The California Department of Technology's vendor forum, held Wednesday in Sacramento, focused on working more closely with stakeholders, including state agencies and county governments.
“We can’t be successful in the state of California doing IT, and transforming it, using it as a leveraged business investment, without your participation and success,” state Deputy CIO Chris Cruz told the roomful of vendors.
The agenda included procurement modernization updates, changes to the Project Approval Lifecycle, a shift in CALNET, cloud-migration updates and statewide cybersecurity efforts.
It also included an honest political assessment in answer to a blunt question from the audience — one that many in the community have been discussing among themselves: What changes should vendors expect from CDT after the November elections?
Procurement modernization
The IT master service agreement has added 30 new consultants to its list, and may be refreshed again around November. Angela Shell, the Department of General Services' deputy director of procurement, said DGS is looking for more of “a flow basis,” similar to the CMAS (California Multiple Award Schedules) system. An RFI recently closed for a server and storage contract, which DGS plans to put out soon, which could include “silos of OEM” (original equipment manufacturers) based on historical purchase data.
DGS also plans to list expiring contracts and potential workloads through the next fiscal year, beginning in July. The site is also going to host a dashboard of data from small business vendors. Shell also encouraged vendors to offer feedback on the Terms and Conditions update, beginning with software-as-a-service contracts.
Marlon Paulo, CDT’s chief technology procurement officer, announced that the department is seeking data scientists and full stack developers. He also said the agile vendor pool will be refreshed again.
Project Approval Lifecycle
“We’re streamlining the way we bring those initiatives to you and how we look at projects overall. We’re coming up with a new look and feel for the portal,” Cruz said.
The PAL site is updated every month to show where high-dollar and high-risk projects are in their rollout.
CALNET
About 2,000 customers use CALNET contracts, and it is a $340 million spend, according to Ellen Ishimoto, assistant chief of CDT's Office of Technology Services.
The next version of CALNET — which, in a break from custom, will not be called CALNET 4 — will break contracts into categories, allowing for technology upgrades as necessary, instead of on a contract schedule.
“We’re going to be looking at requirements, whether they align with other state procurement contract vehicles to make sure we’re not duplicating our efforts and putting repetitious contract vehicles out there,” Cruz said.
Paulo said the department aims to create “a revolving door of vendor pools that allow us to solicit vendors to provide for solicitations in several different categories,” in an effort to streamline vendor applications. He also announced a new system of acquisition models, depending on the level of CDT management necessary to each project.
Cloud
The application process for cloud exemptions will be further streamlined, according to Chief Technology Officer Richard Rogers of the Office of Technology Services. This process will send requests for exemption to his office, and the department is working on automating the process.
Cruz said the department would look for volunteers — including from the private sector — to share feedback about cloud migration. Rogers also noted that cloud FedRAMP-moderate offerings are on their way.
Cybersecurity
Peter Liebert, the state's chief information security officer, announced the state's new cybersecurity maturity metric, which measures how secure an entity is.
“We encourage you to tie your platforms, your services to this model for solicitations,” Liebert said.
The managed security service provider contract was just awarded.
He also discussed plans over the next fiscal year, which include a buildout of an internal intrusion prevention system, a network rearchitecture based on market research, an increase in training in anti-phishing techniques, and identity access options.
“We’re looking at these items as a genesis to come up with 'One IT Community,'” Cruz said, citing a key tenet of CDT’s Vision 2020 Strategic Plan. “We’re doing a lot of outreach across counties and cities.”
He talked about having a cohesive security stance “so we can all live in a gated community.”
And about that question from the audience that everyone’s been asking — what happens after the elections? — state CIO Amy Tong addressed it directly:
“I think one thing that we've been very open (about) ... even in an election year, we've been building up a community. Not only the executive team and the Department of Technology, but the community in general, is marching towards the same vision, the same direction. That is with or without Chris and I.”
