Menu
2017 Session

Budget Amendments - HB1500 (Floor Approved)

View Budget Item
View Budget Item amendments

State Police - VITA Separation

Item 476 #1h

Item 476 #1h

First Year - FY2017 Second Year - FY2018
Central Appropriations
Central Appropriations FY2017 $0 FY2018 $2,900,000 GF

Language
Page 469, line 5, strike "$16,962,496" and insert "$19,862,496".

Page 471, after line 43, insert:

"3.a. Notwithstanding the provisions of § 2.2-2011, Code of Virginia, the Department of State Police is authorized to procure, develop, operate, and manage the cyber security and management tools required to protect the information technology used by the Department that is defined as out-of-scope from the Virginia Information Technologies Agency pursuant to the Memorandum of Understanding (MOU) between the two agencies dated August 30, 2013. The Department of State Police shall be solely responsible for securing all aspects of information technology defined as out-of-scope in the current MOU.

b. Costs expended by the Department of State Police for cyber security and management tools shall be reimbursed by the Director, Department of Planning and Budget from unexpended funds provided in paragraph I.1. of this item, after such expenses have been approved by the Chief Information Office and determined to be in compliance with the regulations, policies, procedures, standards, and guidelines of the Virginia Information Technologies Agency.

4.a. The Superintendent of State Police and the Chief Information Officer of the Commonwealth shall jointly develop and report to the Chairmen of the House Committee on Appropriations and Senate Committee on Finance a detailed transition plan addressing the steps required for the Department of State Police to assume responsibility for the development, operation, and management of all of its information technology infrastructure and services.

b. The report shall, at a minimum, include a detailed transition plan that identifies and evaluates (i) anticipated transition timelines, tasks, activities, and responsible parties, (ii) one-time and ongoing costs of transitioning responsibility for information technology services from the Virginia Information Technologies Agency to the Department of State Police including the estimated costs to obtain existing information technology assets or transition services from Northrop Grumman, (iii) the ongoing costs of staffing, services, and contracts related to enterprise security and management tools, legacy system replacements or upgrades, construction or lease of facilities including data centers, labor costs and workload analyses, and training costs, (iv) any other such factors deemed necessary for discussion as identified by the Superintendent of State Police or Chief Information Officer of the Commonwealth, and (v) identify necessary statutory changes required to effectuate the transition and modernize current statutes related to basic State Police communication systems consistent with the Criminal Justice Information Services Security Policy Version 5.5, or its successor, and (vi) a jointly developed and agreed upon MOU between the Department of State Police and the Virginia Information Technologies Agency that certifies the information.

c. The report and accompanying Memorandum shall be provided to the Chairmen of the House Committee on Appropriations and Senate Committee on Finance no later than October 1, 2017.

5. Included within the appropriation for this item, up to $2,900,000 the second year from the general fund is provided to reimburse the Department of State Police for costs associated with mitigating information technology security threats and gaps not addressed in paragraph 3.a. All such costs shall be eligible for reimbursement if they have been procured in accordance with the regulations, policies, procedures, standards, and guidelines of the Virginia Information Technologies Agency. The Director, Department of Planning and Budget is authorized to release this funding following certification by the Chief Information Officer that these costs address cyber security threats and gaps, including upgrades to legacy applications to remediate audit findings by the Auditor of Public Accounts or Commonwealth Security and Risk Management."



Explanation

(This amendment authorizes the Department of State Police to assume full responsibility for procuring, developing, operating, and managing the cyber security and management tools required to protect the information technology used by the Department that is deemed to be not covered by the Virginia Information Technologies Agency pursuant to a written Memorandum of Understanding between the two agencies. The amendment authorizes the Department to access unexpended balances of the information technology contingency fund established for State Police in Chapter 780 of the 2016 Session of the General Assembly. The amendment requires the Superintendent of State Police and Chief Information Officer of the Commonwealth to provide a report to the Chairmen of the House Appropriations and Senate Finance Committees detailing the timelines and estimated costs of transitioning the Department of State Police to procuring, operating, and managing all information technology infrastructure and services independent of the Virginia Information Technologies Agency. The amendment also provides $2.9 million from the general fund the second year for projects necessary to begin transitioning information technology services pursuant to the report required by paragraph 4.a. being completed, and the signing of a Memorandum of Understanding between the Department of State Police and the Virginia Information Technologies Agency detailing such projects.)