Section 7: Financial threshold for proposed IT expenditures; approval; contracts for IT services; project oversight committee; policies and guidelines
Section 7. (a) The CIO shall determine and set a minimum financial threshold above which any proposed IT expenditure by a state agency shall be reviewed and approved by the office. The CIO may suspend an expenditure related to IT until approval has been granted by the office. The operational services division and the comptroller shall adopt procedures and policies to ensure cooperation with the executive office of technology services and security's IT procurement review policies and shall assist in enforcing them.
(b) All state agency contracts for IT shall require the approval of the CIO. The executive office of technology services and security may require that it be named as a party to any IT contract that any agency or office within the executive department enters into. The CIO may negotiate state agency IT contracts and amendments to existing contracts entered into by a state agency for information technology services in order to expand the scope of the contract, extend the term of the contract, improve delivery of services under the contract or to safeguard information from threats to cyber security. The office shall review long-term contracts for information technology services on a quarterly basis to ensure that services delivered pursuant to those contracts are provided in a timely and cost-effective manner to the commonwealth. If the CIO determines that information technology services under any such contract could be improved, the office shall consult and negotiate with each agency and contractor who is a party to the existing contract to obtain terms and conditions more favorable to the commonwealth.
(c) For IT projects that present a complex set of challenges as defined in an administrative directive promulgated by the executive office of technology services and security, the executive office of technology services and security may establish a project oversight function that may include the formation of a committee to develop criteria and benchmarks to evaluate the project and advise the executive office of technology services and security as to whether the project is accomplishing its objectives. A committee established pursuant to this section may include members from the private sector; provided, however, that members shall have no financial interest in the project overseen by the committee.
(d) The CIO shall adopt policies, standards and guidelines governing information technology procurement, development and maintenance, specifically including provisions for:
(i) ensuring effective project management and oversight configurations;
(ii) establishing strategic incentive and requirement structures;
(iii) increasing competition among information technology vendors, including, but not limited to, the undertaking of smaller, short-term information technology projects to provide improved programmatic flexibility;
(iv) utilizing commercial off-the-shelf information technology products to achieve cost savings on information technology projects;
(v) increasing technology procurement innovation using pilot programming;
(vi) identifying which information technology projects and procurements shall require the services of an independent verification and validation consultant;
(vii) creating a team of project managers to oversee and manage large information technology projects;
(viii) gathering and maintaining relevant records, documents and information related to vendor performance on ongoing and completed projects to assist in assessing prospective vendors' past performance; and
(ix) implementing other best practices which may include, but shall not be limited to, those identified in legislative reports and legislatively-required reports.