Utah Legislature HB0065

1     DIVISION OF TECHNOLOGY SERVICES AMENDMENTS
2     2023 GENERAL SESSION
3     STATE OF UTAH
4     Chief Sponsor: Jeffrey D. Stenquist
5     Senate Sponsor: Stephanie Pitcher
6

7     LONG TITLE
8     General Description:
9          This bill modifies provisions relating to the Division of Technology Services.
10     Highlighted Provisions:
11          This bill:
12          ▸     defines terms;
13          ▸     modifies and clarifies duties of the Division of Technology Services in relation to
14     procurement, contract management, and security assessment; and
15          ▸     makes technical and conforming changes.
16     Money Appropriated in this Bill:
17          None
18     Other Special Clauses:
19          None
20     Utah Code Sections Affected:
21     AMENDS:
22          63A-16-104, as last amended by Laws of Utah 2022, Chapter 169
23          63A-16-201, as last amended by Laws of Utah 2022, Chapter 169
24          63A-16-205, as last amended by Laws of Utah 2022, Chapter 169
25          63G-6a-303, as last amended by Laws of Utah 2022, Chapter 421
26     RENUMBERS AND AMENDS:
27          63G-6a-109.5, (Renumbered from 63A-16-204, as renumbered and amended by Laws
28     of Utah 2021, Chapter 344)
29

30     Be it enacted by the Legislature of the state of Utah:
31          Section 1. Section 63A-16-104 is amended to read:
32          63A-16-104. Duties of division.
33          The division shall:
34          (1) lead state executive branch agency efforts to establish and reengineer the state's
35     information technology architecture with the goal of coordinating central and individual agency
36     information technology in a manner that:
37          (a) ensures compliance with the executive branch agency strategic plan; and
38          (b) ensures that cost-effective, efficient information and communication systems and
39     resources are being used by agencies to:
40          (i) reduce data, hardware, and software redundancy;
41          (ii) improve system interoperability and data accessibility between agencies; and
42          (iii) meet the agency's and user's business and service needs;
43          (2) coordinate an executive branch strategic plan for all agencies;
44          (3) develop and implement processes to replicate information technology best practices
45     and standards throughout the executive branch;
46          (4) [~~at least once every odd-numbered year~~] once every three years:
47          (a) conduct an information technology security assessment via an independent third
48     party:
49          (i) to evaluate the adequacy of the division's and the executive branch agencies' data
50     and information technology system security standards [~~through an independent third party~~
51     ~~assessment~~]; and
52          (ii) that will be completed over a period that does not exceed two years; and
53          (b) communicate the results of the [~~independent third party~~] assessment described in
54     Subsection (4)(a) to the appropriate executive branch agencies and to the president of the
55     Senate and the speaker of the House of Representatives;
56          (5) [~~oversee the expanded use and implementation of~~] subject to Subsection
57     63G-6a-109.5(9):

58          (a) advise executive branch agencies on project and contract management principles as
59     they relate to information technology projects within the executive branch; and
60          (b) approve the acquisition of technology services and products by executive branch
61     agencies as required under Section 63G-6a-109.5;
62          [~~(6) serve as general contractor between the state's information technology users and~~
63     ~~private sector providers of information technology products and services;~~]
64          [~~(7)~~] (6) work toward building stronger partnering relationships with providers;
65          [~~(8)~~] (7) develop service level agreements with executive branch departments and
66     agencies to ensure quality products and services are delivered on schedule and within budget;
67          [~~(9)~~] (8) develop standards for application development including a standard
68     methodology and cost-benefit analysis that all agencies shall utilize for application
69     development activities;
70          [~~(10)~~] (9) determine and implement statewide efforts to standardize data elements;
71          [~~(11)~~] (10) coordinate with executive branch agencies to provide basic website
72     standards for agencies that address common design standards and navigation standards,
73     including:
74          (a) accessibility for individuals with disabilities in accordance with:
75          (i) the standards of 29 U.S.C. Sec. 794d; and
76          (ii) Section 63A-16-209;
77          (b) consistency with standardized government security standards;
78          (c) designing around user needs with data-driven analysis influencing management and
79     development decisions, using qualitative and quantitative data to determine user goals, needs,
80     and behaviors, and continual testing of the website, web-based form, web-based application, or
81     digital service to ensure that user needs are addressed;
82          (d) providing users of the website, web-based form, web-based application, or digital
83     service with the option for a more customized digital experience that allows users to complete
84     digital transactions in an efficient and accurate manner; and
85          (e) full functionality and usability on common mobile devices;

