2009 California Government Code - Section 11545-11548.5 :: Chapter 5.6. Office Of The State Chief Information Officer

11545.  (a) There is in state government the office of the State
Chief Information Officer. The State Chief Information Officer shall
be appointed by, and serve at the pleasure of, the Governor, subject
to Senate confirmation. The State Chief Information Officer shall be
a member of the Governor's cabinet.
   (b) The duties of the State Chief Information Officer shall
include, but are not limited to, all of the following:
   (1) Advising the Governor on the strategic management and
direction of the state's information technology resources.
   (2) Establishing and enforcing state information technology
strategic plans, policies, standards, and enterprise architecture.
This shall include the periodic review and maintenance of the
information technology sections of the State Administrative Manual,
except for sections on information technology procurement procedures,
and information technology fiscal policy. The State Chief
Information Officer shall consult with the Director of General
Services, the Director of Finance, and other relevant agencies
concerning policies and standards these agencies are responsible to
issue as they relate to information technology.
   (3) Minimizing overlap, redundancy, and cost in state operations
by promoting the efficient and effective use of information
technology.
   (4) Providing technology direction to agency and department chief
information officers to ensure the integration of statewide
technology initiatives, compliance with information technology
policies and standards, and promote the alignment and effective
management of information technology services. Nothing in this
paragraph shall be deemed to limit the authority of a constitutional
officer, cabinet agency secretary, or department director to
establish programmatic priorities and business direction to the
respective agency or department chief information officer.
   (5) Working to improve organizational maturity and capacity in the
effective management of information technology.
   (6) Establishing performance management and improvement processes
to ensure state information technology systems and services are
efficient and effective.
   (7) Approving, suspending, terminating, and reinstating
information technology projects.
   (8) Performing enterprise information technology functions and
services, including, but not limited to, implementing Geographic
Information Systems (GIS), shared services, applications, and program
and project management activities in partnership with the owning
agency or department.
   (c) The State Chief Information Officer shall produce an annual
information technology strategic plan that shall guide the
acquisition, management, and use of information technology. State
agencies shall cooperate with the office in the development of this
plan, as required by the State Chief Information Officer.
   (1) Upon establishment of the information technology strategic
plan, the State Chief Information Officer shall take all appropriate
and necessary steps to implement the plan, subject to any
modifications and adjustments deemed necessary and reasonable.
   (2) The information technology strategic plan shall be submitted
to the Joint Legislative Budget Committee by January 15, 2009, and
annually thereafter.
   (d) The State Chief Information Officer shall produce an annual
information technology performance report that shall assess and
measure the state's progress toward enhancing information technology
human capital management; reducing and avoiding costs associated with
the acquisition, development, implementation, management, and
operation of information technology assets, infrastructure, and
systems; improving energy efficiency in the use of information
technology assets; enhancing the security, reliability, and quality
of information technology networks, services, and systems; and
improving the information technology procurement process. The office
shall establish those policies and procedures required to improve the
performance of the state's information technology program.
   (1) The office shall submit an information technology performance
management framework to the Joint Legislative Budget Committee by May
15, 2009, accompanied by the most current baseline data for each
performance measure or metric contained in the framework. The
information technology performance management framework shall include
the performance measures and targets that the office will utilize to
assess the performance of the state's information technology
program. The office shall provide notice to the Joint Legislative
Budget Committee within 30 days of making changes to the framework.
This notice shall include the rationale for changes in specific
measures or metrics.
   (2) State agencies shall take all necessary steps to achieve the
targets set forth by the office and shall report their progress to
the office on a quarterly basis.
   (3) The information technology performance report shall be
submitted to the Joint Legislative Budget Committee by January 15,
2010, and annually thereafter. To enhance transparency, the office
shall post performance targets and progress toward these targets on
its public Internet Web site.
   (4) The office shall at least annually report to the Director of
Finance cost savings achieved through improvements to the way the
state acquires, develops, implements, manages, and operates state
technology assets, infrastructure, and systems. This report shall be
submitted in a timeframe determined by the Department of Finance and
shall identify the actual savings achieved by each office,
department, and agency.

