Administrative Order No. 284

I, Bill Walker, Governor of the State of Alaska, under the authority of Article III, Sections 1, 23, and 24, Constitution of the State of Alaska, and in accordance with AS 44.17.020, 44.17.060, and 41.17.070, order the following reorganization of telecommunication and information technology services within the executive branch.

Background and Purpose

Under AS 44.21.020, 44.21.045, 44.21.150 – 44.21.170, and 44.21.305 – 44.21.390, the Commissioner of the Department of Administration oversees the delivery of telecommunication services, including information technology, within the executive branch. Historically, the Commissioner of the Department of Administration has delegated portions of that responsibility to various executive branch agencies. At a statewide level, this structure has sometimes led to inconsistencies or redundancies that have hampered the State’s efficient delivery of information technology services.

The purpose of this Order is to centralize all telecommunication and information technology services currently performed by executive branch agencies and consolidate them statewide under the authority of a single Office of Information Technology headed by the Chief Information Officer (CIO), which will be a statewide position housed within the Department of Administration.

Good government requires efficient and effective information technology systems. The Office of Information Technology will implement uniform security standards; avoid duplication of efforts and redundancy by supporting and collaborating with executive branch agencies in the delivery of information technology services; and endeavor to lower operating costs, increase productivity, enhance security, and respond faster to changes in information technology business and investment priorities.

In short, the Office of Information Technology will work with executive branch agencies to improve the way State government acquires and manages information technology and to use a coordinated approach that builds on existing structures and successful practices for maximum public benefit.

Office of Information Technology

The Office of Information Technology, under the immediate direction and supervision of the CIO, shall:

1. Manage all information technology services and related resources within the executive branch of the State;
2. Oversee the operation of the State enterprise systems and infrastructure;
3. Monitor the performance of information technology services programs of each executive branch agency, evaluate the performance of those programs based on applicable performance measurements, and advise State agencies whether to continue, modify, or terminate such program or project;
4. Ensure that information technology services are acquired, and information resources are managed, in a manner that effectively implements standard policies, procedures, security controls, and the business priorities established by all executive branch agencies;
5. Promote the effective and efficient design and operation of all major information resources and management processes for the State;
6. Oversee the development, implementation, and enforcement of information security policies, standards, and practices within all executive branch agencies and among their contractors and any third-party information-sharing partners;
7. Review at least annually information security policies, standards, and practices within all executive branch agencies and among their contractors and any third-party information-sharing partners; the requirements established for State personnel regarding knowledge and skill in information technology resources management; and the adequacy of those requirements for achieving performance goals established for information resources management;
8. Beginning in 2018, report to the Governor not later than March 1 of each year on executive branch agency compliance with information technology security and protection requirements with a summary of evaluations, an assessment of the development, adoption of, and compliance with, information technology standards, identification of any deficiencies, and plan for remedying the deficiencies;
9. Designate, through the CIO, a Chief Information Security Officer to serve under and assist the CIO in carrying out the CIO’s duties; the CIO will establish the professional qualifications, including training and experience, necessary for the Chief Information Security Officer;
10. Develop strategies and specific plans for hiring, training, and professional development to rectify any deficiency in meeting the requirements of information technology security policies, standards, and practices;
11. Report regularly to the Commissioner of the Department of Administration on improvements to information technology resources management capability; and
12. Identify and inventory all State computer equipment, and, in consultation with department heads, make determinations as to which assets constitute excess or surplus property.

Order

There is created in the Department of Administration the Office of Information Technology, led by the Chief Information Officer, who will thereafter act in a statewide capacity in accordance with the policies, duties, and responsibilities contained in this Order.

The existing Division of Enterprise Technology Services (ETS) will transfer into and become part of the Office of Information Technology. ETS will no longer be a separate division within the Department of Administration.

I hereby direct the Commissioner of the Department of Administration to rescind all delegation orders issued in accordance with AS 44.21.150 – 44.21.170 and 44.21.305 – 44.21.330. All information technology, services, staff positions, resources, and assets of the State will be transferred to the Office of Information Technology.

The CIO shall establish and maintain a working description that defines between commodity and statewide core services in contrast to agency- specific line-of-business services. The Commissioner of Administration may delegate authority for line-of-business services to agencies as appropriate to maintain specialized essential services, subject to consultation with the CIO.

This Order does not limit or modify any statutory or regulatory authority of any department; nor does it affect any third-party rights or obligations.

This Order takes effect immediately.

DATED at Juneau, Alaska, this 25th day of April, 2017

/s/Bill Walker
Governor