General assembly of north carolina

"(d) Nothing in this section shall:

(1) Limit the requirements or obligations under any other section of this Article, including, but not limited to, G.S. 75 62 and G.S. 75 65.

(2) Apply to the collection, use, or release of personal information for a purpose permitted, authorized, or required by any federal, State, or local law, regulation, or ordinance.

(3) Apply to data integration efforts to implement the State's business intelligence strategy as provided by law or under contract."
STATE PRIVATE CLOUD

SECTION 6A.9.(a) Findings. – The General Assembly finds that:

(1) The wide distribution of information technology facilities across multiple locations causes infrastructure and operational inefficiencies.

(2) Infrastructure as a service, also known as cloud computing, has the potential to increase efficiency and enhance operations by reducing information technology costs and accelerating the provision of services.

(3) The creation of a secure and flexible State private cloud is in the best interest of the people of this State.

SECTION 6A.9.(b) Plan Required. – The State Chief Information Officer shall create a plan for the development and implementation of a State owned, State hosted infrastructure as a service, or private cloud, project to be operated and managed by the State.

SECTION 6A.9.(c) Components of the Plan. – The State private cloud plan created pursuant to this section shall include:

(1) Requirements for:

a. The State to have complete control and ownership of all components of the private cloud, including hardware, software, network infrastructure, security, and data.

b. All components of the private cloud to be maintained at State owned, State operated facilities.

c. The private cloud to fully comply with all legislative, regulatory, policy, and security requirements that apply to State agencies and entities conducting business with the State.

d. The State's existing information technology infrastructure to be used to support the private cloud.

e. Documentation of any redundancy built into the infrastructure to support requirements for increased availability and disaster recovery.

f. A service centric approach to computing resources. Users of computing resources shall be able to efficiently access powerful, predefined computing environments based on their requirements.

g. A self service ability to provision and deprovision, as requested by users, while maintaining high levels of security.

h. A fully functional, efficient, fair system to bill State agencies for private cloud usage. This requirement includes mechanisms to capture usage data and enable chargeback integration within the billing system.

i. A plan to manage infrastructure resources that can be scaled in response to State agency requirements.

j. An inventory of all potential resources, both public and private, available to support the development, implementation, operation, and management of the private cloud, and the costs and benefits associated with each.

(2) A detailed timeline, documentation of agency requirements, identification and resolution of security issues, and an assessment of the impact on any ongoing projects or current applications.

(3) Identification of costs associated with developing the private cloud.

(4) Identification and documentation of private cloud management and monitoring tools to facilitate the maintenance of complete control of private cloud resources; automate provisioning, deprovisioning, and scheduling; and maintain system capacity.

(5) Identification of ways to improve the private cloud's supporting infrastructure.

(6) Identification of potential sources of savings to support development, implementation, and maintenance of the State private cloud.

SECTION 6A.9.(d) Funding and Implementation. – No funds from any source shall be used for the development and implementation of a private cloud without specific authorization by the General Assembly appropriating funds for this purpose.

SECTION 6A.9.(e) Report. – The State Chief Information Officer shall report the plan created pursuant to this section to the Joint Legislative Oversight Committee on Information Technology no later than January 1, 2013.

SECTION 6A.9.(f) Access by Private Vendors. – If the State Chief Information Officer provides to a potential vendor any information or access to State facilities in connection with or anticipation of the private cloud project described in this section, the State Chief Information Officer shall provide the same information or access to all potential vendors. The State Chief Information Officer shall certify the Officer's compliance with this subsection to the General Assembly.

SECTION 6A.10. Section 6A.7 of S.L. 2011 145, as amended by Section 11(d) of S.L. 2011 391, reads as rewritten:

"STATE INFORMATION TECHNOLOGY CONSOLIDATION

…

"SECTION 6A.7.(b) Beginning July 1, 2011, the State CIO shall plan and implement an enterprise level grants management system. Similar systems currently under development may be suspended by the State CIO with funding reprogrammed to support development of the enterprise level grants management system.

"SECTION 6A.7.(b1) There is established a Grants Management Oversight Committee to coordinate the development of an enterprise grants management system. The Committee shall be chaired by the State Controller. Committee membership shall include the Senior Deputy State Controller, the Director of the Office of State Budget and Management, and the State Auditor.

The Committee shall:

(1) Establish priorities for agency projects.

(2) Establish priorities for development and implementation of system capabilities.

(3) Review and approve system requirements.

(4) Review and approve plans associated with system development and implementation.

(5) Review and approve costs and funding sources for system development and implementation.

(6) Ensure system benefits are realistic and realized.

"SECTION 6A.7.(b2) By August 1, 2013, the Office of State Budget and Management shall provide a detailed plan to the Joint Legislative Oversight Committee on Information Technology and the Fiscal Research Division for the development and implementation of the enterprise grants management system, including a time line, cost for each participating agency, a comprehensive business plan, and information on the anticipated benefits of system implementation.

"SECTION 6A.7.(b3) Beginning August 1, 2012, the Office of State Budget and Management shall report monthly to the Joint Legislative Oversight Committee on Information Technology and the Fiscal Research Division on the status of the system, including the following information:

(1) Agencies currently participating in the system.

(2) Specific requirements for each agency project included in the system development.

(3) Cost and funding sources for each agency participating in the system.

(4) Status of each agency project included in the system.

(5) Comparison of the status of each project to the time line, with an explanation of any differences.

(6) Detailed descriptions of milestones to be completed that month and the following month.

(7) Any changes in project cost for any participating agency, the reasons, and the source of funding.

(8) Actual expenditures by agency, to date and during that month.

(9) Any potential funding shortfalls and their impact.

(10) Any issues identified during the month, with a corrective action plan and a time line for resolving them.

(11) Impact of any issues on schedule or cost.

(12) Any changes to agency projects or the system as a whole.

(13) Any change requests and their cost.

"SECTION 6A.7.(b4) The State CIO shall provide all required assistance and support for the development and implementation of the enterprise grants management system. Similar systems currently under development may be suspended by the State CIO with funding reprogrammed to support development of the enterprise grants management system.

"SECTION 6A.7.(b5) In coordination with the State CIO, the Department of Health and Human Services shall develop a plan to implement a single case management system throughout that Department, beginning in the 2012 2013 fiscal year, and shall report to the Joint Legislative Oversight Committee on Information Technology by February 1, 2012, on its initiatives to implement the system. The report shall include a detailed time line for completion and an explanation of the costs associated with case management consolidation.

"SECTION 6A.7.(c) Beginning September 1, 2011, and quarterly thereafter, the Office of State Budget and Management, in conjunction with the State CIO, shall provide written reports to the Joint Legislative Commission on Governmental Operations, the Joint Legislative Oversight Committee on Information Technology, and the Fiscal Research Division relating to State information technology consolidation."
State Portal implementation/operation