IT Quick Links
- California Office of Information Security and Privacy Protection
- Strategic Plan (PDF)
- Approved State IT Projects (PDF)
IT Due Dates
- Feasibility Study Reports (PDF)
- Budget Change Proposals (PDF)
- Operational Recovery Plans
- Agency Risk Management and Privacy Program Compliance
- Agency Designation Letter
IT Budget Control Sections
Budget Letters Related to IT
The Department of Finance (Finance) issues annual Budget Letters to disseminate policy and process information. The following list represents Budget Letters that include IT policy or process information. You may view the complete text of any of these budget letters by going to the Department of Finance Budget Letter webpage. If you have questions about any of these Budget Letters, please call the contact person noted in the Budget Letter or your California Technology Agency manager.
- BL 08-06 Transition of IT Project Review, Approval and Oversight Responsibilities from the Department of Finance to the Office of the State Chief Information Officer, and Information Technology Budgeting Guidelines (issued 03-14-2008) - This BL announces that, with the establishment of the Office of the State Chief Information Officer (OCIO) effective January 1, 2008, responsibilities for IT policy and IT project reporting and oversight transitioned from Finance to the OCIO. Additionally, the Office of Information Security and Privacy Protection is now responsible for the promotion and protection of consumer privacy, as well as for information security and privacy policies, standards, and procedures. Further, Finance's Information Technology Consulting Unit is responsible for performing fiscal analysis of proposed statewide IT policies and enterprise initiatives, as well as fiscal oversight of Finance-identified critical IT projects.
- BL 08-05 Moratorium on Developing Administrative Information Technology Systems (issued 03/04/2008) - This BL announces a moratorium on developing or enhancing any departmental administrative-type information technology systems or services that duplicate functionality that is being developed for the Financial Information System for California (FI$Cal) Project. It also describes an exemption request process for departments with critical business needs that will not be met by FI$Cal in a timely manner.
- BL 08-02 Submission of 2008-09 Budget Change Letters (issued 01/31/2008) - This BL announces guidelines for submittal of Finance Letter Requests.
- BL 08-01 Capitol Outlay Five-Year Infrastructure Plan and Budget Submission for 2009-10 (issued 01/30/08) - This BL announces detailed instructions and due dates for submitting Major and Minor Capital Outlay Budget Change Proposals and Five-Year Infrastructure Plans. Capital Outlay projects that include information technology (IT) components must also comply with the IT reporting requirements in the State Administrative Manual and the Statewide Information Management Manual.
- BL 07-25 General Statewide Sections (issued 09/04/07) - This Budget Letter (BL) announces information on new or revised statewide sections in the Budget Act of 2007.
- BL 07-08 2008-09 Budget Preparation Guidelines (issued 04/11/07) - This Budget Letter (BL) provides departments with technical information on various topics related to the preparation of the 2008-09 Governor's Budget.
- BL 07-03 Policy Changes to Operational Recovery Planning and Modifications to the Agency Designation Letter and Operational Recovery Plan Certification (issued 01/23/07) - This BL announces changes in the State Administrative Manual (SAM) and the Statewide Information Management Manual (SIMM) regarding new required components for Operational Recovery Planning. These new components will assist agencies in developing a more comprehensive plan for the recovery of their critical operations in the event of a disruption in business. Agencies are required to incorporate these fundamental components into their comprehensive Operational Recovery Plan using the Documentation for Agencies Preparation Instructions found in the SIMM 65A.
- BL 07-02 Control Section 4.04 for 2007-08 - Price Increase Adjustments (issued 01/19/07) - This BL notifies departments of a new control section that would authorize the Director of Finance to reduce General Fund items of appropriation by up to half of the amount provided for General Fund price increase in 2007-08.
- BL 06-36 California Automated Travel Expense Reimbursement System (issued 12/22/06) - This BL announces instructions to departments regarding implementation of the California Automated Travel Expense Reimbursement System (CalATERS) pursuant to Government Code Section 19822.3 (AB 1806, Chapter 69, Statutes of 2006 ), which requires that all state agencies implement and use CalATERS by July 1, 2009, unless an exemption is recommended by the State Controller's Office (SCO) and approved by Finance.
