GENERAL ASSEMBLY OF NORTH CAROLINA

SESSION 1999

 

 

SESSION LAW 1999-347

HOUSE BILL 253

 

 

AN ACT TO CHANGE THE NAME OF THE STATE INFORMATION PROCESSING SERVICES TO THE DIVISION OF INFORMATION TECHNOLOGY SERVICES AND TO REQUIRE THAT CERTAIN STATE AGENCY INFORMATION TECHNOLOGY PROJECTS MUST BE CERTIFIED BY THE INFORMATION RESOURCE MANAGEMENT COMMISSION.

 

The General Assembly of North Carolina enacts:

 

Section 1.  The name of the State Information Processing Services of the Department of Commerce is changed to the Division of Information Technology Services.

Section 2.  G.S. 143B-472.44 reads as rewritten:

"§ 143B-472.44.  State Information Processing Services. Division of Information Technology Services.

With respect to all executive departments and agencies of State government, except the Department of Justice and The University of North Carolina, the Department of Commerce shall have the following powers and duties:

(1)       To establish and operate information resource centers and services to serve two or more departments on a cost-sharing basis, if the Information Resources Management Commission decides it is advisable from the standpoint of efficiency and economy to establish these centers and services;

(2)       With the approval of the Information Resources Management Commission, to charge each department for which services are performed its proportionate part of the cost of maintaining and operating the shared centers and services;

(3)       With the approval of the Information Resources Management Commission, to require any department served to transfer to the Department of Commerce ownership, custody, or control of information processing equipment, supplies, and positions required by the shared centers and services;

(4)       With the approval of the Information Resources Management Commission, to adopt reasonable rules for the efficient and economical management and operation of the shared centers, services, and the integrated State telecommunications network;

(5)       With the approval of the Information Resources Management Commission, to adopt plans, policies, procedures, and rules for the acquisition, management, and use of information technology resources in the departments affected by this subdivision to facilitate more efficient and economic use of information technology in these departments; and

(6)       To develop and promote training programs to efficiently implement, use, and manage information technology resources.  resources; and

(7)       To provide cities, counties, and other local governmental units with access to State Information Processing Services Division of Information Technology Services information resource centers and services as authorized in this section for State agencies. Access shall be provided on the same cost basis that applies to State agencies.

The Department of Revenue is authorized to deviate from this subsection's requirements that departments or agencies consolidate information processing functions on equipment owned, controlled or under custody of the State Information Processing Services. Division of Information Technology Services. All deviations from this subsection's requirements shall be reported in writing within 15 days by the Department of Revenue to the Information Resources Management Commission and shall be consistent with available funding. The Department of Revenue is authorized to adopt and shall adopt plans, policies, procedures, requirements and rules for the acquisition, management, and use of information processing equipment, information processing programs, data communications capabilities, and information systems personnel in the Department of Revenue. If the plans, policies, procedures, requirements, rules, or standards adopted by the Department of Revenue deviate from the policies, procedures, or guidelines adopted by the State Information Processing Services Division of Information Technology Services or the Information Resources Management Commission, those deviations shall be allowed and shall be reported in writing within 15 days by the Department of Revenue to the Information Resources Management Commission. The Department of Revenue and the State Information Processing Services Division of Information Technology Services shall develop data communications capabilities between the two computer centers utilizing the North Carolina Integrated Network, subject to a security review by the Secretary of Revenue.

The Department of Revenue shall prepare a plan to allow for substantial recovery and operation of major, critical computer applications. The plan shall include the names of the computer programs, databases, and data communications capabilities, identify the maximum amount of outage that can occur prior to the initiation of the plan and resumption of operation. The plan shall be consistent with commonly accepted practices for disaster recovery in the information processing industry. The plan shall be tested as soon as practical, but not later than six months, after the establishment of the Department of Revenue information processing capability.

No data of a confidential nature, as defined in the General Statutes or federal law, may be entered into or processed through any cost-sharing information resource center or network established under this subdivision until safeguards for the data's security satisfactory to the department head and the Secretary of Commerce have been designed and installed and are fully operational. Nothing in this subsection may be construed to prescribe what programs to satisfy a department's objectives are to be undertaken, nor to remove from the control and administration of the departments the responsibility for program efforts, regardless whether these efforts are specifically required by statute or are administered under the general program authority and responsibility of the department. This subdivision does not affect the provisions of G.S. 147-64.6, 147-64.7, or 143B-472.42(1). Notwithstanding any other provision of law, the Department of Commerce shall provide information technology services on a cost-sharing basis to the General Assembly and its agencies as requested by the Legislative Services Commission."

Section 3.  G.S. 143B-472.41(8) reads as rewritten:

"(8)      The Chair of the State Information Processing Services Division of Information Technology Services Advisory Board."

