C.R.S. Section 24-37.5-105.2
State agencies

  • information technology
  • responsibilities

(1)

In connection with information technology, each state agency shall:

(a)

Comply with the rules, standards, plans, policies, and directives of the office;

(b)

Comply with information technology requests of the office, the general assembly, the joint technology committee, and the joint budget committee, and provide evidence of such compliance upon request of the governor, general assembly, the joint technology committee, or the joint budget committee;

(c)

Participate with and advise the office on the creation of an information technology plan for the state agency as part of the state’s planning and budgeting process; and

(d)

Support effective use of information technology by defining roles and processes to partner with the office.

(2)

In connection with any major information technology project that a state agency plans to undertake, the state agency shall:

(a)

Consult with the office on the development of the major information technology project;

(b)

Before commencing work on the major information technology project, submit the plan to the office and obtain approval from the office;

(c)

If the state agency plans to make significant changes to the major information technology project or budget, consult with the office regarding the changes and obtain the office’s approval of the changes before commencing work on the changes; and

(d)

Consult with and obtain approval from the office for changes to the funding strategy for the ongoing maintenance and eventual disposal of a major information technology system.

(3)

State agencies have the responsibility for ensuring program delivery and for creating a business culture that prioritizes maximizing value from technology and information technology projects. State agencies shall:

(a)

Understand and manage the business criticality of their systems;

(b)

Improve awareness of how information technology can help them achieve the mission of the state agency;

(c)

Articulate the outcomes of their information technology products and use processes that effectively prioritize investments and improvements aimed at achieving those outcomes; and

(d)

Plan for and manage the impacts of changes resulting from information technology projects for staff and constituents to enhance adoption and maximize the value of information technology investments.

(4)

State agency responsibilities for user access to all state information technology systems, in connection with employees, contractors, subcontractors, and other users include:

(a)

Ensuring that user access is correct and that all requirements are satisfied;

(b)

Requesting appropriate access to information technology systems;

(c)

Periodic auditing of access levels; and

(d)

Removal of access.

(5)

For security purposes, a state agency shall include the office as a party to all contracts or agreements for information technology goods, services, or systems.

(6)

A state agency shall hold authority and be responsible for projects managed by the state agency when the office is involved only as a party to the contract or a party to the agreement with a vendor, contractor, or other party.

Source: Section 24-37.5-105.2 — State agencies - information technology - responsibilities, https://leg.­colorado.­gov/sites/default/files/images/olls/crs2023-title-24.­pdf (accessed Oct. 20, 2023).

24‑37.5‑101
Legislative declaration - findings
24‑37.5‑102
Definitions
24‑37.5‑103
Office of information technology - creation - information technology revolving fund - geographic information system coordination
24‑37.5‑105
Office - roles - responsibilities - state search interface - rules - legislative declaration - definitions
24‑37.5‑105.2
State agencies - information technology - responsibilities
24‑37.5‑105.4
Delegation of authority
24‑37.5‑106
Chief information officer - duties and responsibilities
24‑37.5‑116
Communications and stakeholder management plan
24‑37.5‑117
Use of technology to interact with citizens - working group - strategic plan
24‑37.5‑118
Change of references - director to revisor of statutes
24‑37.5‑119
Broadband service - report - broadband deployment board - broadband administrative fund - creation - rules - legislative declaration - definitions - repeal
24‑37.5‑120
Technology risk prevention and response fund - creation - definitions
24‑37.5‑121
Digital access to government services - strategic plan - reporting - legislative declaration - definitions
24‑37.5‑122
Study of personally identifiable information - authority of chief information officer - report to joint technology committee - definitions - repeal
24‑37.5‑123
Colorado operations resource engine upgrade and continuous improvement project - reporting
24‑37.5‑401
Legislative declaration
24‑37.5‑403
Chief information security officer - duties and responsibilities
24‑37.5‑404
Public agencies - information security plans
24‑37.5‑404.5
Institutions of higher education - information security plans
24‑37.5‑404.7
General assembly - information security plans
24‑37.5‑405
Security incidents - authority of chief information security officer
24‑37.5‑701
Legislative declaration - intent
24‑37.5‑702
Government data advisory board - created - duties - definition
24‑37.5‑703
Interdepartmental data protocol - contents
24‑37.5‑704
Data-sharing - authorization
24‑37.5‑801
Information technology asset inventory - refresh cycle schedule - report
24‑37.5‑802
Information technology budget requests - working group - report
24‑37.5‑901
Legislative declaration
24‑37.5‑902
Definitions
24‑37.5‑903
Colorado broadband office - creation - responsibilities - gifts, grants, or donations
24‑37.5‑904
Digital inclusion grant program - income-eligible household reimbursement program - creation - award criteria - digital inclusion grant program fund - definition - reporting - repeal
Green check means up to date. Up to date

Current through Fall 2024

§ 24-37.5-105.2’s source at colorado​.gov