Req. No. 2376 Page 1 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
STATE OF OKLAHOMA
2nd Session of the 59th Legislature (2024)
SENATE BILL 1205 By: Rosino
AS INTRODUCED
An Act relating to the Office of Management and
Enterprise Services; amending 62 O.S. 2021, Sections
34.11.1, 34.11.1.1, 34.11.2, 34.11. 7, 34.12, as
amended by Section 2, Chapter 74, O.S.L. 2022 (62
O.S. Supp. 2023, Section 34.12 ), and 34.25, which
relate to the Oklahoma State Financ e Act; modifying
responsibilities of Chief Information Officer;
modifying duties of the Information Ser vices Division
of the Office of Manag ement and Enterprise Services;
terminating authority of State Governmental
Technology Applications Review Board; amending 62
O.S. 2021, Sections 35.3, 35.5, 35.6, and 35.8, which
relate to the Information Technology Con solidation
and Coordination Act; modifying definitions ;
modifying duties of Chief Information Office r;
modifying duties of the Informa tion Services
Division; modifying requirement for state agencies to
use certain services; terminating duties of State
Governmental Technology Applications Review Board;
repealing 62 O.S. 2021, Section 34.27, which relates
to the State Governmental Tech nology Applications
Review Board; repealing 62 O.S. 2021, Sections 35.2,
35.7, and 35.9, which relate to the Information
Technology Consolidation and Coordination A ct;
updating statutory referen ce; establishing deadline
for implementation of provisions; providing an
effective date; and declaring an emergency .
BE IT ENACTED BY THE PEOPLE OF THE STATE OF OKLAHOMA:
SECTION 1. AMENDATORY 62 O.S. 2021, Section 34. 11.1, is
amended to read as follows:
Req. No. 2376 Page 2 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Section 34.11.1. A. There is hereby created the position of
Chief Information Officer who shall be appointed by the Governor.
The Chief Information Officer, in addition to having authority over
the Information Service s Division of the Office of Management and
Enterprise Services, shall also serve as Secretary of Information
Technology and Telecommunications or succ essor cabinet position and
shall have jurisdictional areas of responsibility related to
information technology and telecommunications systems security of
all state agencies as provided for in state law. The salary of th e
Chief Information Officer shall not be less than One Hundred Thirty
Thousand Dollars ($130,000.00) or more than One Hundred Sixty
Thousand Dollars ($160,000.00).
B. Any person appointed to the position of Chief Informati on
Officer shall meet the following eligibility requirements:
1. A baccalaureate degree in Computer Inform ation Systems,
Information Systems or Technology Management, Business
Administration, Finance, or other similar degree;
2. A minimum of ten (10) years of professional experience wit h
responsibilities for management and support of information systems
and information technology, including seven (7) years of direct
management of a major information technology operation;
3. Familiarity with local and wid e-area network design,
implementation, and operation;
Req. No. 2376 Page 3 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
4. Experience with data and voice convergence servic e
offerings;
5. Experience in developing technology budgets;
6. Experience in develo ping requests for proposal and
administering the bid process;
7. Experience managing profession al staff, teams, and
consultants;
8. Knowledge of telecommunications operations;
9. Ability to develop and set strategic direction for
information technology and telecommunications security and to manage
daily development and oper ations functions;
10. An effective communicator who is able to build consensus;
11. Ability to analyze and resolve complex issues, both logical
and interpersonal;
12. Effective verbal and written communicatio ns skills and
effective presentation skills, geared toward coordination and
education;
13. Ability to negotiate and defuse conflict; and
14. A self-motivator, independent, cooperative, flexible and
creative.
C. The salary and any other expenses for the Chie f Information
Officer shall be budgeted a s a separate line item through the Office
of Management and Enterpris e Services. The operating ex penses of
the Information Services Division shall be set by the Chief
Req. No. 2376 Page 4 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Information Officer and shall be budgeted a s a separate line item
through the Office of Management and Enterprise Service s. The
Office of Management and Enterprise Services shall provide adequ ate
office space, equipment and support necessary to enable the Chief
Information Officer to carry out the inf ormation technology and
telecommunications security duties and responsibilities of the Chief
Information Officer and th e Information Servic es Division.
D. 1. Within twelve (12) months of appointment, the first
Chief Information Officer shall complete an asses sment, which shall
be modified annually pursuant to Section 35.5 of this title , of the
implementation of the transfer, coordination, and mode rnization of
all information technology and telecommunication syste ms of all
state agencies in the state as provided for in the Oklahoma
Information Services Ac t. The assessment shall include the
information technology and telec ommunications system s of all
institutions within The Oklahoma State System of Higher Education,
the Oklahoma State Regents for Higher Educatio n and the
telecommunications network known as OneNet as assembled and
submitted by the Oklahoma Higher Education Chief Information
Officer, as designated by the Oklahoma State Regents for Higher
Education.
