|
|
1.0 TITLE: Oversight of Information Technology Projects
1.1 EFFECTIVE DATE: October 14, 1999
1.2 TYPE OF ACTION: New
2.0 PURPOSE: To establish a policy for the oversight of information technology projects within entities. Project oversight is an essential management practice to ensure the successful implementation of information technology projects. The purpose is to ensure that the project is being managed in compliance with the project plan; that sound management practices are being observed, that contractors are delivering on their contracts, that the project is adequately staffed and that schedules are reasonable and are being met.
3.0 ORGANIZATIONS AFFECTED: All Branches, Boards, Commissions, Departments, Divisions, and Agencies of state government, hereafter referred to as entities.
4.0 REFERENCES:
4.1 K.S.A. 1998 Supp. 75-7203 authorizes the ITEC to: Adopt information resource policies and procedures and provide direction and coordination for the application of the state's information technology resources for all state agencies.
4.2 K.S.A 75-7211 directs the legislative chief information technology officer, under the direction of the Joint Committee on Information Technology, to monitor state entity execution of information technology projects and at times agreed upon by the three chief information technology officers shall report progress in project execution and the status and changes to the project financial plan.
4.3 K.S.A. 75-7211 directs entity heads to consult with the Joint Committee on Information Technology before approving any increase above the authorized total cost of a project .that exceeds the lesser of $1,000,000 or 10% of the currently authorized cost. The Joint Committee on Information Technology will report all such changes and overruns to the senate ways and means and the house appropriations committees.
5.0 DEFINITIONS/BACKGROUND:
5.1 Information technology project means a project for a major computer, telecommunications or other information technology improvement with an estimated cumulative cost of $250,000 or more and includes any such project that has proposed expenditures for: (1) new or replacement equipment or software; (2) upgrade improvements to existing equipment and any computer systems, programs or software upgrades therefore; or (3) data or consulting or other professional services for such a project.
5.2 CITO - Chief Information Technology Officer, duties defined in K. S. A. 1998 Supp. 75-7205, 75-7206, 75-7207.
5.3 ITEC - refers to the Information Technology Executive Council.
5.4 Information Technology Project Plan refers to the plan defined by the Division of Budget instructions for information technology projects.
6.0 POLICY:
6.1 All information technology projects will be conducted under the oversight of the entity executive management.
6.2 Entities will submit a risk assessment analysis to the Chief Information Technology Officer along with their Information Technology Project Plan.
6.3 The Chief Information Technology Officer, when reviewing projects that are subject to CITO review, will evaluate the size, complexity, risk and consequences of failure for proposed projects and will determine to what extent independent external oversight will be required to adequately monitor the execution of entity information technology projects.
6.4 After review of the Information Technology Project Plan, The Chief Information Technology Officer may recommend an amount to be included in the project budget to cover the cost of an appropriate level of oversight by an independent oversight contractor.
6.5 Entities will fully support external reviews in order to maximize the state's investment in information technology projects.
6.6 Before one or more state entities proposing an information technology project begin the project, the project plan, including the technical architecture of its computer and communications systems, and the cost-benefit analysis shall be approved by the entity head and by the chief information technology officer. All specifications for bids and proposals related to an approved project shall be reviewed by the chief information technology officer.
6.7 The head of an entity with primary responsibility for a project may authorize or approve, without consultation with the Joint Committee, any change in planned expenditures for a project that would result in an increased total cost the lower of less than $1,000,000 or less than 10% of the currently authorized total cost. If the increase in total cost exceeds the previously authorized total cost by the lesser of $1,000,000 or 10% of the current approved project total cost, the agency head will advise the branch chief information technology officer. The CITO shall also notify the Chairperson of the Joint Committee on Information Technology and request that consultation with the committee be scheduled. The entity head shall not authorize or approve any action that will exceed the previously authorized total cost until the required consultation has taken place.
7.0 PROCEDURES:
7.1 The initial risk assessment will be performed by the project manager using a risk assessment model approved by the Chief Information Technology Officer.
7.2 The Chief Information Technology Officer, in consultation with the state entity, will use the Information Technology Project Plan and the initial risk assessment to determine oversight requirements for each project.
7.3 External oversight may be performed by the Chief Information Technology Officer, by an independent oversight contractor or a combination of both, depending on the requirements of the project.
7.4 Oversight requirements for a small project with very low risk may be fulfilled with routine project status reporting while requirements for a large or high risk project may require the involvement of an independent oversight consultant to monitor the project on a periodic or full time basis. Oversight reports will be filed no less frequently than once every three months for active projects.
7.5 Oversight contractors will submit periodic status report to the Chief Information Technology Officer and to entity management. Those reports will provide a clear definition and analysis of major problems and issues associated with the ongoing implementation of the project. A copy of the oversight report will be provided to Legislative Research, marked for the attention of the Joint Committee on Information Technology.
7.6 Oversight contractors will assist the project manager in conducting periodic risk assessments at strategic points throughout the life of the project.
8.0 RESPONSIBILITIES:
8.1 Heads of entities are responsible to establish procedures for their organization's compliance with the requirements of this policy.
8.2 The Chief Information Technology Officer, Executive Branch, is responsible for the maintenance of this policy.
9.0 CANCELLATION: None
Attachment 1 - Sample Independedent Review Process
1. Review each engineering effort at least once during each phase.
2. Review the project at each phase for conformance to the applicable Project Implementation Plan, Software Development Plan, and QA Plan. This review includes the configuration management data management processes, the use of methodologies and tools identified in the project plans, the software development folders, the peer review process, and the walk through process.
3. Provide a summary report of each review to the Group Manager. This report should clearly identify any deficiencies or problems encountered during the review.
4. For projects with problems or deficiencies, work with Group Manager to ensure that a plan is implemented to resolve the problems/deficiencies and schedule a second review to make sure that the problems/deficiencies have been resolved.
5. Independent reviews work only if follow-up actions are taken to resolve any problems or deficiencies identified by the reviews.
Note: The purpose of the review procedure is to ensure that the project plans are being adhered to and that any identified problems or deficiencies are resolved in a timely manner. The independent reviewer is interested in the project processes rather than the project products.
DA Home | Services | Divisions | Contact Us | Disclaimer | What's New | State of Kansas Home Page
Page last modified on: December 07, 2007