RCW 43.105.054
Governing information technology—Standards and policies—Powers and duties of office.
(1) The director shall establish standards and policies to govern information technology in the state of Washington.
(2) The office shall have the following powers and duties related to information services:
(a) To develop statewide standards and policies governing the:
(i) Acquisition of equipment, software, and technology-related services;
(ii) Disposition of equipment;
(iii) Licensing of the radio spectrum by or on behalf of state agencies; and
(iv) Confidentiality of computerized data;
(b) To develop statewide and interagency technical policies, standards, and procedures;
(c) To review and approve standards and common specifications for new or expanded telecommunications networks proposed by agencies, public postsecondary education institutions, educational service districts, or statewide or regional providers of K-12 information technology services;
(d) With input from the legislature and the judiciary, to provide direction concerning strategic planning goals and objectives for the state;
(e) To establish policies for the periodic review by the director of state agency performance which may include but are not limited to analysis of:
(i) Planning, management, control, and use of information services;
(ii) Training and education;
(iii) Project management; and
(iv) Cybersecurity, in coordination with the office of cybersecurity;
(f) To coordinate with state agencies with an annual information technology expenditure that exceeds ten million dollars to implement a technology business management program to identify opportunities for savings and efficiencies in information technology expenditures and to monitor ongoing financial performance of technology investments;
(g) In conjunction with the consolidated technology services agency, to develop statewide standards for agency purchases of technology networking equipment and services;
(h) To implement a process for detecting, reporting, and responding to security incidents consistent with the information security standards, policies, and guidelines adopted by the director;
(i) To develop plans and procedures to ensure the continuity of commerce for information resources that support the operations and assets of state agencies in the event of a security incident; and
(j) To work with the office of cybersecurity, department of commerce, and other economic development stakeholders to facilitate the development of a strategy that includes key local, state, and federal assets that will create Washington as a national leader in cybersecurity. The office shall collaborate with, including but not limited to, community colleges, universities, the national guard, the department of defense, the department of energy, and national laboratories to develop the strategy.
(3) Statewide technical standards to promote and facilitate electronic information sharing and access are an essential component of acceptable and reliable public access service and complement content-related standards designed to meet those goals. The office shall:
(a) Establish technical standards to facilitate electronic access to government information and interoperability of information systems, including wireless communications systems; and
(b) Require agencies to include an evaluation of electronic public access needs when planning new information systems or major upgrades of systems.
In developing these standards, the office is encouraged to include the state library, state archives, and appropriate representatives of state and local government.
[ 2021 c 291 § 9; 2016 c 237 § 3; 2015 3rd sp.s. c 1 § 108; 2013 2nd sp.s. c 33 § 1; 2011 1st sp.s. c 43 § 706. Formerly RCW 43.41A.025.]
NOTES:
Short title—2016 c 237: See note following RCW 43.105.020.
Effective date—2015 3rd sp.s. c 1 §§ 101-109, 201-224, 406-408, 410, 501-507, 601, and 602: See note following RCW 43.105.007.
Effective date—Purpose—2011 1st sp.s. c 43: See notes following RCW 43.19.003.
Structure Revised Code of Washington
Title 43 - State Government—Executive
Chapter 43.105 - Consolidated Technology Services Agency.
43.105.006 - Consolidated technology services agency—Purpose.
43.105.025 - Agency created—Appointment of director—Director's duties.
43.105.052 - Powers and duties of agency.
43.105.054 - Governing information technology—Standards and policies—Powers and duties of office.
43.105.057 - Rule-making authority.
43.105.060 - Contracts by state and local agencies with agency.
43.105.111 - Performance targets—Plans for achieving goals—Quarterly reports to governor.
43.105.205 - Office of the state chief information officer—Created—Powers, duties, and functions.
43.105.220 - Strategic information technology plan—Biennial performance reports.
43.105.225 - Managing information technology as a statewide portfolio.
43.105.230 - State agency information technology portfolio—Basis for decisions and plans.
43.105.235 - State agency information technology portfolio—Exemptions.
43.105.240 - Evaluation of agency information technology spending and budget requests.
43.105.245 - Planning, implementation, and evaluation of major projects—Standards and policies.
43.105.255 - Major technology projects and services—Approval.
43.105.285 - Technology services board—Created—Composition.
43.105.287 - Technology services board—Powers and duties.
43.105.331 - State interoperability executive committee—Composition—Responsibilities.
43.105.341 - Information technology portfolios.
43.105.351 - Electronic access to public records—Findings—Intent.
43.105.355 - Electronic access to public records—Costs and fees.
43.105.365 - Accuracy, integrity, and privacy of records and information.
43.105.369 - Office of privacy and data protection.
43.105.375 - Use of state data center or commercial cloud computing services—Exceptions.
43.105.385 - Agency as central service provider for state agencies.
43.105.460 - Office of cybersecurity—Catalog of services and functions—Report.
43.105.470 - Office of cybersecurity—Major cybersecurity incidents—Reporting duties.
43.105.825 - K-20 network—Oversight—Coordination of telecommunications planning.
43.105.904 - Actions of telecommunications oversight and policy committee—Savings—1999 c 285.
43.105.905 - Construction—2008 c 262.