastructure consistent with SAM Section 4989.1.
4. Prepare Stage 1 Business Analysis (SIMM 19A) for all Information Technology Projects and submit to the Department of Technology for long term planning of the state’s strategic IT investments. See SAM Section 4904.
5. Use the California Project Management Framework (CA-PMF) as described in SAM Section 4910 for managing all IT projects. Agencies/state entities may

   use other comprehensive PMBOK® Guide-based frameworks if the framework encompasses project management practices, processes, and deliverables that meet the minimum level of planning included in theCA-PMF.

6. Implement their Enterprise Architecture in accordance with the guidelines and instructions included in SIMM Section 58.
7. Conduct a study for each proposed IT project (development or acquisition) and obtain approval through the Project Approval Lifecycle from the Department of Technology or from the Agency/state entity director (if approval authority has been delegated). See SAM Sections 4819.34-4819.35.
8. Submit, upon request from the Department of Technology, all IT Reportable Procurements (as defined in SAM Section 4819.2) to the Department of Technology for review prior to release to the public.
9. Obtain approval of all IT Acquisitions related to Reportable Projects that exceed the Agency/state entity’s DGS Delegated Purchasing Authority (as defined in SAM Section 4819.2), from the Department of Technology’s Statewide Technology Procurement Division (STPD) prior to release to the public. These IT Acquisitions shall be included with the PAL Stage 3 Solution Development prepared in accordance with SIMM Section 19C. The instructions and time frame for submitting IT Acquisitions to the Department of Technology for review is specified in SIMM Section 05A.
10. Manage IT projects following the established IT Project Oversight Framework (SIMM Section 45) minimum requirements, to ensure that projects are completed on-time, within budget, and that they accomplish the objectives defined in their Stage 1 Business Analysis.
11. Protect the integrity of its information management capabilities and databases and ensure the security and confidentiality of information it maintains.
12. Establish an acquisition planning process for IT project acquisition of IT goods and services as determined by the Department of Technology.
13. Agencies/state entities shall implement power management practices on all desktop and laptop computing devices, thin client devices, printers copiers, scanners, and monitors. During hours of normal operation, devices which are not in use for 30 minutes shall automatically go into an energy-saving mode. Devices shall be shut down at the end of the normal business day.

    In addition, Agencies/state entities shall fully implement power management software for desktop and laptop devices by December 31, 2010, or six months after the 2010-11 Budget has been enacted, whichever is later. Agencies/state entities shall also implement standby and shutdown practices for all devices within the scope of this policy beginning December 31, 2010.

    Exemptions must be approved in writing by the Agency Information Officer (AIO) or the state entity’s Chief Information Officer (CIO). Exemptions are limited to:

    • Devices which must remain in active mode to meet state operational needs. An example of a valid exemption would be a desktop computer and monitor utilized to manage batch programs 24 hours per day, seven days per week.
    • Facilities with electrical service bundled-in with facility lease contracts where Agencies/state entities would not likely receive offsetting benefits from acquired power management software. In this instance, compliance can be achieved through the use of standard operating systems functionality (e.g., Windows).

If an Agency/state entity fails to meet these requirements, the Agency/state entity will be required to obtain Department of Technology approval before expending any resources on IT projects.

The project approval process is described in SAM Section 4819.34