4819.31 BASIC POLICY
(Revised 03/03)
Each state agency is required to:
- Establish and maintain an Operational Recovery Plan, so that it will be able to protect its information assets in the event of a disaster or serious disruption to its operations, and submit the plan or its update to Finance as outlined in the Operational Recovery Plan Quarterly Reporting Schedule (SIMM Section 05). See SAM Sections 4843-4845.
- Establish an ongoing information management strategic planning process to support the accomplishment of its overall business strategy (i.e., its strategy to carry out its programmatic mission) and submit its strategic plan to Finance for approval. See SAM Section 4900.2.
- Adopt standards for an agency information technology infrastructure consistent with SAM Section 4900.1.
- Conduct a feasibility study in order to establish the business case for each proposed information technology project (development or acquisition) and obtain approval of the FSR from Finance, or, if approval authority has been delegated to the agency director, from the agency director before expending any funds on the project. See SAM Sections 4819.34-4819.35.
- Manage information technology projects following the established IT Project Oversight Framework (SIMM Section 45) minimum requirements, to ensure that projects are completed on-time, within budget, and that they accomplish the objectives defined in their FSRs. See SAM Section 4800.
- Protect the integrity of its information management capabilities and databases and ensure the security and confidentiality of information it maintains.
- Establish an ongoing acquisition planning process to develop IT Procurement Plans (ITPP) for IT project acquisition of IT goods and services as determined by the Department of General Services.
If an agency fails to meet these requirements, the agency will be required to obtain Finance approval before expending any funds on information technology projects.
The project approval process is described in SAM Section 4819.34.