2. Within twelve (12) months of appointment, the first Chief
Information Officer shall issue a report setting out a plan of
action which will include the following :
Req. No. 2376 Page 5 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
a. define the shared service model organization structure
and the reporting relationship of the recommen ded
organization,
b. the implementation of an information technology and
telecommunications shared services model that defines
the statewide infrastructure environment needed by
most state agencies that is not specific to individual
agencies and the shared applications that are utilized
across multiple agencies,
c. define the services that shall be in the shared
services model under the control of the I nformation
Services Division of the Office of Management and
Enterprise Services,
d. define the roadmap to implement the proposed shared
services model. The roadmap shall include
recommendations on the transfer, coordin ation, and
modernization of all information technology and
telecommunication systems of all the state agencies in
the state,
e. recommendations on the reallocation of information
technology and telecommunication resources a nd
personnel,
Req. No. 2376 Page 6 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
f. a cost benefit analysis to support the recommendatio ns
on the reallocation of information technology and
telecommunication resources and personnel,
g. a calculation of the net savings realized t hrough the
reallocation and consolidation of information
technology and teleco mmunication resources and
personnel after compensating for the cost of
contracting with a private consultant as authorized in
paragraph 4 of this subsection, implementing the plan
of action, and ongoing costs of the Informa tion
Services Division of the Office of Management and
Enterprise Services, and
h. the information required in subsection B of Section
35.5 of this title.
3. The plan of acti on report shall be presented to the
Governor, Speaker of the House of Representatives, and the President
Pro Tempore of the State Senate.
4. The Chief Information Officer may c ontract with a private
consultant or consultants to assist in the a ssessment and
development of the plan of action report as required in this
subsection.
E. The Chief Information Officer shall be authorized to employ
personnel, fix the duties and c ompensation of the personnel, not
otherwise prescribed by law, and otherwise direct th e work of the
Req. No. 2376 Page 7 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
personnel in perform ing the function and accomplishing the purposes
of the Information Services Divi sion of the Office of Management and
Enterprise Services.
F. E. The Information Services Division of the Office of
Management and Enterprise Services shall be responsible for the
following duties:
1. Formulate and imple ment the information technology and
telecommunications security strategy for all state agen cies;
2. Define, design, and implement a shared services statewide
infrastructure and application environment for information
technology and telecommunications security for all state agencies;
3. Direct the development and operation of a scalable
telecommunications infrastructure that supports data and voice
communications reliability, integrity, and security;
4. Supervise the applications development process for those
necessary information security applications that are utilized across
multiple agencies;
5. Provide direction for the professional development of
information technology sta ff of state agencies and oversee the
professional development of the staff of the I nformation Services
Division of the Office of Management and Enterprise Services;
6. Evaluate all technology and telecommunication investment
choices telecommunications security for all state agencies;
Req. No. 2376 Page 8 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
7. Create a plan to ensure alignment of current sys tems, tools,
and processes with the strategic information tec hnology plan for all
state agencies;
8. Set direction and provide oversight for the support and
continuous upgrading of the current information technology and
telecommunication security infrastructure in the state in support of
enhanced reliability, user service levels, and security ;
9. 8. Direct the development, implementation, and manageme nt of
appropriate standards, policies , and procedures to ensure the
success of state information technology and telecommunication
security initiatives;
10. 9. Recruit, hire, and transfer the required technical staff
in the Information Services Division of the Office of Managemen t and
Enterprise Services to support the services provided by the Division
and the execution of the strategic information technology p lan;
11. 10. Establish, maintain, and enfo rce information technology
and telecommunication telecommunications security standards;
12. 11. Delegate, coordinate, and review all work to ensure
quality and efficient operation of the Information Services Division
of the Office of Managemen t and Enterprise Services;
13. 12. Create and implement a communication plan that
disseminates pertinent information to state agencies on information
security standards, policies, procedures, service levels, project
status, and other important information to customers of the
Req. No. 2376 Page 9 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Information Services Division of the Office of Management and
Enterprise Services and provide for state agency feedback and
performance evaluation by customers of the Division;
14. 13. Develop and implement training programs for state
agencies using the shared services of t he Information Services
Division of the Office of M anagement and Enterprise Services and
recommend training programs to state agencies on information
technology and telecommunication systems telecommunications
security, products and procedures;
15. 14. Provide counseling, performance evaluation, training,
motivation, discipline, and assign duties for employees of the
Information Services Division of the Office of Management and
Enterprise Services;
16. 15. For all state agencie s, approve the purchasing of Chief
Information Officer must be notified of pl ans to purchase all
information technology and telecommunication telecommunications
security services and approve the purchase of a ny information
technology and telecommunication product except the following:
a. a purchase less than or equal to Five Thousand Dollars
($5,000.00) if such product is purchased using a state
purchase card and the product is listed on either the
Approved Hardware or Approved Software list located on
the Office of Management and Enterprise Services
website, or
Req. No. 2376 Page 10 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
b. a purchase over Five Thousand Dollars ($5,000.00) and
less than or equal t o Twenty-five Thousand Dollars
($25,000.00) if such product is purchased using a
state purchase card, the produc t is listed on an
information technology or telecommunications security
statewide contract, and the product is listed on
either the Approved Hardware or Approved S oftware list
located on the Office of Management and Enterprise
Services website;
17. 16. Develop and enforce an overall infrastructure
architecture strategy and associated roadmaps for desktop, network,
server, storage, and statewide management systems for state agencies
as necessary to maintain information and telecommunications
security;
18. Effectively manage the design, implementation and support
of complex, highly available infrastructure to ensure optimal
performance, on-time delivery of features, a nd new products, and
scalable growth;
19. 17. Define and implement a governance model for requesting
services and monitoring service level metrics for all shared
information and telecommunications security services; and
20. 18. Create the budget for the Information Services Division
of the Office of Management and Enterprise Services to be subm itted
to the Legislature each year; and
Req. No. 2376 Page 11 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
19. Monitor all portal systems and applications for portal
systems created by state agencies , boards, commissions, or
authorities, review portal systems applications approved or denied
by the Information Services Division of the Office of Management and
Enterprise Services, and make recommendation to th e Legislature and
Governor to encourage greater use of the open -systems concept as
defined in Section 34.26 of this title.
