Senate Bill 442 Summary

• Requires State Chief Information Officer (CIO) to review all state agency information technology projects (removed previous $500,000 cost threshold) and establishes performance bond requirements for IT vendor contracts.

• Changes CIO appointment process from gubernatorial appointment at-will to appointment by Governor with confirmation by joint resolution of General Assembly for a five-year term.

• Expands State CIO authority to conduct information system security assessments, network vulnerability assessments, and requires state agencies to obtain CIO approval before contracting for security assessments.

• Exempts Office of Information Technology Services standards for IT from Administrative Procedure Act rulemaking requirements under G.S. 150B.

• Requires state agencies with IT projects exceeding $5 million in total cost of ownership to engage private counsel with IT and intellectual property expertise to review proposals, evaluate vendors, and negotiate contracts.