HB208 Alabama 2025 Session

Summary

Primary Sponsor

Mike ShawRepresentative

Republican

Session

2025 Regular Session

Title

Secretary of Information Technology, duties regarding cybertechnology technology quality assurance for state agencies further provided

Summary

HB208 would expand the Office of Information Technology to include cybersecurity, create a technology quality assurance board, and give the secretary broader duties to plan, coordinate, and oversee state IT and cybersecurity efforts.

What This Bill Does

First, it expands the office to cover cybersecurity and creates a technology quality assurance board to oversee new technologies, including artificial intelligence, with ethical guidelines, security controls, and ongoing compliance. Second, it amends the law to require the secretary to develop a four-year strategic IT plan, coordinate with other state agencies and authorities, maintain an IT asset inventory, review proposed IT initiatives, and manage related funds. Third, it requires the secretary to issue annual reports and to promulgate rules and standards for IT management, cybersecurity governance, project management, and enterprise architecture, with an effective date of October 1, 2025.

Who It Affects

• State agencies: must follow centralized IT planning, cybersecurity governance, asset inventory, and review/approval processes for new IT initiatives.
• Secretary of Information Technology: gains expanded duties and authority to plan, coordinate, oversee IT and cybersecurity across agencies and participate on relevant boards.

Key Provisions

• Expand the office to include cybersecurity governance and create a technology quality assurance board.
• Authorize the secretary to develop a comprehensive four-year strategic IT plan, updated annually, coordinated with planning and budgeting processes, and reviewed for reducing duplication and improving return on IT investments.
• Coordinate with the Alabama Supercomputer Authority and related entities to promote standards and avoid duplication of IT efforts.
• Allow the secretary to serve as a member of the board(s) for the Alabama Supercomputer Authority.
• Authorize the secretary to solicit, receive, and administer funds for IT equipment, software, services, and staff training.
• Establish an inventory of IT resources and all data and data systems in state agencies to improve asset management and data sharing.
• Establish and administer a structured system for review and approval of new IT initiatives, including business case, cost-benefit analysis, and compatibility analysis.
• Administer funds appropriated by the Legislature for the office’s operations and coordination.
• Represent state IT interests with private, public, and federal partners and issue annual reports to the Governor, Legislature, and public.
• Promulgate rules and policies for IT management, cybersecurity governance, project management standards, and enterprise architecture across state agencies.
• Create and oversee a technology quality assurance board to promote responsible procurement, development, and use of novel technologies, including AI, with ethical guidelines, security/privacy controls, and ongoing compliance mechanisms.
• Plan and coordinate IT and cybersecurity activities to promote economical and effective use of state resources.
• Effective date: October 1, 2025.

AI-generated summary using openai/gpt-5-nano on Feb 22, 2026. May contain errors — refer to the official bill text for accuracy.

Subjects

State Government