G. The State Governmental Technology Applications Rev iew Board
shall provide ongoing oversight of the implementation of the plan of
action required in subsection D of this section. Any proposed
amendments to the plan of action shall be approved by the Board
prior to adoption.
H. F. 1. The Chief Informatio n Officer shall act as the
Information Technology and Tele communications Purcha sing Director
for all state agencies and shall be responsible for the procurement
of all information technology and telecommunication
telecommunications software, hardware, equi pment, peripheral
devices, maintenance, consulting services, high technology systems,
and other related information technology, data processing,
telecommunication telecommunications and related peripherals and
services for all sta te agencies. The Chief In formation Officer
shall establish, implement, and enforce policies and procedur es for
the procurement of information technology and telecommunication
telecommunications software, hardware, equipment, peripheral
Req. No. 2376 Page 12 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
devices, maintenance, consulting services, hi gh technology systems,
and other related information technol ogy, data processing,
telecommunication telecommunications and related peripherals and
services by purchase, lease -purchase, lease with option to purchase,
lease and rental for all state agencies. The procurement policies
and procedures establis hed by the Chief Information Officer shall be
consistent with The the Oklahoma Central Purchasing A ct.
2. The Chief Information Officer, or any employee or agent of
the Chief Information Officer acting wit hin the scope of delegated
authority, shall have the same power and authority regarding the
procurement of all information technology and telecommunication
telecommunications products and services as outlined in paragraph 1
of this subsection for all state agencies as the State Purchasing
Director has for all acq uisitions used or con sumed by state agencies
as established in The the Oklahoma Central Purchas ing Act. Such
authority shall, consistent with the authority granted to the State
Purchasing Director pursuant to Section 85.10 of Title 74 of the
Oklahoma Statutes, include the power to designate financial or
proprietary information submitted by a bidder confidential and
reject all requests to disclose the information so designated, if
the Chief Information Officer requires the bidder to submit the
financial or proprietary informati on with a bid, proposal, or
quotation.
Req. No. 2376 Page 13 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
I. G. The Information Services Div ision of the Office of
Management and Enterprise Services and the Chief Information Officer
shall be subject to The the Oklahoma Central Purchasing Act for the
approval and purchase of equipment and products not related to
information and telecommunications technology, equipment, softw are,
products and related peripherals and services and shall also be
subject to the requirements of the Public Competitive Bidding Act of
1974, the Oklahoma Lighting Energy Conservation Act and the Public
Building Construction and Planning Facilities Act when procuring
data processing, information technology, telecommunication
telecommunications, and related peripherals and services and when
constructing informat ion technology and telecommunication
telecommunications facilities, telecommunication telecommunications
networks and supporting infrastructure. The Chief Information
Officer shall be authorized to delegate all or some of the
procurement of information technology and telecommunication
telecommunications products and services and construction of
facilities and telecommunication telecommunications networks to
another state entity if the Chief Information Officer determines it
to be cost-effective and in the best interest of the state. The
Chief Information Officer shall have author ity to designate
information technology and telecommunication contrac ts as statewide
contracts and mandatory statewide contracts pursuant to Section 85.5
of Title 74 of the Oklahoma Statutes and t o negotiate consolidation
Req. No. 2376 Page 14 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
contracts, enterprise agr eements and high tec hnology systems
contracts in accordance with the procedu res outlined in Section
85.9D of Title 74 of the Oklahoma Statutes. Any contract entered
into by a state agency for which the Chief Informati on Officer has
not acted as the Information Tec hnology and Telecommunications
Purchasing Director as required in thi s subsection or subsecti on H
of this section, shall be deemed to be unenforceable and the Office
of Management and Enterprise S ervices shall not process any claim
associated with the provisions thereof.
J. H. The Chief Information Officer shall establis h, implement,
and enforce policies and procedure for the development and
procurement of an interoperable radio communications system for
state agencies. The Chief Information Officer shall work with local
governmental entities in developing the interoperable radio
communications system.
K. The Chief Information Officer shall develop and implement a
plan to utilize open source techn ology and products for the
information technology and telecommunication sy stems of all state
agencies.
L. I. All state agencies and authorities of this state and all
officers and employees of those entities shall work and cooperate
with and lend assistance to the Chief Information Officer and the
Information Services Division of the Office of Management and
Req. No. 2376 Page 15 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Enterprise Services and p rovide any and all necessary information
requested by the Chief Information Officer.
M. The Chief Information Officer shall pr epare an annual report
detailing the ongoing net saving attributable to t he reallocation
and consolidation of information technology and telecommunicat ion
resources and personnel and shall submit the report to the Governor,
the Speaker of the House of Representatives, and the President Pro
Tempore of the Senate.
N. J. For purposes of the Oklahoma Information Services Act,
unless otherwise provided for, “state agencies” shall include any
office, officer, bureau, board, commission, counsel, unit, division,
body, authority, or institution of the executive branch of state
government, whether elected or appoi nted; provided, except with
respect to the provisio ns of subsection D of this section, the term
“state agencies” shall not include institutions within The Oklahoma
State System of Higher Education, the Oklahoma State Re gents for
Higher Education and the telecommunications network known as OneNet.