86          [~~(12)~~] (11) consider, when making a purchase for an information system, cloud
87     computing options, including any security benefits, privacy, data retention risks, and cost
88     savings associated with cloud computing options;
89          [~~(13)~~] (12) develop systems and methodologies to review, evaluate, and prioritize
90     existing information technology projects within the executive branch and report to the governor
91     and the Government Operations Interim Committee in accordance with Section 63A-16-201 on
92     a semiannual basis regarding the status of information technology projects;
93          [~~(14)~~] (13) assist the Governor's Office of Planning and Budget with the development
94     of information technology budgets for agencies;
95          [~~(15)~~] (14) ensure that any training or certification required of a public official or
96     public employee, as those terms are defined in Section 63G-22-102, complies with Title 63G,
97     Chapter 22, State Training and Certification Requirements, if the training or certification is
98     required:
99          (a) under this chapter;
100          (b) by the department; or
101          (c) by the division;
102          [~~(16)~~] (15) provide support to executive branch agencies for the information
103     technology assets and functions that are unique to the agency and are mission critical functions
104     of the agency;
105          [~~(17)~~] (16) provide in-house information technology staff support to executive branch
106     agencies;
107          [~~(18)~~] (17) establish a committee composed of agency user groups to coordinate
108     division services with agency needs;
109          [~~(19)~~] (18) assist executive branch agencies in complying with the requirements of any
110     rule made by the chief information officer;
111          [~~(20)~~] (19) develop and implement an effective enterprise architecture governance
112     model for the executive branch;
113          [~~(21)~~] (20) provide oversight of information technology projects that impact statewide

114     information technology services, assets, or functions of state government to:
115          (a) control costs;
116          (b) ensure business value to a project;
117          (c) maximize resources;
118          (d) ensure the uniform application of best practices; and
119          (e) avoid duplication of resources;
120          [~~(22)~~] (21) develop a method of accountability to agencies for services provided by the
121     department through service agreements with the agencies;
122          [~~(23)~~] (22) serve as a project manager for enterprise architecture, including
123     management of applications, standards, and procurement of enterprise architecture;
124          [~~(24)~~] (23) coordinate the development and implementation of advanced state
125     telecommunication systems;
126          [~~(25)~~] (24) provide services, including technical assistance:
127          (a) to executive branch agencies and subscribers to the services; and
128          (b) related to information technology or telecommunications;
129          [~~(26)~~] (25) establish telecommunication system specifications and standards for use by:
130          (a) one or more executive branch agencies; or
131          (b) one or more entities that subscribe to the telecommunication systems in accordance
132     with Section 63A-16-302;
133          [~~(27)~~] (26) coordinate state telecommunication planning, in cooperation with:
134          (a) state telecommunication users;
135          (b) executive branch agencies; and
136          (c) other subscribers to the state's telecommunication systems;
137          [~~(28)~~] (27) cooperate with the federal government, other state entities, counties, and
138     municipalities in the development, implementation, and maintenance of:
139          (a) (i) governmental information technology; or
140          (ii) governmental telecommunication systems; and
141          (b) (i) as part of a cooperative organization; or

142          (ii) through means other than a cooperative organization;
143          [~~(29)~~] (28) establish, operate, manage, and maintain:
144          (a) one or more state data centers; and
145          (b) one or more regional computer centers;
146          [~~(30)~~] (29) design, implement, and manage all state-owned, leased, or rented land,
147     mobile, or radio telecommunication systems that are used in the delivery of services for state
148     government or the state's political subdivisions;
149          [~~(31)~~] (30) in accordance with the executive branch strategic plan, implement
150     minimum standards to be used by the division for purposes of compatibility of procedures,
151     programming languages, codes, and media that facilitate the exchange of information within
152     and among telecommunication systems;
153          [~~(32)~~] (31) establish standards for the information technology needs of a collection of
154     executive branch agencies or programs that share common characteristics relative to the types
155     of stakeholders the agencies or programs serve, including:
156          (a) project management;
157          (b) application development; and
158          (c) subject to Subsections (5) and 63G-6a-109.5(9), procurement;
159          [~~(33)~~] (32) provide oversight of information technology standards that impact multiple
160     executive branch agency information technology services, assets, or functions to:
161          (a) control costs;
162          (b) ensure business value to a project;
163          (c) maximize resources;
164          (d) ensure the uniform application of best practices; and
165          (e) avoid duplication of resources; and
166          [~~(34)~~] (33) establish a system of accountability to user agencies through the use of
167     service agreements.
168          Section 2. Section 63A-16-201 is amended to read:
169          63A-16-201. Chief information officer -- Appointment -- Powers -- Reporting.

