Article 69 – System and Services Acquisition Policy
49260.2 Objectives
-
Objectives for this policy are to guide department ITInformation Technology goods and services acquisition processes to:
-
Comply with all federal and state laws and regulations.
-
Incorporate security requirements and security specifications, either explicitly or by reference, in information system acquisition contracts based on an assessment of risk and the results of the classification and categorization for the intended information asset.
-
Ensure agreements with state and non-state entities include provisions which protect and minimize risk to the State.
-
Address the entire systems lifecycle in acquisitions, development and maintenance and operations of ITInformation Technology systems.
-