Report 2014-116 Recommendation 11 Responses

Report 2014-116: California Department of Consumer Affairs' BreEZe System: Inadequate Planning and Oversight Led to Implementation at Far Fewer Regulatory Entities at a Significantly Higher Cost (Release Date: February 2015)

Recommendation #11 To: Technology, California Department of

To ensure that IT projects have the oversight needed to better position them for success, CalTech should require state departments to follow its IT policies, including developing all necessary plans and receiving all required training.

Agency Response*

Statewide Information Management Manual (SIMM) 45 updated for departments to follow CDT policies.

  • Response Type†: Annual Follow Up
  • Completion Date: March 2017
  • Response Date: November 2017

California State Auditor's Assessment of Status: Fully Implemented


Agency Response*

California Project Management Framework (CA-PMF) was published in May 2016. See TL 16-04. The CA-PMF offers guidance and insight on project management methods and approach (through the use of resources, tools, and templates), as well as narratives detailing the justifications for why specific activities should be performed. The CA-PMF is designed to be scalable to accommodate the various needs of projects.

Prior to completion of the CA-PMF, California Department of Technology (CDT) decided to separate policy mandates from project management guidance. In particular, CDT determined that the priority for policy mandates should be on reportable IT projects. As a result, CDT modified the IT Project Oversight Framework - SIMM 45 in July 2016 to include the oversight related components previously published in the CA-PMM.

These are:

- Project Management Risk Assessment

- Project Complexity Assessment

- Project Status Reports

- Independent Project Oversight Reports

Information Technology Project Oversight Division (ITPOD) has drafted an escalation process to raise awareness and foster appropriate actions concerning significant risks and issues to increasingly higher levels of CDT leadership. ITPOD has also drafted a Corrective Action Plan framework to notify departments that remediation is required. ITPOD intends to incorporate both of these processes to the IT Project Oversight Framework after state entities are provided with the opportunity to ask questions or provide comments - anticipated to be completed by December 2016.

  • Response Type†: Annual Follow Up
  • Estimated Completion Date: December 2016
  • Response Date: October 2016

California State Auditor's Assessment of Status: Not Fully Implemented


Agency Response*

Work on revisions to the (CA-PMM) is underway with implementation anticipated in July 2016. The new version will be re-named to: California Project Management Framework (CA-PMF). Release of the new CA-PMF will include the a policy clarification that departments must follow the CA-PMF or another documented methodology based on PMBOK (Project Management Institute Project Management Body of Knowledge). CA-PMM was written as a set of guidelines - not requirements.

ITPOD will document deficiencies concerning compliance with IT policies and when these are not remediated within a reasonable period of time, ITPOD will use an escalation process to bring greater attention to the resulting risks and issues to increasingly higher levels of leadership. Updates to the ITPOD Project Oversight Escalation process are under review, and implementation is expected March 2016.

  • Response Type†: 1-Year
  • Estimated Completion Date: July 2016
  • Response Date: February 2016

California State Auditor's Assessment of Status: Pending


Agency Response*

Work on CA-PMM is underway with implementation anticipated in July 2016. Updates to the Project Oversight Escalation process are in development and implementation is planned for September 2015.

  • Response Type†: 6-Month
  • Estimated Completion Date: July 2016
  • Response Date: August 2015

California State Auditor's Assessment of Status: Pending


Agency Response*

60-Day Update:

CalTech is undertaking a project to update and enhance the CA-PMM. This will provide the opportunity to strengthen the direction given to state entities concerning the Department's IT policies. At the same time, ITPOC is enhancing and updating the Project Oversight Escalation process to ensure that ITPOC management is apprised of project compliance deficiencies and so that the recommendation for remediation action are developed.

  • Response Type†: 60-Day
  • Estimated Completion Date: 12/31/2015
  • Response Date: April 2015

California State Auditor's Assessment of Status: Pending


All Recommendations in 2014-116

†Response Type refers to the interval in which the auditee is providing the State Auditor with their status in implementing recommendations made in an audit report. Auditees must submit a response regarding their progress in implementing recommendations from our reports at three intervals from the release of the report: 60 days, six months, and one year or subsequent to one year.

*Agency responses received after June 2013 are posted verbatim.


Report type

Report type
















© 2013, California State Auditor | Privacy Policy | Conditions of Use | Download Adobe PDF Reader