170          (1) The director of the division shall serve as the state's chief information officer.
171          (2) The chief information officer shall:
172          (a) advise the governor on information technology policy; and
173          (b) perform those duties given the chief information officer by statute.
174          (3) (a) The chief information officer shall report annually to:
175          (i) the governor; and
176          (ii) the Government Operations Interim Committee.
177          (b) The report required under Subsection (3)(a) shall:
178          (i) summarize the state's current and projected use of information technology;
179          (ii) summarize the executive branch strategic plan including a description of major
180     changes in the executive branch strategic plan;
181          (iii) provide a brief description of each state agency's information technology plan;
182          (iv) include the status of information technology projects described in Subsection
183     [~~63A-16-104(11)~~] 63A-16-104(10);
184          (v) include the performance report described in Section 63A-16-211; and
185          (vi) include the expenditure of the funds provided for electronic technology,
186     equipment, and hardware.
187          Section 3. Section 63A-16-205 is amended to read:
188          63A-16-205. Rulemaking -- Policies.
189          (1) (a) Except as provided in Subsection (2), the chief information officer shall, by rule
190     made in accordance with Title 63G, Chapter 3, Utah Administrative Rulemaking Act:
191          (i) [~~provide~~] establish standards that impose requirements on executive branch
192     agencies [~~that:(A) are~~] related to the security of the statewide area network; [~~and~~]
193          [~~(B)~~] (ii) establish standards for when an agency must obtain approval before obtaining
194     items [~~listed~~] described in Subsection [~~63A-16-204(1)~~] 63G-6a-109.5(2);
195          [~~(ii)~~] (iii) specify the detail and format required in an agency information technology
196     plan submitted in accordance with Section 63A-16-203;
197          [~~(iii)~~] (iv) [~~provide for~~] establish standards related to the privacy policies of websites

198     operated by or on behalf of an executive branch agency;
199          [~~(iv)~~] (v) [~~provide~~] subject to Subsection 63G-6a-109.5(9), establish standards for the
200     acquisition, licensing, and sale of computer software;
201          [~~(v)~~] (vi) specify the requirements for the project plan and business case analysis
202     required [~~by Section 63A-16-204~~] under Section 63G-6a-109.5;
203          [~~(vi)~~] (vii) provide for project oversight of agency technology projects when required
204     [~~by Section 63A-16-204~~] under Section 63G-6a-109.5;
205          [~~(vii)~~] (viii) establish, in accordance with Subsection [~~63A-16-204(2)~~]
206     63G-6a-109.5(3), the implementation of the needs assessment for information technology
207     purchases;
208          [~~(viii)~~] (ix) establish telecommunications standards and specifications in accordance
209     with Subsection [~~63A-16-104(26)~~] 63G-6a-109.5(25); and
210          [~~(ix)~~] (x) establish standards for accessibility of information technology by individuals
211     with disabilities in accordance with Section 63A-16-209.
212          (b) The rulemaking authority granted by [~~this~~] Subsection (1)(a) is in addition to any
213     other rulemaking authority granted under this chapter.
214          (2) (a) Notwithstanding Title 63G, Chapter 3, Utah Administrative Rulemaking Act,
215     and subject to Subsection (2)(b), the chief information officer may adopt a policy that outlines
216     procedures to be followed by the chief information officer in facilitating the implementation of
217     this title by executive branch agencies if the policy:
218          (i) is consistent with the executive branch strategic plan; and
219          (ii) is not required to be made by rule under Subsection (1) or Section 63G-3-201.
220          (b) (i) A policy adopted by the chief information officer under Subsection (2)(a) may
221     not take effect until 30 days after the day on which the chief information officer submits the
222     policy to:
223          (A) the governor; and
224          (B) all cabinet level officials.
225          (ii) During the 30-day period described in Subsection (2)(b)(i), cabinet level officials

