NOTE: As provided in LFC policy, this report is
intended only for use by the standing finance committees of the
legislature. The Legislative Finance Committee does not assume
responsibility for the accuracy of the information in this report when used for
other purposes.
The most recent FIR
version (in HTML & Adobe PDF formats) is available on the Legislative
Website. The Adobe PDF version includes
all attachments, whereas the HTML version does not. Previously issued FIRs and attachments may be
obtained from the LFC in
SPONSOR: |
SJC |
DATE TYPED: |
|
HB |
|
||
SHORT TITLE: |
Amend Information Technology Management Act |
SB |
CS/244/aHJC |
||||
|
ANALYST: |
Paz |
|||||
APPROPRIATION
Appropriation
Contained |
Estimated
Additional Impact |
Recurring or
Non-Rec |
Fund Affected |
||
FY03 |
FY04 |
FY03 |
FY04 |
|
|
|
|
|
See Narrative |
|
|
(Parenthesis
( ) Indicate Expenditure Decreases)
Duplicates HB 67/HAFCS, Amend Info Technology
Management Act
LFC Files
Responses
Received From
341
Department of Finance and Administration
350
General Services Department
361
Information Technology Management Office
521
Energy, Minerals and Natural Resources
667
Department of Environment
630
Human Services Department
690
Children, Youth & Families Department
665
Department of Health
790
Department of Public Safety
770
Corrections Department
924
State Department of Public Education
950
Commission on Higher Education
SUMMARY
Synopsis
of HJC Amendment
The House Judiciary Committee amendment changes
the information technology commission membership from fifteen to thirteen and
removes two members representing local government. The House Judiciary Committee amendment
changes the penalty provision of this bill to clarify that a person who makes
an information technology purchase or sale and intentionally fails to comply
with the certification requirements is in violation of the provisions of the
Procurement Code and the person shall be individually liable to the state for
the amount of the purchase and civil penalties as provided under the
procurement code.
Significant
Issues
The House Judiciary Committee amendment to
change the penalty provision of this bill may negatively impact the enforcement
of the commission certification requirement.
A person may be in compliance with provisions of the procurement code,
but may fail to comply with commission certification requirements. The procurement code has no penalty
provisions for a person who violates the commission certification
requirement. Thus, a person who fails to
comply with the commission certification requirements may avoid prosecution
under provisions of the procurement code.
Synopsis
of Original Bill
The Senate Judiciary Committee Substitute for
Senate Bill 244 amends the Information Technology Management Act (Section 15-1C
NMSA 1978) as follows:
•
Changes the
information technology commission membership from thirteen to fifteen by
changing members appointed by the governor from four to five, changes local
government members from advisory to voting status, changes the CIO from voting
status to advisory, and adds two staff from the Legislative Finance Committee
and Legislative Council Service as advisory members.
•
Clarifies the role of the CIO to strengthen
the CIO’s oversight and approval authority over all information
technology. Changes the name of the
agency to the Office of the Chief Information Officer.
•
Improves upon the
current quality assurance process, whereby the commission certifies information
technology projects and releases funding in phases, regardless of funding
source. A penalty provision of
misdemeanor is specified for a person intentionally violating the commission’s
certification process. This provision
parallels the procurement code.
Clarifies that education, judicial and legislative agencies are
encouraged to participate in the IT management act, but are not required.
•
Sunset review of this agency is extended
from
FISCAL IMPLICATIONS
The bill does not include an appropriation. However, recurring costs will be absorbed
within the Information Technology Management Office base budget.
ADMINISTRATIVE IMPACT
The
information technology commission must adopt rules for certifying significant
information technology projects by phases.
The office of the CIO will propose rules to the commission and provide
consulting services to agencies related to project management and the
commission certification process.
Agencies remain responsible for implementing effective project
management practices that focus on identifying and mitigating risks early on in
the project cycle, including certification requirements adopted by the
commission.
Stakeholders, including the commission, the
state CIO, agency information technology management, the governor’s office and
the legislative information technology oversight committee held discussions and
communications beginning in October 2002 to identify technical issues with the
current oversight process. Technical
issues focus on identifying appropriate locations and levels of control to
enhance the current oversight process of large information technology projects
without disabling agencies from accomplishing their goals and objectives.