3 V.S.A 3301
Information Technology Activities – As defined in statute:
(A) the creation, collection, processing, storage, management, transmission, or conversion of electronic data, documents, or records; and
(B) the design, construction, purchase, installation, maintenance, or operation of systems, including hardware, software, and services that perform or are contracted under Administrative Bulletin 3.5 to perform these activities.
EPMO Responsibilities – The Agency of Digital Services was created to provide information technology services and solutions in State government. The cost of the oversight, monitoring, and control shall be assessed to the entity requesting the activity. The Agency shall have all the responsibilities assigned to it by law, including the following:
(2) Review and approve all information technology activities within State government.
(3) Prepare and submit an annual report to the General Assembly for information technology, as described in section 3303 of this chapter.
(5) Obtain independent expert review of any new information technology projects, as required by section 3303 of this chapter.
(7) Provide information technology project management services and business analyst services to the Executive Branch. When project managers are not available, the Agency shall procure those services and bill them back to the agencies using the services.
(8) Provide standards for the management, organization, and tracking of information technology activities within State government.
3 V.S.A. 3303
Independent Reviews – The Agency of Digital Services is responsible for obtaining independent reviews for IT activities with estimated costs of over $1,000,000.00:
(1) The Agency shall obtain independent expert review of any new information technology projects with a total cost of $1,000,000.00 or greater or when required by the Chief Information Officer.
(2) The independent review shall include:
(A) an acquisition cost assessment.
(B) a technology architecture and standards review.
(C) an implementation plan assessment.
(D) a cost analysis and a model for benefit analysis.
(E) an analysis of alternatives.
(F) an impact analysis on net operating costs for the agency carrying out the activity; and
(G) a security assessment.
(3) The requirement to obtain independent expert review described in subdivision (1) of this subsection (d) may be waived by the Chief Information Officer if, in his or her judgment, such a review would be duplicative of one or more reviews that have been, or will be, conducted under a separate federal or State requirement. If waived, such waiver shall be in writing and in accordance with procedures established by the Chief Information Officer.
IT Activity Record Keeping – The Agency shall maintain the following records for information technology projects with a total cost of $500,000.00 or greater:
(1) A business case, including life-cycle costs and sources of funds for design, development, and implementation, as well as maintenance and operations. The business case shall include expected benefits, including cost savings and service delivery improvements.
(2) Detailed project plans and status reports, including risk identification and risk mitigation plans.
Annual Report and Budget – The following are two requirements for the Project Management Office to submit in the Agency Annual Report:
(D) an outline summary of information, including scope, schedule, budget, and status for information technology projects with a total cost of $500,000.00 or greater.
(F) a summary of independent reviews as required by subsection (d) of this section.
*The dollar threshold was updated by the Legislature to $500,000.00 when Act 49 was signed by the Governor in June 2019. Additionally, the reporting requirement outlining IT projects with total costs in excess of $1,000,000.00 (known as the Million Dollar Report) is no longer required by statute.