O. K. As used in this section:
1. “High technology system ” means advanced technologica l
equipment, software, commu nication lines, and services for the
processing, storing, and retrieval of infor mation by a state agency;
2. “Consolidation contract ” means a contract for several state
or public agencies for the purpose of purchasing information
Req. No. 2376 Page 16 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
technology and telecommunication telecommunications goods and
services; and
3. “Enterprise agreement ” means an agreement for information
technology or telecommunication telecommunications goods and
services with a suppli er who manufactures, develops an d designs
products and provides services that are used by one or more state
agencies.
SECTION 2. AMENDATORY 62 O.S. 2021, Section 34.11.1.1,
is amended to read as follows:
Section 34.11.1.1. A. The Chief Information Officer shall
source and submit to the State Governmental Technology Applications
Review Board proposed state employee performance information
metrics, convenience information sets and other data streams for
possible publication o n the “data.ok.gov” website in accordance with
guidelines established by Section 34.11.2 of Title 62 of the
Oklahoma Statutes this title.
B. The Chief Information Officer shall assist the State
Governmental Technolog y Applications Review Board with developing
performance metrics pursuant to the requirements of Section 34.27 of
Title 62 of the Oklahoma Statut es.
C. The following data sets shall be placed online at the
“data.ok.gov” website:
1. All state expenditures which shall include but not be
limited to the name and address of the re cipient of the expenditure,
Req. No. 2376 Page 17 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
amount of expenditure, entire description of item or service
purchased, date of expenditure, agency making expenditure and
account from which the expenditur e is made;
2. A detailed listing of all state revolving funds and the
amount contained in each fund to be updated on a monthly bas is; and
3. All spending data subject to publication by the School
District Transparency Act.
SECTION 3. AMENDATORY 62 O.S. 2021, Section 34.11.2, is
amended to read as follows:
Section 34.11.2. A. There is hereby established the Oklahoma
State Government 2.0 Initiative.
B. The State Governmental Technology Applicat ions Review Board
Chief Information Officer shall consider and approve a standardized
social media policy for use by state agencies, boards, commissions ,
and public trusts having the State of Ok lahoma as a beneficiary.
C. The board Chief Information Offic er shall establish open
technology standards and a schedule by which state agencies, boards,
commissions, and public trusts having the State of Oklahoma as a
beneficiary shall utilize these standards to provide citizens with
web-based interactivity to stat e government services. Whenever
possible these standards shall match commonly used standards by
other government entities.
D. The board Chief Information Officer shall set a schedule by
which state agencies, boards, commissions, and public trusts having
Req. No. 2376 Page 18 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
the State of Oklahoma as a beneficiar y shall publish and update
convenience information sets which shall be accessible through
standardized application programming interfaces and published in
standardized formats including but not limited to eXtensible Mar kup
Language (XML) and Comma Separated Comma-separated Value (CSV)
formats. The board Chief Information Officer shall establish
application programming interface standards which enable access to
convenience information sets. The schedule shall place an emphasis
on first making accessible co nvenience information sets most
commonly requested in open records requests. A directory and link
to all available convenience information sets shall be prominently
featured on the portal system referenced in Section 34.24 of this
title and if possible li nked to the data.ok.gov web portal.
E. The board Chief Information Officer may conduct events and
contests to provide recognition of software application development
provided that the application being recognized utilizes standards
established in this sec tion to the benefit of the citizens of
Oklahoma this state.
F. The board Chief Information Officer shall establish an
application process through which applicants can request the
scheduled implementation of application programming interfaces,
creation of open technology standards, and publication of
convenience information sets pursuant to the provisions of this
section. Instructions regarding the application process shall be
Req. No. 2376 Page 19 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
prominently featured on the portal system referenced in Section
34.24 of this title.
G. State agencies, boards, commissions , and public trusts
having the State of Oklahoma as a ben eficiary shall comply with the
policies, schedules, and standards established by this section.
H. The board Chief Information Officer shall promulgate
performance information metrics and guidelines which shall be used
to establish criteria which govern participation in the “State
Government Employee Performance Transparency Pilot Program ”. The
board Chief Information Officer shall set a schedule for the
publication of performance information metrics through the
data.ok.gov website.
I. For the purposes of this section, “open technology
standards” are widely accepted standards and mechanisms for the web -
based connectivity and asynchronous communication betwe en software
programs. “Application programming interface ” is a standardized
interface enabling a standard form of connectivity between
convenience information sets and software program s, “performance
information metrics” are sets of information which refl ect the
performance of state employees and state agencies, and “convenience
information sets” are sets of information which are subject to
public access under the Oklahoma Open Records Act and which do not
contain personally identifiable information.
Req. No. 2376 Page 20 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
SECTION 4. AMENDATORY 62 O.S. 2021, Section 34.11.7, is
amended to read as follows:
Section 34.11.7. A. 1. The State Governmental Technology
Applications Review Board Chief Information Officer shall establish
a statewide assistance pr ogram with guidelines and support to
encourage all state agencies in the develo pment of a telework model
designed for maximum efficiency and to reduce the need for
additional state office space and to produce cost savings.
2. In establishing a statewide a ssistance telework program, the
Board, working with the Office of Management and Enterprise
Services, Chief Information Officer shall:
a. provide policies and guidance for telework in the
areas of pay and leave, performance management,
official worksite, r ecruitment, and retention and
accommodation for employees with disabilities,
b. assist each state agency in establishing qualitative
and quantitative measures and telework goals,
c. provide guidance to ensure the adequacy of information
and security protections for information and
information systems while telework ing to:
(1) control access to agency information and
information systems,
(2) protect agency information and information
systems,
Req. No. 2376 Page 21 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
(3) protect information systems not under the control
of the state agency that are used for telework,
(4) limit the introduction of vulnerabiliti es, and
(5) safeguard wireless and other telecommunications
capabilities, and
d. maintain a central telework website including:
(1) telework links,
(2) announcements,
(3) guidance developed by the Board and the Office of
Management and Enterprise Services Chief
Information Officer, and
(4) documents to be used by staff, managers and human
resource professionals.
