Both spoke to a small group of SLED vendors during the Industry Insider — Texas briefing Thursday in Austin.
Each CIO has spent several years in public-sector IT, Hermes having served at TDA for two years and the better part of his IT career at the state level. Kennedy has been at OCA for more than 12 years and with the state for about 20.
Both have strong suggestions for vendors, two being potential deal breakers:
- With an eye to the cloud, vendors must be TX-RAMP certified through the Department of Information Resources (DIR). This is a must-do, according to both CIOs.
- Vendors need to be familiar with legislative appropriations for each agency and understand what those numbers mean. Hermes said it is imperative for vendors to understand the Texas budget process, allocations and budget requests.
OCA is “leaning into cloud-first” as a model, Kennedy said, and security and compliance for cloud services can be a challenge.
“Now in that last [legislative] session … one of the requirements is that you have to be TX-RAMP certified,” he said. “I know that’s a big challenge for a lot of vendors, but I see that as a good thing generally because we follow the security control catalog that DIR puts out. We put that in our contracts with our vendors these days.”
“I don’t have an internal audit division … so that’s why we rely on that TX-RAMP program. The other thing with the courts that is valued is privacy and how we lock things up in data classification.”
As to budgets, both CIOs spoke to the nature of legislative appropriations in that dollar amounts don’t have wiggle room and must be used for their intended purpose. There is no moving around dollars for projects once allotted.
“You know, we’re a very, very lean agency,” Hermes said. “We have great ambitions, but we may have to sacrifice certain other things … Read the legislative appropriations requests (LARs) and read the general appropriations act.”
The agricultural agency has asked for funding to modernize its licensing system; however, the Legislature has yet to appropriate the next biennium. Current budgets and LARs can generally be found on agency websites.
Vendors should be wary of sending cold emails or making cold sales calls; they should focus on doing research about the agency and then building a relationship. Conferences and public-sector events are ways for vendors to become visible and network with IT leaders.
IT leaders also speak to each other about customer service and support; vendors need to be responsive, supportive and willing to help solve problems from the outset as state agencies move to “push new tech ahead,” continue moving to the cloud and find turnkey solutions.