An Act
ENROLLED SENATE
BILL NO. 1269 By: Simpson of the Senate
and
Hardin (Tommy) of the House
An Act relating to the Military Department of the
State of Oklahoma; allowing the Military Department
to make certain purchases for information services;
amending 62 O.S. 2021, Section 34.12, which relates
to duties of the Information Services Division ;
providing certain exe mption; providing for
codification; and providing an effective dat e.
SUBJECT: Information services
BE IT ENACTED BY THE PEOPLE OF THE STATE OF OKLAHOMA:
SECTION 1. NEW LAW A new section of law to be codified
in the Oklahoma Statutes as Section 233.10a of Title 44, unless
there is created a duplication in numb ering, reads as follows:
The Military Department of the State of Oklahoma may purchase
computer hardware or software or any s ervices related to software
development, software modifications , or any other services related
to the operation and maintenance of comput er hardware or software or
both independently and without prior approval from the Office of
Management and Enterprise Services Informati on Services Division.
SECTION 2. AMENDATORY 62 O.S. 2021, Section 34.12, is
amended to read as follows:
Section 34.12. A. The Information Services Division of the
Office of Management and Enterprise Services shall:
ENR. S. B. NO. 1269 Page 2
1. Coordinate information technology planning through analysis
of the long-term information technology plans for each agency;
2. Develop a statewide information technology plan with annual
modifications to include, but not be limited to, individual agency
plans and information systems plans for the statewide electronic
information technology funct ion;
3. Establish and enforce minimum mandatory standards for:
a. information systems planning,
b. systems development methodology,
c. documentation,
d. hardware requirement s and compatibility,
e. operating systems compatibility,
f. acquisition of softwar e, hardware and technology -
related services,
g. information security and internal controls,
h. data base compatibility,
i. contingency planning and disaster recovery, and
j. imaging systems, copiers, facsimile systems, printers,
scanning systems and any as sociated supplies.
The standards shall, upon adoption, be the minim um requirements
applicable to all agencies. These standards shall be compatible
with the standards establi shed for the Oklahoma Government
Telecommunications Network. Individual agency st andards may be more
specific than statewide requirements but shall in no case be less
than the minimum mandatory standards. Where standards required of
an individual agency of the state by agencies of the federal
government are more strict than the state minimum standards, such
federal requirements shall be applicable;
ENR. S. B. NO. 1269 Page 3
4. Develop and maintain applicat ions for agencies not having
the capacity to do so;
5. Operate a data serv ice center to provide operations and
hardware support for agencies requiring such services and for
statewide systems;
6. Maintain a directory of t he following which have a value of
Five Hundred Dollars ($500.00) or more: application systems, systems
software, hardware, internal and external information technology,
communication or tele communication equipment owned, leased, or
rented for use in commu nication services for state govern ment,
including communication services provided as part of any other total
system to be used by the state or any of its agencies, and studies
and training courses in use by all agencies of the st ate; and
facilitate the utilization of the resources by any a gency having
requirements which are found to be available within any agency of
the state;
7. Assist agencies in the acquisition and utilization of
information technology systems and hardware to effectuate the
maximum benefit for the provision of services and accomplishment of
the duties and responsibilities of agencies of the st ate;
8. Coordinate for the executive branch of state government
agency information technology activities, encourage joi nt projects
and common systems, linking of agency systems thr ough the review of
agency plans, review and approval of all statewide contr acts for
software, hardware and information technology consulting services
and development of a statewide plan and its i ntegration with the
budget process to ensure that development s or acquisitions are
consistent with statewide objectives and that propose d systems are
justified and cost effective;
9. Develop performance reporting guid elines for information
technology facilities and conduct an an nual review to compare agency
plans and budgets with results and expenditures;
10. Establish operations review procedures for information
technology installations operated by agencies of the st ate for
independent assessment of prod uctivity, efficiency, c ost
effectiveness, and security;
ENR. S. B. NO. 1269 Page 4
11. Establish data center user charges for billing costs to
agencies based on the use of all resources;
12. Provide system development and consultant support to state
agencies on a contractual, cost reimbursement basis; and
13. In conjunction with the Oklaho ma Office of Homeland
Security, enforce the minimum information security an d internal
control standards established by the Information Services Division.