B. The State Governmental Technology Applications Review Board
Chief Information Officer shall establish performance reporting
metrics for each state employee who begins participating in telework
following July 1, 2012. These reports shall be published through
the data.ok.gov website.
C. The Oklahoma Healthcare Health Care Authority shall
authorize one division of employees to parti cipate in a telework
pilot program pursuant to the terms of thi s section.
D. For the purposes of this section, “performance reporting
metrics” shall mean a set of criteria which demonstrates the
Req. No. 2376 Page 22 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
quantity and quality of work. “Telework” shall mean work which is
performed outside of the traditional on -site work environment.
SECTION 5. AMENDATORY 62 O.S. 2021, Section 34.12, as
amended by Section 2, Chapter 74, O.S.L. 2022 (62 O.S. Supp. 2023,
Section 34.12), is amended to read a s follows:
Section 34.12. A. The Information Services Division of the
Office of Management and Enterprise Services shall:
1. Coordinate informat ion technology and telecommunications
security planning through analysis of the long-term information
technology and telecommunications security plans for each agency;
2. Develop a statewide information technology and
telecommunications security plan with annual modifications to
include, but not be limit ed to, individual agency plans and
information systems pla ns for the statewide electronic information
technology security function;
3. Establish and enforce minimum mandatory standards for:
a. information systems and telecommunications security
planning,
b. systems development methodo logy,
c. documentation,
d. hardware requirements and compatibility,
e. operating systems compatibility,
f. acquisition of software, hardware and technology -
related services,
Req. No. 2376 Page 23 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
g. information security and internal controls,
h. c. data base compatibility, and
i. d. contingency planning a nd disaster recovery, and
j. imaging systems, copiers, facsimile systems, printers,
scanning systems and any associated supplies.
The standards shall, upon adoption, be t he minimum requirements
applicable to all agencies. The se standards shall be compatible
with the standards established for the Oklahoma Government
Telecommunications Network. Individual agency standards may be more
specific than statewide requirements but shall in no case be less
than the minimum mandatory standards. Where standards requ ired of
an individual agency of the state by agencies of the federal
government are more strict than the state minimum standards, such
federal requirements shall be appli cable;
4. Develop and maint ain applications for agencie s not having
the capacity to do so;
5. Operate a data service center to provide operations and
hardware support for agencies requiring such services and for
statewide systems;
6. Maintain a directory of the following which hav e a value of
Five Hundred Dollars ($ 500.00) or more: appli cation systems, systems
software, hardware, internal and external information technology,
communication or telecommunication telecommunications equipment
owned, leased, or rented for use in communication services for state
Req. No. 2376 Page 24 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
government including communication services provided a s part of any
other total system to be used by the state or any of its agencies,
and studies and training courses in use by all agencies of the
state; and facilitate the utiliza tion of the resources by any agency
having requirements which ar e found to be available within any
agency of the state;
7. Assist agencies in the acquisition and utilization of
information technology systems and hardware to effectuate the
maximum benefit for the provision of information and
telecommunications security services and accomplishment of the
duties and responsibilities of agencies of the state;
8. Coordinate for the executive branch of state government
agency information technology activities, encourage joint projects
and common systems, linking of agency s ystems through the review of
agency plans, review and approval of all statewide contracts for
software, hardware and information technology consulting services
and development of a statewide p lan and its integration with the
budget process to ensure that developments or acquisitions are
consistent with statewide objectives and that proposed sys tems are
justified and cost effective including but not limited to office
suite software;
9. Develop performance reporting guidelines for information
technology facilities and conduct an annual review to compare agency
plans and budgets with results and expenditures;
Req. No. 2376 Page 25 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
10. Establish operations rev iew procedures for inf ormation
technology installations oper ated by agencies of the stat e for
independent assessment of productivity, effic iency, cost
effectiveness, and security; and
11. Establish data center user charges for billing costs to
agencies based on the use of all resources;
12. Provide system development and consultant support to state
agencies on a contractual, cost reimbursement basis; and
13. In conjunction with the Oklahoma Office of Homeland
Security, enforce the minimum information securit y and internal
control standards established by the Info rmation Services Division.
An enforcement team consisting of the Chief Informa tion Officer of
the Information Services Division or a designee, a representative of
the Oklahoma Office of Homeland Security, and a representative of
the Oklahoma State Bureau of Investigation shall enforce the minimum
information security and internal control standards. If the
enforcement team determines that an agency is not in compliance with
the minimum information sec urity and internal control standards, the
Chief Information Officer shall take immed iate action to mitigate
the noncompliance including the removal of the agency from the
infrastructure of the state until the agency becomes complian t,
taking control of the information technology function of the agency
until the agency is compliant, and transferring the administration
Req. No. 2376 Page 26 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
and management of the information technology function of the agency
to the Information Services Division or another state agency.