226     may review and comment on a policy submitted under Subsection (2)(b)(i).
227          (3) (a) Notwithstanding Subsection (1) or (2) or Title 63G, Chapter 3, Utah
228     Administrative Rulemaking Act, without following the procedures of Subsection (1) or (2), the
229     chief information officer may adopt a security procedure to be followed by executive branch
230     agencies to protect the statewide area network if:
231          (i) broad communication of the security procedure would create a significant potential
232     for increasing the vulnerability of the statewide area network to breach or attack; and
233          (ii) after consultation with the chief information officer, the governor agrees that broad
234     communication of the security procedure would create a significant potential increase in the
235     vulnerability of the statewide area network to breach or attack.
236          (b) A security procedure described in Subsection (3)(a) is classified as a protected
237     record under Title 63G, Chapter 2, Government Records Access and Management Act.
238          (c) The chief information officer shall provide a copy of the security procedure as a
239     protected record to:
240          (i) the chief justice of the Utah Supreme Court for the judicial branch;
241          (ii) the speaker of the House of Representatives and the president of the Senate for the
242     legislative branch;
243          (iii) the chair of the Utah Board of Higher Education; and
244          (iv) the chair of the State Board of Education.
245          Section 4. Section 63G-6a-109.5, which is renumbered from Section 63A-16-204 is
246     renumbered and amended to read:
247          [~~63A-16-204~~].      63G-6a-109.5. Approval of acquisitions of information
248     technology.
249          (1) As used in this section:
250          (a) "Chief information officer" means the director of the Division of Technology
251     Services, created in Section 63A-16-103.
252          (b) "Department" means the Department of Government Operations, created in Section
253     63A-1-104.

254          [~~(1)~~] (2) (a) In accordance with Subsection [~~(2)~~] (3), the chief information officer shall
255     approve the acquisition by an executive branch agency of:
256          (i) information technology equipment;
257          (ii) telecommunications equipment;
258          (iii) software;
259          (iv) services related to the items [~~listed~~] described in Subsections [~~(1)(a)(i)~~] (2)(a)(i)
260     through (iii); and
261          (v) data acquisition.
262          (b) The chief information officer may negotiate the purchase, lease, or rental of private
263     or public information technology or telecommunication services or facilities in accordance with
264     this section.
265          (c) Where practical, efficient, and economically beneficial, the chief information
266     officer shall use existing private and public information technology or telecommunication
267     resources.
268          (d) In accordance with Section 63A-16-206, the chief information officer may
269     recommend coordination of acquisitions between two or more executive branch agencies if the
270     coordination is in the best interests of the state.
271          [~~(d)~~] (e) [~~Notwithstanding another provision of this section, an~~] An acquisition
272     [~~authorized by~~] approved under this section shall comply with rules made by the applicable
273     rulemaking authority under [~~Title 63G,~~] Chapter 6a, Utah Procurement Code.
274          [~~(2)~~] (3) Before [~~negotiating~~] a conducting procurement unit negotiates a purchase,
275     lease, or rental under Subsection [~~(1)~~] (2) for an amount that exceeds the value established by
276     the chief information officer by rule made in accordance with Section 63A-16-205, the chief
277     information officer shall:
278          (a) conduct an analysis of the needs of executive branch agencies and subscribers of
279     services and the ability of the proposed information technology or telecommunications services
280     or supplies to meet those needs; and
281          (b) for purchases, leases, or rentals not covered by an existing statewide contract,

282     certify in writing to the chief procurement officer in the Division of Purchasing and General
283     Services that:
284          (i) the analysis required in Subsection [~~(2)(a)~~] (3)(a) was completed; and
285          (ii) based on the analysis, the proposed purchase, lease, rental, or master contract of
286     services, products, or supplies is practical, efficient, and economically beneficial to the state
287     and the executive branch agency or subscriber of services.
288          [~~(3)~~] (4) [~~In approving an acquisition described in Subsections (1) and (2), the~~] The
289     chief information officer shall approve an acquisition described in Subsection (2) or (3) if the
290     acquisition complies with:
291          [~~(a) establish by administrative rule, in accordance with Section 63A-16-205, standards~~
292     ~~under which an agency must obtain approval from the chief information officer before~~
293     ~~acquiring the items listed in Subsections (1) and (2);~~]
294          [~~(b) for those acquisitions requiring approval, determine whether the acquisition is in~~
295     ~~compliance with:~~]
296          (a) the applicable rules and policies described in Section 63A-16-205;
297          [~~(i)~~] (b) the executive branch strategic plan;
298          [~~(ii)~~] (c) the applicable agency information technology plan;
299          [~~(iii)~~] (d) the budget for the executive branch agency or department as adopted by the
300     Legislature;
301          [~~(iv)~~] (e) [~~Title 63G,~~] Chapter 6a, Utah Procurement Code; and
302          [~~(v)~~] (f) the information technology accessibility standards described in Section
303     63A-16-209[~~; and~~].
304          [~~(c) in accordance with Section 63A-16-206, require coordination of acquisitions~~
305     ~~between two or more executive branch agencies if it is in the best interests of the state.~~]
306          [~~(4)~~] (5) Each executive branch agency shall provide the chief information officer with
307     complete access to all information technology records, documents, and reports:
308          (a) at the request of the chief information officer; and
309          (b) related to the executive branch agency's acquisition of [~~any item listed~~] an item