An enforcement team consisting of the Ch ief Information Offi cer of
the Information Services Division or a designee, a representative of
the Oklahoma Office of Homeland Security , and a representative of
the Oklahoma State Bureau of Investigation shall enforce the minimum
information security and internal control sta ndards. If the
enforcement team determin es that an agency is not in compliance with
the minimum information securit y and internal control standards, the
Chief Information Officer shall take immedia te action to mitigate
the noncompliance, including the removal of the agency from the
infrastructure of the state until the agency becomes compliant,
taking control of the in formation technology function of the agency
until the agency is compliant, and tra nsferring the administration
and management of the informa tion technology function of the agency
to the Information Services Division or another state agency.
B. No agency of the executive branch of the state shall use
state funds for or enter into any ag reement for the acquisition of
any category of computer hardware, software or any contract for
information technology or telecommunication services and equipment,
service costs, maintenance costs, or any other costs or fees
associated with the acquisition of the services or equipment,
without written authorization of the Chief Information Officer or a
designee except the following:
1. A purchase less than or equal to Five Tho usand Dollars
($5,000.00) if such product is purchased using a state purchase card
and the product is listed on either t he Approved Hardware or
Approved Software list located on the Office of Management and
Enterprise Services website; or
2. A purchase over Five Thousand Dollars ($5,000.00) and less
than or equal to Twenty -five Thousand Dollars ($25,000.00) if such
ENR. S. B. NO. 1269 Page 5
product is purchased using a state purchase card, the product is
listed on an information technology or telecommunications statewide
contract, and the product is listed on either the Approved Hardware
or Approved Software lis t located on the Office of Management and
Enterprise Services website; or
3. A purchase of computer hardware or software or any services
related to software development, softwar e modifications, or any
other services related to the operation and maintenance of computer
hardware and software or both independently that is made by the
Military Department of the State of Oklahoma.
If written authorization is n ot obtained prior to incur ring an
expenditure or entering into any agreement as required in this
subsection or as required in Section 35.4 of th is title, the Office
of Management and Enterprise Services may not process any claim
associated with the expendi ture and the provisions of any agreement
shall not be enforceable. The provisions of this subsection shall
not be applicable to any member of T he Oklahoma State System of
Higher Education, any public e lementary or secondary schools of the
state, any technology center school distri ct as defined in Section
14-108 of Title 70 of the Oklahoma Statutes, or CompSource Oklahoma
Mutual Insurance Company .
C. The Chief Information Officer and Information Service s
Division of the Office of Management and Enterprise Services and all
agencies of the executive branch o f the state shall not be required
to disclose, directly or indirectly, any information of a s tate
agency which is declared to be confidential or privil eged by state
or federal statute or the disclosure of which is restricted by
agreement with the United St ates or one of its agencies, nor
disclose information technology system details that may perm it the
access to confidential information or any informati on affecting
personal security, personal identity, or physical security of stat e
assets.
SECTION 3. This act shall become effective November 1, 2022.
ENR. S. B. NO. 1269 Page 6
Passed the Senate the 16th day of February, 2022.
Presiding Officer of the Senate
Passed the House of Representatives the 20th day of April, 2022.
Presiding Officer of the House
of Representatives
OFFICE OF THE GOVERNOR
Received by the Office of the Governor this _______ _____________
day of _________________ __, 20_______, at _______ o'clock _______ M.
By: _______________________________ __
Approved by the Governor of the State of Oklahoma this _____ ____
day of _________________ __, 20_______, at _______ o'clock _______ M.
_________________________________
Governor of the State of Oklahoma
OFFICE OF THE SECRETARY OF STATE
Received by the Office of the Secretary of State this _______ ___
day of __________________, 20 _______, at _______ o'clock _______ M.
By: ________________________ _________