Office of the Chief Information Officer Enterprise Policy
CIO-050: Enterprise Procurement of Information Technology Assets Policy
Effective Date: 12/15/2014
Revision Date: 01/13/2017
Review Date: 01/13/2017
Statement: The purpose of this
policy is to describe responsibilities and processes regarding the procurement,
ownership and tracking of information technology (IT) assets.
Asset Management Branch within the Office of IT Service Management is
responsible for maintaining and updating this policy.
Authority: KRS 42.726 authorizes the Commonwealth Office
of Technology (COT) to develop policies that support and promote the effective
application of information technology within the executive branch of state
government, as well as information technology directions, standards, and
necessary management processes to assure full compliance with those policies.
Applicability: This policy is to be adhered to by all executive
branch agency staff and staff of non-executive branch agencies that voluntarily
consolidated their IT infrastructure operations under COT, including employees,
contractors, consultants, temporaries, volunteers, vendors and other workers
that wish to procure IT assets.
Agencies and staff outlined above in ‘Applicability’ are expected to
understand and follow these guidelines.
Each agency is responsible for assuring that staff and users under its
authority have been made aware of the provisions of this policy, that
compliance by the staff member is expected, and that intentional disregard for
this policy may result in disciplinary action pursuant to KRS 18A up to and
including dismissal. It is the responsibility
of each Executive Cabinet agency to enforce and manage the application of this
Cycle: This policy will be reviewed at least every
Asset: a piece of equipment or a component thereof
that can be identified by an IT-related commodity code in the Commonwealth’s
accounting system, or that interfaces directly with the enterprise data
network. This includes, but is not
limited to hardware, software, and service offerings that provision pieces of
IT infrastructure in a shared environment.
Standards Committee (ITSC): The
mission of the ITSC is to govern information technology standards for the
executive branch of Kentucky State Government.
Technology Standards (KITS): The
KITS is comprised of formalized IT standards covering the broad spectrum of
technology environments to include software, hardware, networks, applications,
data, security, access, communications, project management and other relevant
Policy: This policy governs the procurement and
inventory processes used to manage the lifecycles of IT assets, at both the strategic
and operational levels. Excluded from
this policy will be the purchase and tracking of consumable items which are not
covered by COT rated services and have a cost lower than $500.00, such as CDs,
DVDs, USB “thumb drives”, external optical disc drives (CD/DVD), laptop bags, etc.
Requests for new IT services or
enhancements to existing services shall be submitted by an authorized Agency IT
Services Contact to COT via the Commonwealth Service Desk (CSD). Upon receipt of the request, the CSD will engage
the appropriate COT team of subject matter experts for review. During the review process, COT reserves the
right to request additional information, and/or suggest alternatives to the
proposed procurement. In cases where COT
offers a rated service that reasonably meets the agency’s requirements, this
will be the favored solution. If COT
determines that procurement of additional IT assets is necessary in order to
deliver the desired outcome under a rated service, COT will negotiate and carry
out those purchases.
requesting products or services outside the parameters of the Kentucky
Information Technology Standards (KITS) must, regardless of cost, submit a Request for
outlining the business case supporting the purchase. This process is described in detail at http://technology.ky.gov/Governance/Pages/ExceptionstoArch.aspx.
For purchases that provide an
agency-specific function, or that are outside the scope of COT rated services,
COT may elect to delegate one-time procurement authority to the requesting agency. Alternatively, COT
may procure IT assets that are not included in a rated service and are specific
to a particular agency, but only in cases where the contract enabling the
purchase applies exclusively to COT. Expenditures associated with
procurement of these assets will be passed through to the agency. Requests for IT assets with a cost of
$1,000 or greater must go through the Strategic Procurement Request (SPR1)
review process prior to purchase.
IT assets that have been
purchased by COT and provisioned by a COT rated service will be owned by the
Finance & Administration Cabinet and tracked as inventory by COT. In addition, COT will track as inventory any
asset procured by the Agency prior to subscribing to the associated COT service. Examples include, but are not limited to telephone
systems and computers purchased for a specific use case.
IT assets that have been
purchased by COT for an agency-specific function and are not provisioned by a
COT rated service will be owned and tracked as inventory by the agency that
initiated the purchase.
IT assets procured by an agency under delegated,
one-time procurement authority from COT will be owned and tracked by the agency
that initiated the purchase.