Virginia Information Technologies Agency

The Information Technology Advisory Council meeting covered several key areas. Discussions included technology-related legislation, the current state of AI in the Commonwealth, and managing and funding the modernization of Commonwealth systems and applications. The council also reviewed project management governance, enterprise architecture governance, and cybersecurity governance, identifying areas for improvement and discussing potential recommendations.

The strategic plan of VITA's Supply Chain Management Division (SCM) focuses on developing and implementing technology procurement policies, standards, and guidelines for the Commonwealth of Virginia. Key areas include managing IT spending through proactive sourcing, delivering IT services via category management, and developing flexible, performance-based contracts. The plan aims to procure solutions to business problems, promote enterprise-wide strategic objectives, and ensure efficient contract management and supplier diversity. It also emphasizes training IT sourcing specialists, supporting cloud-based solutions, and providing guidance to Commonwealth procurement officers.

The meeting included discussions on cybersecurity governance, IT planning and modernization in the executive branch, and a proposed six-year IT modernization plan. Updates were provided on legislative matters, including the integration of the Office of Data Governance and Analytics (ODGA) into VITA, the establishment of a Project Management Center of Excellence (PMCoE), and AI-related policies. The council also reviewed the application modernization progress, focusing on the assessment and categorization of applications based on their modernization needs, and discussed strategies for improving project delivery through the PMCoE.

The meeting included discussions on application modernization, cybersecurity risk management, and legislative updates. The council reviewed the Finance Agency Cyber Project, focusing on cyber assessments across finance agencies, and discussed the establishment of a joint subcommittee on cyber risk. Updates were provided on the application modernization cycle, the Project Management Center of Excellence, and the State and Local Cybersecurity Grant Program. The council also discussed the election of Chair and Vice Chair.

The meeting covered topics such as the readoption of the remote participation policy, application modernization, and cybersecurity risk management. The discussion on application modernization included updates on the Six-Year Plan, the transition to Microsoft platforms and AI, and the development of the Commonwealth App Store. Cybersecurity risk management involved outlining threats and discussing completed projects, such as the rollout of Splunk and updated MFA protocols. The council also conducted officer elections, nominating and electing a new Board Chair and Vice Chair.