B. No agency Agencies of the executive branch of the this state
shall be authorized to use state funds for or enter into any
agreement for the acq uisition of any category of computer hardware,
software or any contract for information technolog y or
telecommunication telecommunications services and equipment, service
costs, maintenance costs, or any other costs or fees associated with
the acquisition of the services or equipment, without except for
purchases related to information and telecommunications security and
data protection, which shall require written authorization of the
Chief Information Off icer or a designee except the following:
1. A purchase less than or equal to Five Thousand Dollars
($5,000.00) if such product is purchased using a state purchase card
and the product is listed on either the Approved Hardware o r
Approved Software list located on the Office of Management and
Enterprise Services website;
2. A purchase over Five Thousand Dollars ($5,000.00) and less
than or equal to Twenty -five Thousand Dollars ($25,000.00) if such
product is purchased using a sta te purchase card, the produc t is
listed on an information technology or telecom munications statewide
contract, and the product is listed on either the Approved Hardware
or Approved Software list located on the Office of Management and
Enterprise Services w ebsite; or
Req. No. 2376 Page 27 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
3. A purchase of computer hardware or software or any se rvices
related to software develo pment, software modifications, or any
other services related to the operation and maintenance of computer
hardware and software or both independently that is made by the
Military Department of the State of Oklahoma.
If written authorization is not obtained prior to incurring an
expenditure or entering into any agreement as requir ed in this
subsection or as required in Section 35.4 of this title, the Office
of Management and Enterprise Services may not process any claim
associated with the expenditure and th e provisions of any agreement
shall not be enforceable. The provisions of this subsection shall
not be applicable to any m ember of The Oklahoma State Syst em of
Higher Education, any public elementary or secondary schools of the
state, any technology center school district as defined in Section
14-108 of Title 70 of the Oklahoma Statutes, or CompSource Mutual
Insurance Company.
C. The Chief Information Offi cer and Information Services
Division of the Office of Management an d Enterprise Services and all
agencies of the executive branch of the state shall not be required
to disclose, directly or indirectly, any information of a state
agency which is declared t o be confidential or privile ged by state
or federal statute o r the disclosure of which is restricted by
agreement with the United States or one of its agencies, nor
disclose information technology system details that may permit the
Req. No. 2376 Page 28 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
access to confidential i nformation or any information affecting
personal security, personal identity, or physical security of state
assets.
SECTION 6. AMENDATORY 62 O.S. 2021, Section 34.25, is
amended to read as follows:
Section 34.25. A. Subject to review and approval as provided
for in Section 34.27 of this title by the Chief Information Officer,
a state agency, board, commission, or authority may obtain
reimbursement of a merchant fee incurred in connection wit h any
electronic or online transaction.
B. Subject to review and approval as provided for in Section
34.27 of this title by the Chief Information Officer , unless
otherwise permitted by law, a state agency, board, commission , or
authority may charge a c onvenience fee for a man ual transaction.
Each state entity shall keep a record of how the convenience fee has
been determined and shall file t he record with the Information
Services Division of the Office o f Management and Enterprise
Services. A state agency , board, commission, or authority may
periodically adjust a convenience fee as needed upon review and
approval as provided for in Section 34.27 of this t itle.
Any state agency, board, commission or authority may apply t o
the State Governmental Technology Applications Review B oard for
authorization to charge a convenience fee for electronic or online
transactions. If aut horization is granted, the state entity shall
Req. No. 2376 Page 29 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
not assess a convenience fee for equivalent manual transactions.
The Board shall annually review the authorization for a convenien ce
fee for electronic or online transactions and shall take action to
renew or revoke the authorization as provided for in this subsection
by the Chief Information Officer .
C. For purposes of this section:
1. “Merchant fee” shall mean and be limited to t he cost of a
charge imposed by a third-party credit card or debit card issuer
that is necessary to process an electronic or online transaction
with a state agency, board, commission or authority;
2. “Convenience fee” shall mean a fee charged to partially
compensate for costs incurred as a result of providing for a manual
transaction or an electronic or online transact ion if authorization
is approved as provided for in subse ction B of this section; and
3. “Manual transaction” shall mean a transaction that is not
conducted online or e lectronically if the transaction is made
available online or electronically.
The Office of Management and Enterprise S ervices shall be
authorized to promulgate rules necessary to effectuate the
provisions of this section.
SECTION 7. AMENDATORY 62 O.S. 2021, Section 35.3 , is
amended to read as follows:
Section 35.3. As used in the Information Technology
Consolidation and Coordination A ct:
Req. No. 2376 Page 30 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
1. “Appropriated state agency ” means any state agency that
receives funding through the annua l legislative appropriations
process;
2. “Cybersecurity risk” means any heightened threat to the loss
of confidentiality, integrity, or availab ility of information, data,
or information systems that has a potential adverse impact to
organizational operations of state agencies;
3. “Information technology assets ” means any equipment or
interconnected system or subsystem of equipment that is used in the
acquisition, storage, manipulation, management, movement, control,
display, switching, interchange, transm ission, or reception of data
or information. The t erm shall include computers, an cillary
equipment, software, firmware and similar procedures, services,
including support services and consulting services, software
development, and related resources, and shall further include
telecommunications fiber networks use d for conveying electronic
communication or information systems to multiple physical locations;
3. 4. “Information technology position ” means a classified or
unclassified position in the following functional areas:
a. applications programming,
b. EDP electronic data processing (EDP) audit,
c. data examination,
d. computer applications,
e. computer data entry,
Req. No. 2376 Page 31 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
f. computer networking,
g. computer operations,
h. computer programming,
i. computer security,
j. computer software design,
k. web applications,
l. database analysis,
m. data management analysis,
n. database development,
o. database programming,
p. software design/development,
q. help desk,
r. imaging,
s. systems analysis,
t. systems application planning,
u. systems application,
v. systems administration,
w. systems coordination,
x. systems integration,
y. systems operation,
z. systems planning/development,
aa. systems programming,
bb. systems engineering,
cc. systems service specialist,
Req. No. 2376 Page 32 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
dd. systems support,
ee. network administration,
ff. network management,
gg. network technical,
hh. operating systems specialist ,
ii. systems program manager,
jj. telecommunications, whether data or voice,
kk. software training, and
ll. technology development or support;
4. 5. “Nonappropriated state agency” means any state agency
that does not receive funding through the annu al legislative
appropriations process;
5. 6. “Shared services” means those state agency functions
which are or could be provided through:
a. the services and systems specified in subsection A of
Section 35.6 of this title, and
b. the programs, services, software or processes
specified in subsection B of Section 35.6 of this
title; and
6. 7. “State agency” means any office, elected or appointed
officer, bureau, board, commission, counsel, unit, division, body,
authority or institution of the executive bran ch of state government
excluding institutions within The Oklahoma State System of Higher
Education, the Oklahoma Municipal Power Authority, the Oklahoma
Req. No. 2376 Page 33 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
State Regents for Higher Education and the telecommunications
network known as OneNet .