310     described in Subsection [~~(1)~~] (2).
311          [~~(5)~~] (6) (a) In accordance with administrative rules established by the [~~department~~]
312     chief information officer under Section 63A-16-205, an executive branch agency and the
313     department may not initiate a new technology project unless the technology project is described
314     in a formal project plan and a business case analysis is approved by the chief information
315     officer and the highest ranking executive branch agency official.
316          (b) The project plan and business case analysis required [by] under this Subsection
317     [~~(5)~~] (6) shall include:
318          (i) a statement of work to be done and existing work to be modified or displaced;
319          (ii) the total cost of the system development and conversion effort, including system
320     analysis and programming costs, establishment of master files, testing, documentation, special
321     equipment cost, and all other costs, including overhead;
322          (iii) the savings or added operating costs that will result after conversion;
323          (iv) a description of the other advantages or reasons that justify the work;
324          (v) the source of funding of the work, including ongoing costs;
325          (vi) a description of the project's consistency with budget submissions and planning
326     components of budgets; and
327          (vii) a statement regarding whether the work is within the scope of projects or
328     initiatives envisioned when the current fiscal year budget was approved.
329          (c) The chief information officer shall determine the required form of the project plan
330     and business case analysis described in this Subsection [~~(5)~~] (6).
331          [~~(6)~~] (7) [~~The~~] Subject to Subsection (9), the chief information officer and the Division
332     of Purchasing and General Services within the department shall work cooperatively to establish
333     procedures under which the chief information officer shall monitor and approve acquisitions
334     [~~as provided in~~] under this section.
335          (8) In addition to the requirement that the chief information officer approve the
336     acquisitions described in Subsections (2) and (3), the Division of Technology Services shall,
337     subject to Subsection (9), assist and support executive branch agencies in the acquisition of all

338     technology services and products.
339          (9) In relation to the acquisition of technology services or products:
340          (a) the requirement of approval by the chief information officer, as described in this
341     section, and the assistance and support of the Division of Technology Services described in
342     Subsection (8), do not make the chief information officer, the department, or the Division of
343     Technology Services responsible to manage the contract or fund the procurement;
344          (b) contract management is the responsibility of the conducting procurement unit; and
345          (c) funding of the procurement is the responsibility of the executive branch agency
346     acquiring the technology services or products.
347          Section 5. Section 63G-6a-303 is amended to read:
348          63G-6a-303. Role, duties, and authority of chief procurement officer.
349          (1) The chief procurement officer:
350          (a) is the director of the division;
351          (b) serves as the central procurement officer of the state;
352          (c) serves as a voting member of the board; and
353          (d) serves as the protest officer for a protest relating to a procurement of an executive
354     branch procurement, except an executive branch procurement unit designated under Subsection
355     63G-6a-103(38)(b), (c), (d), or (e) as an independent procurement unit, or a state cooperative
356     contract procurement, unless the chief procurement officer designates another to serve as
357     protest officer, as authorized in this chapter.
358          (2) Except as otherwise provided in this chapter, the chief procurement officer shall:
359          (a) develop procurement policies and procedures supporting ethical procurement
360     practices, fair and open competition among vendors, and transparency within the state's
361     procurement process;
362          (b) administer the state's cooperative purchasing program, including state cooperative
363     contracts and associated administrative fees;
364          (c) enter into an agreement with a public entity for services provided by the division, if
365     the agreement is in the best interest of the state;

