Name | File Type |
---|---|
IT Strategic Plan |
|
Policy and State IT Standards |
|
IT Project Monitoring and Transparency Initiative |
|
Enterprise Reference Architecture |
|
Enterprise Reference Architecture Glossary |
|
IT Accessibility Standards |
|
Social Media and Networking Policy and Standards |
|
IT Statutory and Regulatory Reporting |
|
IT Procurement
The CIO is statutorily responsible for approving state agencies’ procurement of IT products and services through the eProcurement process and purchase request process through the project portfolio management tool.
To allow for a more timely and efficient process when purchasing lower cost IT products, the CIO has delegated authority for procurement of certain IT products to executive state agencies as described in this Procurement Information Memorandum.
Additionally, the CIO has delegated the IT procurement process to the state purchasing director to promote consistency in state government procurement.
Budget Expense
Budget Revenue
The CIO acts as the Information Technology and Telecommunications Purchasing Director in order to carry out statutory and regulatory authority and duties of the CIO. Similar to the State Purchasing Director under the Central Purchasing Act, the CIO has sole and exclusive authority and responsibility for all IT Acquisitions (74 O.S. 85.5.A, OAC 260:115-1-5) used or consumed by state agencies (74 O.S. 85.2), with a few exceptions referenced below. The CIO also is responsible for establishing IT procurement policies and procedures and issuing directives and other instruction regarding required procurement practices for IT Acquisitions. Regarding IT products and services, statutes and rules referencing the State Purchasing Director should, therefore, be interpreted as referring to the CIO in the role of Information Technology and Telecommunications Purchasing Director. The information in this section of the Reference Guide is intended to assist an agency by providing an overview and links to more detailed information.
Pertinent information regarding IT Acquisitions follows:
"Information technology" is defined identically in the OMES purchasing administrative rules and in 62 O.S. §34.29 regarding accessibility. Also, "information technology assets" is defined in 62 O.S. §35.3. As a practical matter, whether a particular product or service is "information technology" is not always clear. As technology becomes more embedded in everyday products, products and services that formerly had no connection to IT now include an IT component that may cause the Acquisition to be an IT Acquisition, e.g., health lab testing kits and law enforcement body cameras. Consulting the Information Services team is the best practice if there is a question whether a product or service is IT.
An agency’s monetary threshold to acquire IT products and services is different than Acquisitions without an IT component:
- an agency procuring certain IT products has some approval authority, pursuant to state statutes (62 O.S. §§34.11.1.F, 34.12.B and 35.4) and a corresponding PIM. The acquisition process for these products is further described in the Order Tech Now portal. Note: except as customarily included with a product on the Approved Hardware and Software list, an agency’s approval authority is not applicable to IT services.
- an agency may lease certain IT workstation products from approved suppliers without further procurement approval from OMES. Details and the leasing process are further described in the OrderTech Now portal. An agency may not rent or lease other IT products with the approval of the CIO.
- otherwise, an IT Acquisition requires approval of the CIO (62 O.S. §§34.11.1.F, 34.19, 34.20.1, 34.21, 34.26, 35.4), which has been delegated internally in OMES Information Services to an extent, to facilitate efficient review and approval. IT contracts for the benefit of a particular agency are executed by the CIO or Information Services staff with delegated authority.
The CIO also has authority, pursuant to statute (62 O.S. §34.11.1.I, 34.20 and 74 OS 85.5.G), to designate IT contracts as statewide and mandatory statewide contracts. As is true for other statewide contracts, the CIO may allow a public agency to utilize IT statewide contracts. The CIO may also negotiate enterprise agreements, consolidation contracts and high technology system contracts in lieu of, or in conjunction with, bidding procedures to reduce acquisition cost (62 O.S. §34.11.1, 74 OS 85.9D). An enterprise agreement is an agreement with a supplier who manufactures, develops and designs IT goods and services used by one or more state agencies. A consolidation contract is for several state or public agencies for purchasing IT goods and services. A high technology system contract is a contract for advanced technological equipment, software, communication lines, and services for the processing, storing, and retrieval of information by a state agency.
Processing functions of IT Acquisitions and procurement-related accessibility duties have been delegated from the CIO to the State Purchasing Director to achieve alignment, streamline and standardize State procurement functions and ensure consistent procurement policies, procedures and processes. Requisitions for IT products or services are submitted via the ePro module of PeopleSoft.
- Oklahoma statutes and rules contain certain requirements for specific contract clauses to be included in IT contracts, e.g., source code escrow, accessibility and patented property and copyrighted materials developed for the State (OAC 260:115-7-30, OAC 260:115-7-54, 62 O.S. §34.31).
- When a Supplier will have access to or be processing or storing State or citizen data, the Supplier will be required, prior to contract award, to submit a security certification and accreditation assessment questionnaire and the information provided will be evaluated by the State Chief Information Security Officer on behalf of the CIO. The purpose of the evaluation is to assess the physical and information security risk to State or citizen data in order to inform good business decisions. Additional contract terms relating to hosting services in such instances are required to be included in a contract involving Supplier access, processing or storage of State or citizen data.