Rule 3301-3-07 | Performance requirements.

Information technology centers will meet the following performance standards:

(A) Governance - agreement/constitution

(1) The agreement between user entities establishing an information technology center will be ratified by all user entities, comply with section 3313.92 or Chapter 167. of the Revised Code, reviewed by legal counsel for compliance with section 3313.92 or Chapter 167. of the Revised Code, and be approved by the department.

(2) The agreement will include such provisions for a governing assembly as a board of directors or an executive committee.

(3) The agreement will include provisions for a systematic approach to encourage participation that is representative of all end users and governance that is representative of all user entities.

(4) The agreement will define the responsibilities of each component of the organizational structure.

(5) The information technology center's governing authority rests with the board of directors or the governing assembly rather than the fiscal agent.

(6) The agreement will set forth the process of change and define how organizational changes are to occur, including, amending the agreement, changing the fiscal agent, adding and withdrawing membership, and changing officers.

(7) The information technology center's governance document will contain language that holds harmless the fiscal agent for any liabilities, obligations, claims, damages, penalties, causes of action, costs or expenses relating to the operation and activities of the information technology center. Amounts to be paid in settlement of any such claims or damages, including attorneys' fees and costs and expenses, will be apportioned among all districts participating in the information technology center to the extent permitted by law.

The provisions of paragraph (A)(7) of this rule would not be applicable to cases of misfeasance, malfeasance, nonfeasance, or other illegal or inappropriate activities directly attributed to the actions of the fiscal agent.

(8) All governance policies and procedures, as well as daily site operations, will be in accordance with the information technology center's current by-laws, agreement(s), or both.

(9) All information technology centers will maintain fully executed contractual agreements with their user entities. The contractual agreement between the information technology center and its user entities will specify at a minimum the quality implementation standards, as defined by the department, for all core services, as well as any additional fees to supplement state subsidy for the core services.

(B) Fiscal operations standards

(1) Local fiscal operations

(a) The information technology center will demonstrate the appropriate appointment and utilization of a fiscal agent.

(i) An information technology center organized under section 3313.92 of the Revised Code will designate one user entity participating in the consortium agreement to act as fiscal agent.

(ii) An information technology center organized as a council of governments in accordance with Chapter 167. of the Revised Code may employ its own treasurer to assume all financial responsibilities or may elect to designate one user entity participating in the council to act as fiscal agent.

(iii) The fiscal agent treasurer or the treasurer employed by a council of governments is responsible for all financial transactions associated with the information technology center.

(iv) The fiscal agent treasurer or the treasurer employed by a council of governments will be licensed in accordance with section 3301.074 of the Revised Code.

(b) Financial accounting records of information technology center activities will be separately maintained and be auditable.

(i) Information technology centers will perform all financial transactions and accounting procedures in compliance with applicable laws of the state of Ohio and standards established by the auditor of state.

(ii) Information technology centers will establish, define, and adhere to procedures for receipting expenditures and accounting and equipment acquisition, inventory, and disposition.

(c) The appropriate governing bodies of the information technology center will approve all fee assessments, contracts, employee compensation and benefits, as well as initial and modified appropriations, as evidenced by official meeting minutes.

(d) The board of directors or the governing assembly will be provided access to the following:

(i) Detailed fiscal reports for each regular board of directors or governing assembly meeting.

(ii) Other reports upon request.

(2) Financial condition

(a) Amortization periods for the retirement of indebtedness will not exceed the recommended schedules for depreciation as established by the internal revenue service.

(b) The information technology center will establish a schedule of fees for services that, in combination with state subsidy funding, cash reserves, and other sources of revenue, will generate operating funds sufficient to meet anticipated expenditures.

(C) Operating standards

(1) Organization

(a) The information technology center will hold a valid permit and maintain compliance with the criteria established for that permit as identified in rule 3301-3-03 of the Administrative Code.

(b) The information technology center will comply with section 3301.075 of the Revised Code and with the OECN line item appropriation language contained in the state budget as currently enacted.

(c) The information technology center as organized in accordance with either Chapter 167. or section 3313.92 of the Revised Code will provide a current copy of its organizational agreement(s) for review during the site review specified in paragraph (A)(2) of rule 3301-3-04 of the Administrative Code and upon request by the department and/or the public.