SECTION 8. AMENDATORY 62 O.S. 2021, Section 35.5 , is
amended to read as follows:
Section 35.5. A. 1. All state agencies shall provide to the
Chief Information Officer a list of information technology assets of
the agency which are integral to the information and
telecommunications security aspects of agency-specific applications
or functions and a list o f information technology positions which
are directly associated with the assets. The agency shall further
provide the reference to federal or state statutory or
constitutional provisions whi ch require it to perform th e
applications or functions .
2. If the Chief Information Officer dispute s the identification
of assets or positions provided by a state agency as bein g integral
to agency-specific applications or functions , the Director of the
Office of Management and Enterprise Services shall make the final
determination. Each dispute by the Chief Information Officer shall
include a written statement that includes a concise summary of the
dispute’s reasoning, as well as any material information necessary
for the Director of the Office of Management and Enterprise Services
to make a final determination.
B. Not later than December 1 of each year, the Chief
Information Officer shall modify the assessment required by
Req. No. 2376 Page 34 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
subsection D of Section 34.11.1 of this title to include
identification of:
1. All information technology assets of all sta te agencies,
which are not integral to agency -specific applications or functions,
and the transfer of which to the Informatio n Services Division of
the Office of Management and Enterprise Servic es and the Chief
Information Officer would result in a cost savings to th e taxpayers
of this state or improved efficiency of state government operations,
including all furniture, equipment, vehicles, supplies, re cords,
current and future liabilities, fund balances, encu mbrances,
obligations, and indebtedness associat ed with the information
technology assets;
2. All information technology positions associated with the
information technolo gy assets identified pursuant to paragraph 1 of
this subsection. The assessment shall identify the amo unt of
compensation and related liabili ties for accrued sick leave, annual
leave, holidays, unemployment benefits, and workers ’ compensation
benefits for the positions;
3. The amount of savings to the taxpayers of this state
resulting from the provisions of the Information Technology
Consolidation and Coordination Act; and
4. Any changes in law required or any changes to the amount of
state appropriations or other state funds associated with the
transfer of the information technology assets or positions.
Req. No. 2376 Page 35 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
C. The information technology assets a nd positions of each
appropriated state agency identified pursuant to this section shall
be transferred as part of the consolidation of inf ormation
technology operations of the state agency to the Information
Services Division of the Office of Ma nagement and Enterprise
Services when determined by the Information Services Division. The
costs of operation, maintenance, licensing and service of the
information technology assets shall rema in the responsibility of the
state agency from which the assets are tran sferred until the state
agency information technology operations are consolidated in the
Information Services Division, unless otherwise ag reed to by the
state agency and the Information Services Division. Appropriat e
conveyances and other docum ents shall be executed to effectuate the
transfer of the information technology assets and positions to the
Information Services Division of the Office of Management and
Enterprise Services.
D. The Chief Information Officer shall may recommend changes to
the Director of the Office of Manage ment and Enterprise Services and
the Governor for inclusion in the next executive budget to be
submitted to the Legislature.
E. The Information Services Division shall provide shared
services to each state agency and sh all bill agencies for those
shared services at an estimated cost to provide the services. The
estimated cost shall include the full cost of the services,
Req. No. 2376 Page 36 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
including materials, depreciation re lated to capital costs, labor,
and administrative expenses of the Informati on Services Division of
the Office of Management and Enterprise Services in connection with
the operation of the data center and Informatio n Services Division
operations and shall include expenses associated with acqu iring,
installing, and operat ing information technology and
telecommunications infrastructure, hardware and software for use by
state agencies. The Info rmation Services Division shall publish a
schedule of costs for eac h available shared service and shall enter
into an agreement with each stat e agency for the shared se rvices
that will be provided to the agency. The aggregated cost of shared
services to be provided to each state agency shall be budgeted
annually as a separate line item through each state a gency. State
agencies shall process request for payments as provided for under
the agreement entered into with the Information Services Division in
a timely manner. If payments are deemed to be delinquent for shared
services provided to a state agency, t he Information Services
Division may request the Division of Cent ral Accounting and
Reporting of the Office of Management and Enterprise Services to
create vouchers and process p ayments to the Information Services
Division against the funds of the delinque nt state agency. If the
state agency for which shared services were provided disputes the
provision of shared services in accordance with its agreement with
the Information Services Division, no voucher shall be process ed
Req. No. 2376 Page 37 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
against the funds of the delinque nt agency until the dispute over
services has been resolved, at w hich point a voucher may be
processed in accordance with the terms of the dispute resolution.
