(i) The development of standards, policies,
processes and strategic technology roadmaps.
(ii) The performance of technical reviews and
capability assessments of services, technologies and
State agency systems.
(iii) The evaluation of requests for information
technology policy exceptions.
(iv) The ability to incorporate emerging
technologies in a cost-effective and timely manner.
(22) Develop and implement efforts to standardize data
elements and determine data ownership assignments.
(23) Establish and operate centers of expertise for
specific information technologies and services to serve two
or more State agencies on a cost-sharing basis, if the
director, after consultation with the Office of the Budget,
decides it is advisable from the standpoint of the
information technology strategic plan, efficiency and economy
to establish these centers and services.
(24) Require a State agency served to transfer to the
office ownership, custody or control of information
processing equipment, supplies and positions required to
implement the information technology strategic plan.
(25) Develop and promote training programs to
efficiently implement, use and manage information technology
resources throughout State government.
(26) Develop and maintain a comprehensive information
technology inventory.
(27) Monitor compliance with information technology
policy and standards through investment, budgeting and
architectural review processes.
(28) Maintain and strengthen the Commonwealth's
cybersecurity posture through security governance.
(29) Develop security solutions, services and programs
to protect data and infrastructure.
(30) Identify and remediate security risks and maintain
citizen trust in securing computerized personal information.
(31) Implement programs, processes and solutions to
maintain cybersecurity situational awareness and effectively
respond to cybersecurity attacks and information technology
security incidents.
(32) Create a process identifying risks to the success
of information technology programs and projects, developing
mitigations, incorporating mitigating actions in budgeting
and investment and review processes.
(33) Conduct evaluations and compliance audits of State
agency security infrastructure.
(34) Develop and produce cost, risk and quality
initiatives that consolidate State agency information
technology services, including, but not limited to,
infrastructure, personnel, investments, operations and
support services necessary to achieve the findings of this
2021/90NAD/HB0040A00192 - 8 -
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51