8 CCR 1501-7-5 - Responsibilities and Requirements

A. The purpose of the OEA within the Governor's Office of Information Technology (OIT) is to deliver agile business solutions enabling connected government services.

(1) The OEA has the following responsibilities:

a. Develop a comprehensive EA framework and repository across the agencies to ensure the alignment between the business strategy and the supporting technical and data architectures;

b. Develop processes and procedures to review agency architectural documentation as deemed necessary;

c. Review agency architectural documentation and provide feedback to agencies in a timely manner;

d. Set enterprise standards for all technical domains;

e. Establish processes necessary for implementing new technologies and systems in response to the State's changing business needs;

f. Coordinate and leverage existing state investments in information technology infrastructure;

g. Identify interdependencies between enterprise projects;

h. Establish collaborative and cooperative relationships with public and private sector organizations to invest strategically in enterprise technology assets and promote reusability;

i. Enforce architectural standards across the enterprise; and,

j. From time to time review its mission and update policies and standards as deemed necessary.

(2) State Agency Requirements

a. Each agency shall provide baseline architectural documentation based on OEA templates and guidelines within 180 business days of delivery of templates;

b. Agencies shall go through an architectural documentation update and review process based on process and procedures determined by the OEA;

c. Agencies shall implement new, modified or updated functionality, applications, technologies and systems in accordance with standards, policies, and guidelines developed by the OEA.

d. Agencies shall comply with other data management policies, procedures and standards as developed by the OEA.

B. The purpose of the DM Program within the OEA is to leverage data and information as enterprise assets and to establish standards and processes to enable more agile solutions and government services.

(1) The Data Management Program has the following responsibilities:

a. Ensure that data and information assets are known, usable, reusable, and can be accessed when and where needed;

b. Develop processes and procedures to review agency data documentation as deemed necessary;

c. Review agency data documentation and provide feedback to agencies in a timely manner;

d. Establish common policies, procedures and standards to maximize the sharing and investment in information resources;

e. Coordinate and leverage existing state investments in data and information resources;

f. Create policies and procedures to facilitate data and information sharing among the various agencies.

g. Develop appropriate security and privacy policies to protect data assets, by working in conjunction with the Office of Cyber Security on data security management and the Attorney General's Office on privacy concerns;

h. Establish collaborative and cooperative relationships with public and private sector organizations to invest strategically in data and information assets and promote reusability; and,

i. From time to time review its mission and update policies and standards as deemed necessary.

(2) State Agency Requirements

a. Each agency shall provide baseline data documentation based on OEA templates and guidelines within 180 business days of delivery of templates;

b. Agencies shall go through a data documentation update and review process based on process and procedures determined by the OEA;

c. Agencies shall implement data management standards in accordance with standards, policies, and guidelines developed by the Governor's Office of Information Technology.

d. Agencies shall comply with the metrics and reporting requirements developed by the OEA.

e. Agencies shall comply with other data management policies, procedures and standards as developed by the OEA.

C. Request for Extension of Time - If any agency finds that they are unable to complete the requirements set out in section 5 A and B within the 180 day requirement, they may request an extension of time. The request for an extension must be made in writing, and submitted to the CIO or his/her designee no later than 60 days before the 180 day time period expires. The request must state the reason for the delay and the anticipated timeframe for completion. Such a request does not guarantee an extension of time. The agency should continue to work within the 180 day timeframe until they hear from OIT. An extension of time will not be unduly withheld. The CIO or his/her designee will work with the agency to assure compliance with the rule.

Notes

8 CCR 1501-7-5