11546.  (a) The office of the State Chief Information Officer shall
be responsible for the approval and oversight of information
technology projects, which shall include, but are not limited to, all
of the following:
   (1) Establishing and maintaining a framework of policies,
procedures, and requirements for the initiation, approval,
implementation, management, oversight, and continuation of
information technology projects.
   (2) Evaluating information technology projects based on the
business case justification, resources requirements, proposed
technical solution, project management, oversight and risk mitigation
approach, and compliance with statewide strategies, policies, and
procedures. Projects shall continue to be funded through the
established Budget Act process.
   (3) Consulting with agencies during initial project planning to
ensure that project proposals are based on well-defined programmatic
needs, clearly identify programmatic benefits, and consider feasible
alternatives to address the identified needs and benefits consistent
with statewide strategies, policies, and procedures.
   (4) Consulting with agencies prior to project initiation to review
the project governance and management framework to ensure that it is
best designed for success and will serve as a resource for agencies
throughout the project implementation.
   (5) Requiring agencies to provide information on information
technology projects including, but not limited to, all of the
following:
   (A) The degree to which the project is within approved scope,
cost, and schedule.
   (B) Project issues, risks, and corresponding mitigation efforts.
   (C) The current estimated schedule and costs for project
completion.
   (6) Requiring agencies to perform remedial measures to achieve
compliance with approved project objectives. These remedial measures
may include, but are not limited to, any of the following:
   (A) Independent assessments of project activities, the cost of
which shall be funded by the agency administering the project.
   (B) Establishing remediation plans.
   (C) Securing appropriate expertise, the cost of which shall be
funded by the agency administering the project.
   (D) Requiring additional project reporting.
   (E) Requiring approval to initiate any action identified in the
approved project schedule.
   (7) Suspending, reinstating, or terminating information technology
projects. The office shall notify the Joint Legislative Budget
Committee of any project suspension, reinstatement, and termination
within 30 days of that suspension, reinstatement, or termination.
   (8) Establishing restrictions or other controls to mitigate
nonperformance by agencies, including, but not limited to, any of the
following:
   (A) The restriction of future project approvals pending
demonstration of successful correction of the identified performance
failure.
   (B) The revocation or reduction of delegated authority.
   (b) The office of the State Chief Information Officer shall have
the authority to delegate to another agency any authority granted
under this section based on its assessment of the agency's project
management, project oversight, and project performance.

11546.5.  (a) Employees of the Office of Technology Review,
Oversight, and Security within the Department of Finance shall be
transferred to the office of the State Chief Information Officer, the
Office of Information Security and Privacy Protection, or the
Finance Information Technology Consulting Unit within the Department
of Finance.
   (b) Notwithstanding Section 19050.9, the Director of Finance shall
have final approval over which persons serving in the Department of
Finance Office of Technology Review, Oversight, and Security as of
the effective date of this chapter are transferred to the office of
the State Chief Information Officer, the Office of Information
Security and Privacy Protection, and the Finance Information
Technology Consulting Unit. The status, position, and rights of those
persons transferring and those persons remaining within the
Department of Finance shall be retained by them pursuant to Section
19050.9 and the State Civil Service Act (Part 2 (commencing with
Section 18500) of Division 5).
   (c) All relevant records and papers held for the benefit and use
of the former Department of Information Technology in the performance
of its statutory duties, powers, purposes, and responsibilities, and
of the Office of Technology Review, Oversight, and Security within
the Department of Finance in the performance of its statutory duties,
powers, purposes, and responsibilities, except for records and
papers with respect to information security, shall be transferred to
the office of the State Chief Information Officer.
   (d) Notwithstanding any other provision of law, all employees of
the office of the State Chief Information Officer shall be designated
as excluded from collective bargaining pursuant to subdivision (b)
of Section 3527.
   (e) Notwithstanding any other provision of law, the Director of
Finance may enter into contractual agreements on behalf of the office
of the State Chief Information Officer until the State Chief
Information Officer is appointed by the Governor, but not later than
June 30, 2008, whichever occurs first.

11547.  The Department of Finance shall perform fiscal oversight of
the state's information technology projects. This oversight shall
consist of a determination of the availability of project funding
from appropriate sources, and project consistency with state fiscal
policy. Projects shall continue to be funded through the established
Budget Act process.

11548.  This chapter shall not apply to the State Compensation
Insurance Fund, the Legislature, or the Legislative Data Center in
the Legislative Counsel Bureau.

11548.5.  This chapter shall remain in effect only until January 1,
2013, and as of that date is repealed, unless a later enacted
statute, that is enacted before January 1, 2013, deletes or extends
that date.