The secretary shall have all of the following powers and duties:
(1)Develop a comprehensive four-year strategic plan for the state’s information technology to include acquisition, management, and use of information technology by state agencies. The plan shall be developed in conjunction with the planning and budgeting processes for state agencies and may include review of state agencies’ information technology plans, capital budgets, and operating budgets as appropriate to accomplish the goals of reducing redundant expenditures and maximizing the return on information technology investments. The plan shall be updated annually and submitted to the Governor and shall be presented during a public meeting to the Permanent Legislative Oversight Committee on Information Technology. The plan sha
Free access — add to your briefcase to read the full text and ask questions with AI
The secretary shall have all of the following powers and duties:
(1) Develop a comprehensive four-year strategic plan for the state’s information technology to include acquisition, management, and use of information technology by state agencies. The plan shall be developed in conjunction with the planning and budgeting processes for state agencies and may include review of state agencies’ information technology plans, capital budgets, and operating budgets as appropriate to accomplish the goals of reducing redundant expenditures and maximizing the return on information technology investments. The plan shall be updated annually and submitted to the Governor and shall be presented during a public meeting to the Permanent Legislative Oversight Committee on Information Technology. The plan shall further be coordinated with the Boards of Directors of the Alabama Supercomputer Authority.
(2) Collaborate and coordinate with the Alabama Supercomputer Authority or any state authority, board, or agency of like kind and promote standards and coordinate services and infrastructure to ensure that information technology and cybersecurity are used to support designated needs areas, including identifying applications, equipment, and services that may be statewide in scope and assisting state agencies in avoiding duplication of applications, equipment, and services.
(3) Serve as a member of the board, or boards, for the Alabama Supercomputer Authority.
(4) Solicit, receive, and administer funds, goods, services, and equipment from public and private entities to be used for the purchase of computers, satellites, hardware, software, and other information technology and cybersecurity equipment and services and for staff training in the use of information technology and cybersecurity development programs.
(5) Establish an inventory of information technology resources to allow identification of underutilized or idle resources and all data and data systems in state agencies to promote improved asset management, information security, and cybersecurity utilization, intelligence, and data sharing, with information technology resources to include personnel, goods, and services. The inventory is not subject to public disclosure.
(6) Manage, plan, and coordinate all telecommunications and cybersecurity systems under the jurisdiction of the state through coordination of existing system activities, vendors, service orders, billing, and recordkeeping functions in accordance with records retention requirements established by the State Records Commission and other applicable law; planning and implementing new systems or services; designing replacement systems; project management during specification writing, bid letting, proposal evaluation, and contract negotiations; implementation and supervision of new systems and ongoing support; implementation of long-term state plans; and management of telecommunications networks.
(7) Establish and coordinate, through either state ownership or commercial leasing, all telecommunications and cybersecurity equipment, systems, and related services affecting the management and operations of the state or any county office of a state agency.
(8) Act as the centralized approving authority for the acquisition of all telecommunications, information technology, and cybersecurity systems or services provided to state agencies via state procurement means, including pay telephones, computer services, Internet delivery systems, radio communications, or any combination thereof, located on or off premises owned or operated by the state or any of its agencies.
(9) Charge respective user agencies for their proportionate cost of the installation, maintenance, and operation of the telecommunications, information technology, and cybersecurity equipment, systems, and services, including the operation of the office.
(10) Develop coordinated telecommunications, information technology, and cybersecurity equipment, systems, and related services including, but not limited to, data, voice, and Internet systems or services within and among all state agencies both on and off premises and require, where appropriate, cooperative utilization of telecommunications equipment, facilities, and services by aggregating users.
(11) Review, coordinate, approve, or disapprove all requests by state agencies for the procurement, through purchase or lease, of radio communications and telecommunications, information technology, and cybersecurity equipment, systems, and related services, including telecommunications, data, Internet protocol, maintenance, implementation, and consultation contracts.
(12) Establish and define telecommunications and cybersecurity system and service specifications and designs so as to assure compatibility of telecommunications, information technology, and cybersecurity equipment, systems, and related services within state government and any county office of a state agency.
(13) Provide a continuous, comprehensive analysis and inventory of telecommunications, information technology, and cybersecurity costs, facilities, and systems within state government and any county offices of state agencies.
(14) Advise and provide consultation services to state agencies with respect to telecommunications, information technology, and cybersecurity management planning and related matters, including training within state agencies.
(15) Establish and supervise the administration of data processing centers deemed necessary to best serve the data processing needs of all state agencies.
(16) Provide for the centralization, consolidation, and shared use of equipment and services deemed necessary to obtain maximum utilization and efficiency in data processing operations.
(17) Transfer to any data processing center the data processing activities of any state agency.
(18) Provide systems design and programming services to all state agencies.
(19) Select and procure, by purchase or lease, any data processing systems and associated software deemed necessary to best serve the data processing needs of the office.
(20) Conduct data processing studies as deemed necessary and enter into contracts with other state agencies, organizations, corporations, or individuals to complete those studies.
(21) Prepare contract specifications for data systems equipment and services.
(22) Establish and administer a structured system for review and approval of new information technology and cybersecurity initiatives and projects, including business case, cost benefit analysis, and compatibility analysis.
(23) Administer any funds appropriated to the secretary by the Legislature for the establishment, operation, and coordination of the office.
(24) Represent state information technology, cybersecurity, and related areas with both the private and public sectors, including the federal government.
(25) Issue annual reports to the Governor, the Legislature, and the general public concerning the coordination and operation of the office.
(26) Adopt rules and policies and establish procedures and standards for the management and operation of information technology by state agencies to carry out this chapter, including coordinating state information technology; providing technical assistance to state agency administrators on design and management of state information technology systems; evaluating and approving the cost, system design, and suitability of information technology equipment and related services; establishing and enforcing cybersecurity governance for state agencies, including supporting operations and technology controls; establishing standards and policies for program and project management and methodologies; and developing a unified and integrated structure and enterprise architecture for information technology systems for all state agencies.
(27) In consultation with the Governor, adopt rules to provide for the creation, operation, and oversight of a technology quality assurance board that will promote the responsible and transparent procurement, development, and use of novel technologies within state agencies through establishing and enforcing the following measures for these technologies:
a. Ethical guidelines and frameworks.
b. Security and privacy controls.
c. Ongoing compliance mechanisms.
(28) Plan and coordinate information technology and cybersecurity activities for state agencies in such a manner as to promote the most economical and effective use of state resources.