C.R.S. Section 24-37.5-105.4
Delegation of authority


(1)

The chief information officer may delegate an information technology function of the office to another state agency by agreement or other means authorized by law. The chief information officer may delegate an information technology function of the office if in the judgment of the director of the state agency and the chief information officer:

(a)

The state agency has requested that the function be delegated;

(b)

The state agency has the necessary resources and skills to perform or control the function to be delegated; and

(c)

The function to be delegated is a unique or mission-critical function of the state agency.

(2)

The chief information officer may delegate a function of the office only when the delegation results in net cost savings or improved service delivery to the state as a whole or to the unique mission critical function of the state agency, or is not otherwise provided in the office’s information technology oversight and standards governance developed pursuant to section 24-37.5-105 (4).

(3)

For any delegation of authority pursuant to this section, the office shall formalize an agreement with the state agency in which the agency assumes the responsibility for all of the requirements specified in this subsection (3), including acknowledging responsibility for ensuring that the information technology or service maintains ongoing compliance with state information technology policies and standards pursuant to section 24-37.5-105 (4) and applicable federal regulations. The delegation of authority pursuant to this section shall be in writing and shall contain the following:

(a)

A precise definition of each function to be delegated;

(b)

A clear description of the standards to be met in performing each delegated function;

(c)

Designation of the state agency responsible for ensuring operational security and validating compliance to security policies and standards;

(d)

A provision for periodic administrative audits by the office;

(e)

A date on which the agreement shall terminate if the agreement has not been previously terminated or renewed; and

(f)

Designation of the appointing authority responsible for the delegated services to support the function in the state agency and rates to be charged for the staff.

(4)

An agreement to delegate functions to a state agency may be terminated by the office if the results of an administrative audit conducted by the office reveals a lack of compliance with the terms of the agreement by the state agency.

Source: Section 24-37.5-105.4 — Delegation of authority, https://leg.­colorado.­gov/sites/default/files/images/olls/crs2023-title-24.­pdf (accessed Oct. 20, 2023).

24‑37.5‑101
Legislative declaration - findings
24‑37.5‑102
Definitions
24‑37.5‑103
Office of information technology - creation - information technology revolving fund - geographic information system coordination
24‑37.5‑105
Office - roles - responsibilities - state search interface - rules - legislative declaration - definitions
24‑37.5‑105.2
State agencies - information technology - responsibilities
24‑37.5‑105.4
Delegation of authority
24‑37.5‑106
Chief information officer - duties and responsibilities
24‑37.5‑116
Communications and stakeholder management plan
24‑37.5‑117
Use of technology to interact with citizens - working group - strategic plan
24‑37.5‑118
Change of references - director to revisor of statutes
24‑37.5‑119
Broadband service - report - broadband deployment board - broadband administrative fund - creation - rules - legislative declaration - definitions - repeal
24‑37.5‑120
Technology risk prevention and response fund - creation - definitions
24‑37.5‑121
Digital access to government services - strategic plan - reporting - legislative declaration - definitions
24‑37.5‑122
Study of personally identifiable information - authority of chief information officer - report to joint technology committee - definitions - repeal
24‑37.5‑123
Colorado operations resource engine upgrade and continuous improvement project - reporting
24‑37.5‑401
Legislative declaration
24‑37.5‑403
Chief information security officer - duties and responsibilities
24‑37.5‑404
Public agencies - information security plans
24‑37.5‑404.5
Institutions of higher education - information security plans
24‑37.5‑404.7
General assembly - information security plans
24‑37.5‑405
Security incidents - authority of chief information security officer
24‑37.5‑701
Legislative declaration - intent
24‑37.5‑702
Government data advisory board - created - duties - definition
24‑37.5‑703
Interdepartmental data protocol - contents
24‑37.5‑704
Data-sharing - authorization
24‑37.5‑801
Information technology asset inventory - refresh cycle schedule - report
24‑37.5‑802
Information technology budget requests - working group - report
24‑37.5‑901
Legislative declaration
24‑37.5‑902
Definitions
24‑37.5‑903
Colorado broadband office - creation - responsibilities - gifts, grants, or donations
24‑37.5‑904
Digital inclusion grant program - income-eligible household reimbursement program - creation - award criteria - digital inclusion grant program fund - definition - reporting - repeal
Green check means up to date. Up to date

Current through Fall 2024

§ 24-37.5-105.4’s source at colorado​.gov