Section 4.  G.S.  143B-472.42(1) reads as rewritten:

"(1)      With respect to State agencies, exercise general coordinating authority for all telecommunications matters relating to the internal management and operations of these agencies. In discharging that responsibility the Secretary of Commerce may in cooperation with affected State agency heads, do such of the following things as the Secretary of Commerce deems necessary and advisable:

a.         Provide for the establishment, management, and operation, through either State ownership or commercial leasing, of the following systems and services as they affect the internal management and operation of State agencies:

1.         Central telephone systems and telephone networks;

2.         Teleprocessing systems;

3.         Teletype and facsimile services;

4.         Satellite services;

5.         Closed-circuit TV systems;

6.         Two-way radio systems;

7.         Microwave systems;

8.         Related systems based on telecommunication technologies.

b.         With the approval of the Information Technology Council, coordinate the development of cost-sharing systems for respective user agencies for their proportionate parts of the cost of maintenance and operation of the systems and services listed in item "a." of this subdivision.

c.         Assist in the development of coordinated telecommunications services or systems within and among all State agencies and recommend, where appropriate, cooperative utilization of telecommunication facilities by aggregating users.

d.         Perform traffic analysis and engineering for all telecommunications services and systems listed in item "a." of this subdivision.

e.         Pursuant to G.S. 143-49, establish telecommunications specifications and designs so as to promote and support compatibility of the systems within State agencies.

f.          Pursuant to G.S. 143-49 and G.S. 143-50, coordinate the review of requests by State agencies for the procurement of telecommunications systems or services.

g.         Pursuant to G.S. 143-341 and Chapter 146 of the General Statutes, coordinate the review of requests by State agencies for State government property acquisition, disposition, or construction for telecommunications systems requirements.

h.         Provide a periodic inventory of telecommunications costs, facilities, systems, and personnel within State agencies.

i.          Promote, coordinate, and assist in the design and engineering of emergency telecommunications systems, including but not limited to the 911 emergency telephone number program, Emergency Medical Services, and other emergency telecommunications services.

j.          Perform frequency coordination and management for State agencies and local governments, including all public safety radio service frequencies, in accordance with the rules and regulations of the Federal Communications Commission or any successor federal agency.

k.         Advise all State agencies on telecommunications management planning and related matters and provide through the State Personnel Training Center or the State Information Processing Services Division of Information Technology Services training to users within State agencies in telecommunications technology and systems.

l.          Assist and coordinate the development of policies and long-range plans, consistent with the protection of citizens' rights to privacy and access to information, for the acquisition and use of telecommunications systems; and base such policies and plans on current information about State telecommunications activities in relation to the full range of emerging technologies.

m.        Work cooperatively with the North Carolina Agency for Public Telecommunications in furthering the purpose of this subdivision.

The provisions of this subdivision shall not apply to the Criminal Information Division of the Department of Justice or to the Judicial Information System in the Judicial Department."

Section 5.  G.S. 143B-472.41(b) reads as rewritten:

"(b)      Powers and Duties. - The Commission has the following powers and duties:

(1)       To develop, approve, and publish a statewide information technology strategy covering the current and following biennium that shall be updated annually and shall be submitted to the General Assembly on the first day of each regular session.

(2)       To develop, approve, and sponsor statewide technology initiatives and to report on those initiatives in the annual update of the statewide information technology strategy.

(3)       To review and approve biennially the information technology plans of the executive agencies and to review and comment biennially on the information technology plans of the Administrative Office of the Courts. This review shall include plans for the procurement and use of personal computers and workstations.

(4)       To recommend to the Governor and the Office of State Budget and Management the relative priorities across executive agency information technology plans.

(4a)     To issue certification of any State agency information technology project that requires or is expected to require the expenditure of funds in excess of five hundred thousand dollars ($500,000), whether the project is undertaken in a single phase or component or in multiple phases or components.  The certification shall be issued when the Commission determines that the project complies with Commission policies, standards, and procedures.  The Commission shall promptly report each certification to the Office of State Budget and Management, the Office of the State Controller, the Chairs of the Legislative Committees on Information Technology, and the Cochairs of the Joint Legislative Commission on Governmental Operations.  No State agency, other than The University of North Carolina or any of its constituent institutions, shall allocate or expend funds in excess of five hundred thousand dollars ($500,000) on any information technology project without prior certification as required by this subsection.  If an agency cannot determine whether a project or series of projects will require certification, the agency shall seek an opinion from the Commission.  Upon review, the Commission may determine that a project is exempt from certification and shall advise the agency of its determination.

(5)       To establish a quality assurance policy for all agency information technology projects, information systems training programs, and information systems documentation.  If at any time a certified agency information technology project is not in compliance with Commission policies, standards, or procedures, the Commission may suspend project certification and shall report the suspension to the Office of the State Controller, the Office of State Budget and Management, the Chairs of the Legislative Committees on Information Technology, and the Cochairs of the Joint Legislative Commission on Governmental Operations.  Upon recommendation of the Commission, the Joint Legislative Commission on Governmental Operations may request the State Budget Office and the State Controller to take appropriate remedial action, up to and including the suspension of appropriations or the nonrelease of funds to the project.

(6)       To establish and enforce a quality review and expenditure review procedure for major agency information technology projects.

(7)       To review and approve expenditures from appropriations made to the Office of State Budget and Management for the purpose of creating a Computer Reserve Fund.

(8)       To develop and promote a policy and procedures for the fair and competitive procurement of information technology consistent with the rules of the Department of Administration and consistent with published industry standards for open systems that provide agencies with a vendor-neutral operating environment where different information technology hardware, software, and networks operate together easily and reliably."

Section 6.  This act is effective when it becomes law.

In the General Assembly read three times and ratified this the 13th day of July, 1999.

 

 

s/   Dennis A. Wicker

President of the Senate

 

 

s/   James B. Black

Speaker of the House of Representatives

 

 

s/   James B. Hunt, Jr.

Governor

 

 

Approved 8:55 p.m. this 22nd day of July, 1999