Divisions » KITO » KARS Help Center

IT Project Approval and Reporting Process

K.S.A. 75-7209 and ITEC-2400-P require that whenever a state agency, in any branch of government, proposes a qualifying information technology (IT) project, the agency must prepare a project plan and submit it to the Chief Information Technology Officer (CITO) of the agency’s branch. The project plan is required to provide specific information and must be approved by the branch CITO before implementation of the project begins. ITEC-2400-P requires branch CITO approval twice in the commencement of an IT project: first prior to procurement activity, and then, with additional information reported, prior to the project entering execution. The KITO Approval and Reporting System (KARS) is provided to manage the process of IT project plan submittal, review, approval, and reporting.

What is an IT project?

What constitutes an IT project is defined in statute.

“‘Project’ means a planned series of events or activities that is intended to accomplish a specified outcome in a specified time period, under consistent management direction within a state agency or shared among two or more state agencies, and that has an identifiable budget for anticipated expenses”, according to K.S.A. 75-7201(i).

K.S.A. 75-7201(d) further defines an information technology project as “an information technology effort by a state agency of defined and limited duration that implements, effects a change in or presents a risk to processes, services, security, systems, records, data, human resources or architecture.”

Any activity that falls under this pair of definitions, then, is considered an IT project and must be assessed to determine whether it is subject to the approval and reporting requirements.

Which IT projects must be approved and reported on?

Not all IT projects that meet the statutory definitions require approval and reporting. The ones that do are those with significant business risk.

IT projects deemed to have significant risk are required to be submitted, obtain branch CITO approval of their plans, and report status, all through KARS. These are often called “reportable” IT projects, to distinguish them from those that are not subject to these approval and reporting requirements.

The Kansas IT Business Risk Assessment is what determines the level of business risk for an IT project. All proposed IT initiatives that meet the IT project definitions, then, must undergo this brief assessment, which is carried out in KARS, to determine their degree of risk, and thus whether they qualify for required approval and reporting.

Process for Reportable IT Projects

For reportable IT projects, KARS collects the required information and makes it available for review by the designated parties at the appropriate phases of the process. Per ITEC-2400-P, two separate branch CITO approvals must take place:

  1. Prior to procurement – referred to as branch CITO demand approval. This is approval to procure.
  2. Prior to execution – referred to as branch CITO project approval. This is approval to execute.

In KARS, a project plan submitted for initial branch CITO approval is termed a demand and includes high-level information about the proposed initiative. Subsequently, while being prepared for the second branch CITO approval and thereafter, it is designated in the system as a project and includes much more detailed information.

Prior to procurement

A demand (formerly known as a high-level project plan) is a strategic or operational IT initiative for which an agency must request branch CITO review and approval to proceed with procurement.

The initial demand data is entered by the agency into the demand application in KARS and includes high-level, estimated information about the proposed IT initiative.

KARS then presents the IT Business Risk Assessment for the demand.

If the initiative is deemed reportable by the results of this assessment, the agency provides more information in KARS to complete the demand record. When the necessary information has been provided, the demand is submitted to the Kansas Information Technology Office (KITO) for evaluation and acceptance.

Once the demand has gained KITO acceptance, it is submitted to the legislative Joint Committee on Information Technology (JCIT), providing its members the opportunity to advise and consult on the project, as required by K.S.A. 75-7209(b)(1)(B).

At the conclusion of the JCIT advise and consult period, the demand is delivered to the branch CITO for review and approval. The branch CITO demand approval authorizes the state agency to proceed into procurement.

Prior to execution

Upon CITO approval of the demand, KARS automatically initiates the creation of a project. In KARS, a project (formerly known as a detailed-level project plan) is a strategic or operational IT initiative that has received CITO demand approval. Projects necessitate more in-depth, finalized information about a proposed IT initiative and must secure branch CITO approval to proceed with execution.

Following branch CITO demand approval, KARS automatically generates a new project with the demand data.

Once the specifics of the project are fully determined (i.e., after the selection of a vendor), the agency updates the project plan data in KARS, incorporating comprehensive and detailed information about the proposed IT initiative.

The project is submitted to KITO for a completeness review and acceptance.

After gaining KITO acceptance, the project is delivered to the branch CITO for review and approval.

Upon CITO approval, the agency is authorized to begin execution of the IT project.

During execution

Upon approval by the branch CITO, the project is designated as “active.” K.S.A 75-7211 directs the branch CITO, under the guidance of JCIT, to oversee the execution of IT projects by state agencies. To facilitate the evaluation of progress on IT projects, state agencies will submit quarterly project status reports to the CITO of their branch through KARS. The measures used to indicate project status include:

  • Critical path: actual progress versus planned progress
  • Milestone completion rate: the actual number of milestones completed for the project versus the planned number of milestones o be completed for the project through the date of the report
  • Cost: the actual cumulative total spent versus the original planned expenditure through the end of the reporting quarter

Close-out

Close-out is triggered when project objectives have been met, and users have reviewed and accepted the system. The close-out process requires preparation of a Post Implementation Evaluation Report (PIER) to capture lessons learned and archival of project records. The PIER documents the project’s history and provides recommendations for other projects of similar size and scope. It is the responsibility of the project manager to ensure that a project is properly closed out, and that a PIER is completed and submitted within six months of project completion (or cancellation).