Bills that seek to hold contractors accountable, bolster IT security and other tech-related measures are on hold until after the governor releases his May budget revision because of their price tag.
The Assembly Appropriations Committee on Wednesday placed the tech bills on its suspense calendar — a routine move for legislation that costs more than $150,000 so that lawmakers can review the most up-to-date state budget revenue numbers.
Gov. Jerry Brown is scheduled to release his revised budget this morning.
Among the bills awaiting approval from appropriators is an estimated $1.3 million measure that would require the Department of Technology to review agency security technologies across state government.
An analysis by the appropriations committee estimates at least 4.5 positions would be needed at the Office of Information Security to conduct the 18-month assessment — reviewing whether the policies, standards and procedures in place are sufficient to protect critical government information and prevent the unauthorized disclosure of sensitive digital content.
AB 531 by Assemblywoman Jacqui Irwin, D-Thousand Oaks, would also require the office to develop a plan so that state agencies can implement any needed technology in the next fiscal year.
Legislation directing the California Department of Technology to develop a system to rate state contractors would cost an estimated $350,000 — the amount to pay three support positions to ensure the assessment system is completed by Jan. 1, 2019.
The department is currently developing such a system (and has convened a Vendor Advisory Council), but it does not plan to finish it that soon, according to the bill analysis. The bill’s $350,000 price tag would pay for the accelerated timetable.
Gov. Jerry Brown last year vetoed a similar bill because he said it duplicated efforts underway at the department.
AB 1546 by Assemblywoman Autumn Burke, D-Los Angeles, would require multiple contractor evaluations, a 30-day response period for contractors, information about the type of contract or project, and whether that contract or project was completed on time.
A second bill by Burke, AB 1680, would require the Director of Technology to establish and oversee the implementation of a training program for anyone engaged in the procurement of information technology.
Such a program would cost the CDT $450,000 a year for three positions to develop and conduct — a bid by Burke to improve the competency and skills of state employees involved in IT procurement.
A vote by lawmakers to codify the California Cybersecurity Integration Center wouldn’t cost the state a dime, but it could leave the state on the hook for $1.8 million a year to run it if federal funding dries up.
That’s the assessment of appropriators, who in the past have rejected similar legislation. Created by a 2015 executive order, Cal-CSIC brings together representatives from 15 state and federal public entities who are tasked with reducing the likelihood and severity of a cyberincident in California.
Bill author Jay Obernolte, R-Big Bear, has said his bill, AB 1306, recognizes that the center is a vital part of the state’s emergency response plan.