(2) Core services

(a) Core services will be delivered based upon the quality implementation standards communicated by the department.

(b) All software and hardware used by information technology center will enable efficient and effective end-user access to the core services.

(c) Equipment for computer systems or support services may be shared among and between multiple information technology centers in order to increase operational efficiencies, lower operating costs, and/or to improve service reliability.

(d) Contractual agreements will be executed with user entities across all core service areas specifying the areas of service (e.g. software management, data management, training, problem resolution, documentation, communication and quality of service), responsibilities of the information technology center and the user entity for each area of service, and quality implementation standards for each area of service.

(e) Specific guidelines applying to internet access and networking services

(i) The speed and reliability of the network will be commensurate with department standards and provide for optimal performance for end users.

(ii) Standards established by the department for connectivity will be maintained by the information technology center.

(iii) The information technology center is responsible for any repairs or maintenance to the network and equipment for accessing the internet.

(iv) The information technology center will coordinate and manage an integrated services network that may include, but not be limited to, voice, video, and data services. Any educational entity desiring to be connected will have the option of access and the primary internet service provider(s) will involve the network and provider(s) selected by the department.

(3) Reports

(a) The information technology center will file with the department a continuous improvement plan that meets department guidelines and timeframes as set by the department. The report will include tthe information technology center's planned versus actual delivery of core services based upon quality implementation standards. The report will inform the department-managed accountability system for the OECN. The information technology center will respond in writing to the department and/or make operational adjustments as directed by the department if deficiencies are noted in the department's review of the continuous improvement plan.

(b) The information technology center will implement an automated help-desk system with quality implementation standards defined by the department in partnership with the OECN. The system will, at a minimum, facilitate communication and problem resolution among user entities and escalation to appropriate information technology center staff across the OECN, as well as with the department. The system will enable the reporting of quality implementation metrics for the core services to the department and provide data for the department-managed accountability system for the OECN.

(c) Detailed financial records of the information technology center for the current and previous fiscal year transactions will be made available to the department during the site review conducted pursuant to rule 3301-3-04 of the Administrative Code. Financial records will also be made available to the department within sixty days of the end of the fiscal year in an electronic format as specified by the department.

(4) Business continuity, security, data release, and other safeguards

(a) A written business continuity plan will be formulated, reviewed at regular intervals by the governing body of the information technology center, and be kept on file at the department.

(b) A written security policy will be implemented to include the following:

(i) The methods for obtaining, processing, reporting and storing data.

(ii) Terms that prohibit access to the computer systems and services by unauthorized personnel.

(c) The information technology center staff will be bonded, at a level determined by the information technology center's governing body, for the faithful performance of their duties.

(d) The information technology center will have insurance coverage for all fixed assets.

(e) A data-retention policy will be written, implemented, and communicated to all user entities, that specifies how data are stored and restored and the method for disposal of data.

(f) The computer system will be reviewed at regular intervals to ensure sufficient system performance and data security.

(g) The information technology center will not modify in any respect software or associated data structures provided by the department without the prior written approval from the superintendent of public instruction or his or her designee.

(h) The environment for the computer systems will comply with the manufacturer's standards for installation, power, and maintenance.

(i) The physical security of the information technology center will prevent unauthorized access to the computer systems.

(j) A written data release policy will be implemented and communicated by the information technology center. The policy will describe the process for requesting a release, return, or transfer of data. A release, return, or transfer of data will occur no later than ten business days following the district's request, unless otherwise specified and agreed upon by both the district and the information technology center.

(5) Information technology center personnel

(a) Staffing levels are to be sufficient to meet the service needs of the user as measured by end-user and staff satisfaction. Personnel assignments will ensure that user support needs are met and that all core services are successfully delivered.

(b) All staff will have training and/or experience necessary to perform the duties contained in their job descriptions.

(c) All information technology center staff will be given the appropriate training for the task assigned.

(d) All information technology center staff whose job assignments are related to the support of technology or technology services will engage in an ongoing program of in-service relative to their area of assignment. Staff training will be aligned with the continuous improvement plan of the information technology center and reflect the policies and guidelines established by the local professional development committee (LPDC).

(e) Information technology staff who hold an educator license or certificate issued by the state board of education and who are utilizing the LPDC process in order to renew and maintain licensure will comply with rule 3301-24-08 of the Administrative Code.