366          (d) ensure the division's compliance with any applicable law, rule, or policy, including
367     a law, rule, or policy applicable to the division's role as an issuing procurement unit or
368     conducting procurement unit, or as the state's central procurement organization;
369          (e) manage the division's electronic procurement system;
370          (f) oversee the recruitment, training, career development, certification requirements,
371     and performance evaluation of the division's procurement personnel;
372          (g) make procurement training available to procurement units and persons who do
373     business with procurement units;
374          (h) provide exemplary customer service and continually improve the division's
375     procurement operations;
376          (i) exercise all other authority, fulfill all other duties and responsibilities, and perform
377     all other functions authorized under this chapter; and
378          (j) ensure that any training described in this Subsection (2) complies with [~~Title 63G,~~]
379     Chapter 22, State Training and Certification Requirements.
380          (3) With respect to a procurement or contract over which the chief procurement officer
381     has authority under this chapter, the chief procurement officer, except as otherwise provided in
382     this chapter:
383          (a) shall:
384          (i) manage and supervise a procurement to ensure to the extent practicable that
385     taxpayers receive the best value;
386          (ii) prepare and issue standard specifications for procurement items;
387          (iii) review contracts, coordinate contract compliance, conduct contract audits, and
388     approve change orders;
389          (iv) in accordance with Section [~~63A-16-204~~] 63G-6a-109.5, coordinate with the
390     Division of Technology Services, created in Section 63A-16-103, with respect to the
391     procurement of information technology services by an executive branch procurement unit;
392          (v) correct, amend, or cancel a procurement at any stage of the procurement process if
393     the procurement is out of compliance with this chapter or a board rule;

394          (vi) after consultation with the attorney general's office, correct, amend, or cancel a
395     contract at any time during the term of the contract if:
396          (A) the contract is out of compliance with this chapter or a board rule; and
397          (B) the chief procurement officer determines that correcting, amending, or canceling
398     the contract is in the best interest of the state; and
399          (vii) make a reasonable attempt to resolve a contract dispute, in coordination with the
400     attorney general's office; and
401          (b) may:
402          (i) delegate limited purchasing authority to a state agency, with appropriate oversight
403     and control to ensure compliance with this chapter;
404          (ii) delegate duties and authority to an employee of the division, as the chief
405     procurement officer considers appropriate;
406          (iii) negotiate and settle contract overcharges, undercharges, and claims, in accordance
407     with the law and after consultation with the attorney general's office;
408          (iv) authorize a procurement unit to make a procurement pursuant to a regional
409     solicitation, as defined in Subsection 63G-6a-2105(7), even if the procurement item is also
410     offered under a state cooperative contract, if the chief procurement officer determines that the
411     procurement pursuant to a regional solicitation is in the best interest of the acquiring
412     procurement unit; and
413          (v) remove an individual from the procurement process or contract administration for:
414          (A) having a conflict of interest or the appearance of a conflict of interest with a person
415     responding to a solicitation or with a contractor;
416          (B) having a bias or the appearance of bias for or against a person responding to a
417     solicitation or for or against a contractor;
418          (C) making an inconsistent or unexplainable score for a solicitation response;
419          (D) having inappropriate contact or communication with a person responding to a
420     solicitation;
421          (E) socializing inappropriately with a person responding to a solicitation or with a

422     contractor;
423          (F) engaging in any other action or having any other association that causes the chief
424     procurement officer to conclude that the individual cannot fairly evaluate a solicitation
425     response or administer a contract; or
426          (G) any other violation of a law, rule, or policy.
427          (4) The chief procurement officer may not delegate to an individual outside the
428     division the chief procurement officer's authority over a procurement described in Subsection
429     (3)(a)(iv).
430          (5) The chief procurement officer has final authority to determine whether an executive
431     branch procurement unit's anticipated expenditure of public funds, anticipated agreement to
432     expend public funds, or provision of a benefit constitutes a procurement that is subject to this
433     chapter.
434          (6) Except as otherwise provided in this chapter, the chief procurement officer shall
435     review, monitor, and audit the procurement activities and delegated procurement authority of
436     an executive branch procurement unit, except to the extent that an executive branch
437     procurement unit is designated under Subsection 63G-6a-103(38)(b), (c), (d), or (e) as an
438     independent procurement unit, to ensure compliance with this chapter, rules made by the
439     applicable rulemaking authority, and division policies.