Michigan Administrative Code Department - Technology Management and Budget
1. Information Technology Security Standards
Case: Cybersecurity compliance for state agencies.
The MAC, under DTMB rules, establishes mandatory IT security protocols for all executive branch agencies.
These rules dictate password policies, encryption requirements, network monitoring, and incident reporting procedures.
For example, if an agency handles personal or financial information, it must follow DTMB’s cybersecurity standards. Failure to comply may trigger audits, mandatory corrective action plans, and even suspension of access to state IT systems.
Impact: Ensures that sensitive citizen data (like Medicaid or tax records) is protected against breaches and unauthorized access.
2. State Procurement Rules
Case: Purchasing of software or hardware by state agencies.
DTMB administers procurement rules under the MAC, outlining the steps agencies must follow to acquire technology resources.
This includes competitive bidding requirements, contract approval processes, and vendor eligibility.
Example: If a university wants to buy new server infrastructure, the agency must submit a procurement request that aligns with DTMB specifications, including cost analysis, vendor vetting, and adherence to minority-owned business requirements.
Impact: Promotes transparency, cost efficiency, and fairness in state technology spending.
3. Cloud Computing and Data Storage
Case: Transition to cloud-based services.
The MAC provides rules that agencies must follow when storing data in the cloud. DTMB guidance ensures that data remains secure, accessible, and compliant with legal retention requirements.
Agencies must evaluate cloud providers’ security certifications, geographic data storage locations, and disaster recovery plans before approval.
Example: A state health agency wanting to store medical records in a cloud service must submit a risk assessment report to DTMB and follow encryption and access controls mandated in the administrative code.
Impact: Ensures compliance with federal and state privacy laws while modernizing IT infrastructure.
4. IT Project Management Oversight
Case: Large-scale state software implementation.
DTMB enforces rules on project management for IT initiatives through the MAC. Agencies must follow standard methodologies (like Agile or Waterfall), document milestones, and report progress regularly.
Example: If a state tax system undergoes modernization, the agency must submit a project plan including timelines, resource allocation, budget forecasts, and risk assessments. DTMB reviews and approves this plan to ensure alignment with state policies.
Impact: Reduces the risk of project failures, cost overruns, or delays in critical state systems.
5. Records Management and Digital Preservation
Case: Managing official digital records.
DTMB rules require state agencies to preserve electronic records in a standardized format, ensuring long-term accessibility and compliance with the Michigan Records Act.
Example: A licensing board maintaining digital license applications must use DTMB-approved record management systems, implement proper metadata, and ensure secure storage.
Impact: Prevents loss of official records, ensures audit readiness, and supports transparency in state operations.
RELATED Blog
comments