The Agency for Enterprise Information Technology is created within the Executive Office of the Governor.
(1) The head of the agency shall be the Governor and Cabinet.
(2) The agency is a separate budget entity and is not subject to control, supervision, or direction by the Executive Office of the Governor, including, but not limited to, purchasing, transactions involving real or personal property, personnel, or budgetary matters.
(3) The agency shall have an executive director who is the state’s Chief Information Officer and who must:
(a) Have a degree from an accredited postsecondary institution;
(b) Have at least 7 years of executive-level experience in managing information technology organizations; and
(c) Be appointed by the Governor and confirmed by the Cabinet, subject to confirmation by the Senate, and serve at the pleasure of the Governor and Cabinet.
(4) The agency shall have the following duties and responsibilities:
(a) Develop strategies for the design, delivery, and management of the enterprise information technology services established in law.
(b) Monitor the delivery and management of the enterprise information technology services as established in law.
(c) Make recommendations to the agency head and the Legislature concerning other information technology services that should be designed, delivered, and managed as enterprise information technology services as defined in s. 282.0041. (d) Plan and establish policies for managing proposed statutorily authorized enterprise information technology services, which includes: 1. Developing business cases that, when applicable, include the components identified in s. 287.0571;
2. Establishing and coordinating project-management teams;
3. Establishing formal risk-assessment and mitigation processes; and
4. Providing for independent monitoring of projects for recommended corrective actions.
(e) Beginning October 1, 2010, develop, publish, and biennially update a long-term strategic enterprise information technology plan that identifies and recommends strategies and opportunities to improve the delivery of cost-effective and efficient enterprise information technology services to be proposed for establishment pursuant to s. 282.0056. (f) Perform duties related to the state data center system as provided in s. 282.201.
(g) Coordinate acquisition planning and procurement negotiations for hardware and software products and services in order to improve the efficiency and reduce the cost of enterprise information technology services.
(h) In consultation with the Division of Purchasing in the Department of Management Services, coordinate procurement negotiations for information technology products as defined in s. 282.0041 which will be used by multiple agencies. (i) In coordination with, and through the services of, the Division of Purchasing in the Department of Management Services, establish best practices for the procurement of information technology products as defined in s. 282.0041 in order to achieve savings for the state.
(j) Develop information technology standards for enterprise information technology services.
(k) Provide annually, by December 31, recommendations to the Legislature relating to techniques for consolidating the purchase of information technology commodities and services, which result in savings for the state, and for establishing a process to achieve savings through consolidated purchases.
(5) The Office of Information Security shall be created within the agency. The agency shall designate a state Chief Information Security Officer who shall oversee the office and report directly to the executive director.
(6) The agency shall operate in a manner that ensures the participation and representation of state agencies and the Agency Chief Information Officers Council established in s. 282.315.
(7) The agency may adopt rules to carry out its statutory duties.