4989.3 - AGENCY ROLES AND RESPONSIBILITIES
(Revised 09/08)

 

Management. Day-to-day management responsibility for desktop and mobile computing configurations resides with the manager who has supervisory responsibility for the individual or individuals who use the products. The manager must ensure that the acquisition and use of desktop and mobile computing commodities support the accomplishment of agency objectives and that the individual or individuals who will be using the products will be trained in their use.

 

Each agency must have a plan for the appropriate application of desktop and mobile computing.  Each agency must ensure that its plans are consistant with the agency's information management standards, policies, procedures, and its information technology infrastructure.  Agency plans for implementing desktop and mobile computing must not preclude the implementation of other agency applications on the same configuration.  Agencies are responsible for establishing desktop and mobile computing standard configurations, ensuring each acquisition made under this policy is consistant with those standards, and accurately tracking the cost associated with such acquisitions.  In addition, agencies are responsible for the creation and maintenance of IT assets inventories for commodities purchased under this policy. 

 

Agency management has a responsibility to establish standards of technical assistance in support of such LAN activities such as installation, configuration, problem-determination, maintenance, backup, recovery, and required activities beyond those normally associated with stand-alone personal computers.  Agencies are expected to maintain internal processes to ensure that any IT commodities acquired under the authority of this policy are compliant with all applicable hardware, software, and security standards for the agency.

 

Agency management is responsible for taking appropriate action in the event of employee misuse of desktop and mobile computing technology or employee failure to comply with State and agency policy governing the use of desktop and mobile computing.  

 

Security. Desktop and mobile computing environments owned by state agencies involve the risk of property loss, threats to privacy, and treats to the integrity of state operations.  Accordingly, agencies must be in compliance with all applicable provisions of the SAM and must implement appropriate safeguards to secure the agency's desktop and mobile computing infrastructure.

 

Current agency Operational Recovery Plans (ORP) or acceptable ORP certifications must be on file at the OCIO.  Agencies that do not demonstrate effective compliance with the State's IT security policy and Operational Recovery policy are not authorized to make any expenditures for desktop and mobile computing commodities until the agency has complied.  See SAM Sections 5300-5399.

 

Desktop and Mobile Computing Coordinator.  In order to ensure ongoing IT asset management practices are followed, agencies employing desktop and mobile computing should designate a unit or individual employee of the agency as the agency's Desktop and Mobile Computing Coordinator or equivalent function.  The coordinator must be knowledgeble about (a) desktop and mobile computing configurations; (b) state-level and agency policies for the use of desktop and mobile computing commodities; and (c) the relationship between desktop and mobile computing and other uses of information technology with the agency.

 

The responsibilities of the coordinator should include:

1. Maintaining current specifications for the agency's desktop and mobile computing commodity standards;
    
2. Assisting in the completion and review of any DMCP documents if required by the agency's policies and procedures;
    
3. Coordinating the acquisition of desktop and mobile computing commodities;
    
4. Informing desktop and mobile computing users of available training and technical support capabilities; and
      
5. Maintaining continuing liaison with agency IT management to ensure that: (a) proposed desktop and mobile computing applications are consistent with the agency's established information management strategy and information technology infrastructure, (b) desktop and mobile computing configurations can support the implementation of other agency applications.