California Holds Second Vendor Advisory Council Meeting

The California Department of Technology (CDT) held its second Vendor Advisory Council meeting, early this week. The Vendor Advisory Council, established and coordinated by the IT Alliance for Public Sector (ITAPS) and several industry trade associations, intends to provide a venue for increased coordination between CDT, the Department of General Services (DGS), and vendors doing business with the state. The goal is to streamline current IT services and continue to modernize the state’s IT procurement processes.

During the Vendor Forum, DGS announced that the state is currently evaluating the NASPO Value Point cloud-based cooperative contract led by the state of Utah. This cooperative platform allows states to purchase cloud services collectively, as opposed to a state-by-state approach. Utah announced seven awards last week after nearly two years of developing the agreement, with significant input from industry. DGS is expected to adopt the cloud cooperative contract but is currently evaluating Utah’s model to assess whether it meets California standards and to ensure that it does not conflict with existing state contracts. They are expected to complete this process by early next year.

DGS also discussed the need to shorten the length of state information technology (IT) procurements, which a recent benchmarking study showed to average two years. The goal is to hasten the process by frontloading the vendor vetting process and to shorten the overall solicitation process to 90 days. DGS suggested that this new process will be implemented next year for statewide commodity products. They also noted that they will be releasing in the next several weeks an updated IT Master Services Agreement (MSA), establishing a pre-qualified list of IT vendors intended to simplify purchasing for the state and local entities. Some of the changes expected in the updated MSA are new job classification categories and potential flexibility to reset pricing not currently offered.

Additionally, CDT’s Information Security Office announced that it is continuing to move the state towards alignment with the National Institute of Standards and Technology’s Cybersecurity Framework, while also breaking down those requirements into digestible security objectives based on risk to state entities. The approximately 30 security objectives are planned to be finalized this week. CDT also noted that they are looking at indemnification requirements placed on vendors in the event of a security breach or incident, which ITAPS has recently pushed states to address.

Overall, CDT’s Vendor Advisory Council has proven to be an informative and transparent way for industry to share its thoughts with the state, while also providing a venue to better understand the direction the state is heading regarding IT procurement policy. ITAPS will continue to work with CDT and DGS to share industry’s vision for modernizing the procurement process and promoting the close collaboration between the state and industry.