F. The Information Services Division of the Office of
Management and Enterprise Services shall s ucceed to any contractual
rights, easement rights, lease rights, and other similar rights and
responsibilities related to the information technology asse ts that
are transferred as provided for in this section and incurre d by an
appropriated state agency.
SECTION 9. AMENDATORY 62 O.S. 2021, Section 35.6, is
amended to read as follows:
Section 35.6. A. All appropriated and nonappropriated state
agencies shall be required to use the following information
technology services and systems operated and maintained b y the
Office of Management and Enterprise Services for the purpose of
information and telecommunications security and data management for
all agency functions:
1. Data Service Center of the Informa tion Services Division;
2. Networking services;
3. Communication or intercommunicati on systems;
4. Electronic mail systems; and
5. Data and network security systems .
B. All appropriated and nonappropriated state agencies shall be
required to exclusively use the following programs , services,
Req. No. 2376 Page 38 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
software and processes provided through the Integrated Central
Financial System known as CORE and as implemented by the Office of
Management and Enterpri se Services and shall n ot utilize any
programs, services, soft ware or processes that are du plicative of
the following:
1. Payroll;
2. Employee leave system;
3. Human resources;
4. Accounts receivable;
5. Accounts payable;
6. Purchasing system;
7. Budgeting system;
8. Enterprise Learning Management (ELM);
9. Budget request system;
10. Asset management; and
11. Projects, grants and contracts, which includes federal
billing.
C. The Chief Information Officer shall have the authority to
enforce the provisions of this secti on.
SECTION 10. AMENDATORY 62 O.S. 2021, Section 35.8, is
amended to read as follows:
Section 35.8. A. Notwithstanding a ny other provision of law,
the provisions of the Information Technology Consolidation and
Coordination Act shall operate to maintain or increase security
Req. No. 2376 Page 39 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
standards and shall not jeopardize confidentiality or compliance
with state or federal laws or regulation s. The State Governmental
Technology Applications Review Board Chief Information Officer shall
consider and approve security protocols which sha ll be followed by
employees of the Information Services Division of the Office of
Management and Enterprise Services who are assigned to service law
enforcement agencies. The Board Chief Information Officer shall
make recommendations to state officers and employees related to
continuity of criminal justice information system security
protocols.
B. Notwithstanding the provisions of Section 35.5 of this
title, the transfer of information technology assets and positions
of the Department of Public Safety sha ll occur prior to the transfer
of assets and positions of other public safety agenci es.
C. Unless otherwise provided for in law, the transfer of
information technology assets and positions of any state agenc y
pursuant to the Information Technology Consolidation and
Coordination Act shall not act to transfer to the Information
Services Division of the Office of Management and Enterprise
Services or to the Chief Information Officer the duties of a state
agency to keep, maintain and open to any person all rec ords of the
agency in compliance with the Oklahoma Open Records Act. Each state
agency shall continue to be responsible for records created by,
received by, under the authority of, or coming into the custody ,
Req. No. 2376 Page 40 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
control or possession of the agency including the duty to organize
and categorize the records in a retrievable form and the duty to
respond to requests for records, even if the records have been
transmitted to or stored by the Information Services Division of the
Office of Management and Enterprise Se rvices or the Chief
Information Officer.
D. State employees who are members of the Teachers’ Retirement
System of Oklahoma and are transferred pursuant to the Information
Technology Consolidation and Coordin ation Act may elect to continue
their participation in the Teachers ’ Retirement System of Oklahoma
in lieu of participating in the Oklahoma Public Employees Retirement
System. Any transferred employee who wishes to make such election
shall do so in writing within thirty (30) days of the effective date
of this act August 24, 2012. If any transferred employee has
already started participating in the Oklahoma Public Employees
Retirement System, the employee may make an election to return to
the Teachers’ Retirement System of Oklahoma if the election is made
in writing within thirty ( 30) days of the effective date of this act
August 24, 2012. In the event a transferred employe e who has
already begun participating in the Oklahoma Public Employees
Retirement System elects to return to the Teachers ’ Retirement
System of Oklahoma, the Okl ahoma Public Employees Retirement System
shall transfer the service credit and contributions to the Teachers ’
Retirement System of Oklahoma for any credit that accrued after the
Req. No. 2376 Page 41 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
initial transfer. The election t o continue or return to
participation in the Teachers’ Retirement System of Oklahoma
pursuant to this subsection shall be irrevocable and sh all be
effective until the employment with the Office of Management and
Enterprise Services is terminated.
SECTION 11. REPEALER 62 O.S. 2021, Sections 34.27, 35.2,
35.7, and 35.9, are hereby repealed.
SECTION 12. Provisions of this act shall be enacted no later
than July 1, 2026. By that date, state agencies must notify the
Director of the Office of Enterprise and Management Services their
intention to continue to contract with the Information Services
Division for information technology or telecommunication s services
or to create their own agency-specific information services
division.
SECTION 13. This act shall become effective July 1, 202 4.
SECTION 14. It being immediately necessary for the preservation
of the public peace, health or safety, an emergency is hereby
declared to exist, by reason whereof this act shall take effect and
be in full force from and after its passage and approval.
59-2-2376 MSBB 11/14/2023 4:34:00 PM