R895-6. IT Plan Submission Rule for Agencies  

State agencies are required by statute to submit IT plans for review and approval by the Chief Information Officer (CIO) office. This rule provides the format and content requirements for IT Plan submission.

This rule is issued by the Chief Information Officer under the authority of Section 63F-1-206 of the Technology Governance Act, in accordance with Section 63G-3-201 of the Utah Rulemaking Act, Utah Code Annotated, and section 63F-1-204 of the Utah code, Agency Information Technology Plans.

All state agencies of the executive branch of the State of Utah government shall comply with this rule, which provides a consistent technology planning method for the State of Utah.

  The following are the compliance issues and the responsibilities for state agencies:

  (1) Any state executive branch agency that develops, hosts, or funds information technology projects or infrastructure shall submit a plan following the format outlined in R895-6-5 below.

  (2) The CIO office shall provide education and instruction to the agencies to enable consistent response.

  (3) Finalized and approved Agency IT Plans shall be delivered to the CIO office, in electronic format, by July 1 of each year.

  (4) Agency IT Plans shall use document formatting methods as defined in CIO instruction.

  (5) Agency IT Plans at a division level, shall be combined for submission to the CIO office at the Agency/Department level.

  (6) Amendments to the IT Plan shall be submitted throughout the fiscal year for any change in a project, any new project, or any removal of a project.

  The following is the IT plan format:

  (1) SUBMIT AN EXECUTIVE SUMMARY.

  (a) The information technology objectives of the Agency.

  (b) Any performance measures used by the Agency for implementing the Agency's technology objectives.

  (c) Any planned expenditure related to information technology.

  (d) The agency need for appropriations for information technology.

  (e) How the agency's development of information technology coordinates with other state and local governmental entities.

  (f) Any efforts the agency has taken to develop public and private partnerships to accomplish information technology objectives of the agency.

  (g) The efforts the agency has taken to conduct transactions electronically in compliance with Utah Code Section 46-4-503.

  (h) The agency's plan for the timing and method of verifying the department's security standards, if an agency intends to verify the department's security standards for the data that the agency maintains or transmits through the department's servers.

  (2) IT PLAN DETAILS.

  (a) Complete a project description for each information technology project, utilizing the document formatting methods as defined by CIO instruction.

  Any variance to format or content as established in this rule shall be approved by the CIO office.

  The CIO may enforce this rule by non-approval of the IT Plan as defined in Utah Code, Section 63F-1-204.