CIOs and CFOs:
I am pleased to share the update to the CIO Review Policy for Information and Communication Technology procurements. Please pass this information on to your procurement and accounting staff.
The update incorporates 2 major changes in the process:
- Effective immediately, Departments will submit CIO review requests as a Service Request through a ServiceNow portal at http://bit.ly/SFCIOReview. This can be done at any stage of a technology procurement, including prior to the initiation of a workflow in PeopleSoft, and I encourage you to engage us as early as possible. Early awareness allows DT to help assess and engineer cost-effective solutions. Once a request has been approved by DT (or is “deemed approved” if it goes 5 business days without action by DT), the system will send an email to the requestor. All the requestor then needs to do is include a note “CIO Review Approved per DT CIO Review Service Ticket #XXX” in the PeopleSoft requisition or contract workflow.
- For the first time, certain technology procurements are explicitly considered pre-approved and do not require further CIO review. These represent about 50% of the items we currently see submitted for CIO review. These are shown in Appendix A, as follows:
- Desktop computers, laptops, tablets, monitors, keyboards, mice, desktop printers, accessories (e.g. connection cables and adapters), ink cartridges, and toner
- Cat 6 (Ethernet) cable, fiber, patching and splicing materials and other associated tools and supplies
- Software products purchased under a Department of Technology Enterprise Contract
- Renewal or extension of existing software licenses, subscriptions or support that previously received CIO review and approval
- Hardware maintenance or support contracts
- Technology Training
DT remains committed to complete CIO reviews as quickly as possible. In a continuation of current policy, if a CIO review request is not acted upon by DT within 5 working days, it is “deemed approved” and may continue through the procurement process.
This policy is intended to be a living document and we are prepared to update it at any time to make it more responsive to the City’s needs. Please feel free to email me with suggestions for improvements at any time.
As a reminder, the CIO Review is established by Administrative Code Section 22A. This ensures that City Department information and communication technology (ICT) procurements are assessed by the Citywide Chief Information Officer (CIO) primarily for the following purposes:
- Evaluate and minimize network security risks associated with ICT procurements.
- Evaluate and minimize degradation of network performance due to ICT procurements that introduce added complexity or potentially incompatible infrastructure to City data networks; and
- Evaluate the potential for material cost savings or administrative benefits to the City from strategic sourcing efforts.
Currently, CIO review requests have been managed within the PeopleSoft procurement workflow by adding a designated Department of Technology (DT) point of contact (Matthew S. Reeves) as a reviewer. This current process has been problematic because it:
- Does not provide for an organized way to engage DT and request a CIO review during the early stages of requirements analysis prior to initiating a procurement workflow in PeopleSoft.
- Does not allow for easy delegation of the review to other staff.
- Does not provide for organized records of questions and answers provided during the review process.
- Does not provide an organized record of the universe of CIO review requests submitted to DT to allow for analysis of broader trends and issues related to Citywide ICT procurement.
The new ServiceNow process is intended to mitigate all of those issues by providing a transparent and searchable record of CIO review issues, questions, and responses.
Please see the attached policy
Please let Linda Gerull or Leo Levenson know if you have any comments or questions.