- BL 06-34 Information Technology Security Policy - Information Security Notification and Reporting (issued 12/07/06) - This BL announces the requirements for establishing information security and privacy programs, including a requirement for establishing an annual training component to provide ongoing education for all employees and contractors who handle personal, sensitive, or confidential information. Additionally, the notification and reporting requirements and instructions for information security incidents have been updated to include recent changes identified in Management Memo 06-12, Protection of Information Assets. This policy is effective immediately.
- BL 06-27 GS $Mart and Other Municipal Lease Financing (issued 09/08/06) - This BL announces information on availability of and conditions for obtaining a GS $Mart Financing Arrangement. For information technology projects reportable to Finance, departments must indicate if any purchase proposed in a Feasibility Study Report or Special Project Report will be financed and by what means.
- BL 06-17 2006-07 Control Section 11.00 / Control Section 11.10 (issued 08/01/06) - It is each department's responsibility to determine whether a project or software license agreement requires approval by Finance and the 30-day notification to the Legislature under Control Section 11.00 and / or Control Section 11.10 of the Budget Act. This Budget Letter includes Applicability Tests and a Control Section 11.00 / 11.10 Application.
- BL 05-32 Information Technology Security Policy - Encryption on Portable Computing Devices (issued 11/14/05) - This BL announces additional Information Technology (IT) policy requiring encryption for portable computing devices and portable electronic storage media when confidential, sensitive, and/or personal information is stored on them.
- BL 05-08 Information Technology Security Policy - Classification of Information (issued 06/03/05) - This BL announces revised information technology (IT) policy with expanded definitions for data classification.
- BL 05-03 Peer to Peer File Sharing (issued 3/7/05) - The purpose of this Budget Letter (BL) is to provide new policy regarding the practice of peer-to-peer file sharing, to implement the Governor's Executive Order S-16-04.
- BL 04-35 2005-06 Safeguarding Access to State Data (issued 11/16/04) - The purpose of this Budget Letter (BL) is to announce new policy requiring written agreements with non-state entities, including vendors, consultants, or researchers before they are allowed access to State data.
- BL 04-04 Modifications to the Implementation of the Statewide Information Technology Project Oversight Framework (issued 02/27/04) - The purpose of this Budget Letter (BL) is to provide direction to departments for ongoing Information Technology project oversight during calendar year 2004.
- BL 04-01 IT Contract Exemptions for the Contract, Equipment Acquisition, and Travel Ban (issued 01/16/04) - The purpose of this Budget Letter (BL) is to provide the information technology contract exemption request instructions referenced in BL 03-43.
- BL 03-43 Contract, Equipment Acquisition, and Travel Ban (issued 12/05/03) - The purpose of this Budget Letter is to prohibit State Agencies and departments from (1) entering into any new contracts or agreements to lease or purchase equipment, and (2) entering into any new services contract or make any changes to an existing contract that would increase the amount or extend the term of any contract. The prohibition against new contracts does not apply to contracts for legal services or expert testimony in pending litigation.
- BL 03-13 Assessment of Information Technology Security Measures, Policies, and Practices (issued 06/09/03) - This Budget Letter (BL) announces a mandatory self-assessment of IT security measures, policies, and practices. The BL explains how the assessment template will be delivered and lists required response dates, which are based on department size.
- BL 03-11 Safeguards for Firewalls and Services (issued 05/13/03) - This Budget Letter (BL) advises departments of key information security policies and practices that should be prominent components of departmental information technology (IT) security programs. The suggested policies, which involve safeguards for servers and firewalls, address configuration, server hardening, and application of updates and security patches.
- BL 03-03 Notification of Information Technology Incidents and Computer Crimes (issued 02/04/03) - This budget letter announces and describes the consolidated notification process for information technology security incidents and computer crime incidents. The new notification telephone number is included. This letter also provides a list of the circumstances that require notification, referring to appropriate law and State Administrative Manual sections for additional detail. This process is effective 02/01/03.
- BL 02-29 Information Security Controls Revised (issued 9/12/02) - This Budget Letter highlights and reminds agencies ("agency" refers to agencies, departments, boards, and commissions) of some of the most critical information security controls, which can help to protect systems and data. In this revised Security Budget Letter, the security contact phone number is updated.