Doing Business with Statewide IT Procurement
The N.C. Department of Information Technology’s Statewide IT Procurement Office works with many different vendors across the state to deliver technology goods and services for state agencies, local governments and community colleges.
As a first step to conducting business with the state, vendors should sign up on the North Carolina electronic vendor portal, which allows them to:
• Participate in the electronic procurement process
• Participate in the state’s Historically Underutilized Business Program
• Participate in the North Carolina Small Business Enterprise Program
• Receive information on upcoming bids
In the portal, vendors can register for all applicable commodities, goods and services. Registered vendors also receive vital information about bid opportunities that match their interests. In most cases, vendors also submit proposals using the portal.
Required Architecture Diagrams
The following are templates for architectural diagrams required upon RFP submission:
For additional information on these diagrams, see the descriptions below.
Network Architecture Diagram
This diagram describes the means of communication, the method of sending and receiving information, between the assets in the Technology Architecture.
The diagram will take logical connections between client and server components and identify network boundaries and network infrastructure required to physically implement those connections. It does not describe the information format or content but will address protocol and capacity issues.
Technology Stack Diagram
Technology stack, also called a solution stack, is a set of software components that compose a logically complete platform for running a service or supporting an application. It is the set of software that provides the infrastructure for a solution. The stacks differ based on the deployment location (e.g. client, server, mainframe). The technology stack diagram depicts the relationships and critical communication paths between the solution’s software components.
The goals listed below reflect the overall strategy of NCDIT to find better ways to leverage and share what is common across the state in terms of IT. Key elements of the vision include providing agile, world-class technology solutions, with an emphasis on digital services, delivering value through a disciplined approach to the management of technology across the enterprise of state government, increasing overall productivity of agencies and their employees, meeting the Governor’s directive to increase the use of shared data and analytics among agencies, and protecting government systems and citizen information from unauthorized access.
Updated Statewide Information Technology Goals
- Secure IT systems and infrastructure: Provide a resilient infrastructure that mitigates risk, supports business continuity, provides security and privacy of the State’s and citizens’ data, and supports secure collaboration and information sharing.
- Deepen trusted partnerships: Support and empower the business of state government by improving processes, enhancing cross-agency collaboration and cooperation, and establishing and managing IT standards.
- Improve the management and transparency of IT: Better utilize the state’s IT resources by increasing visibility into what the State has, what it costs, and how the State uses it.
- Modernize and centralize IT operations: Modernize and centralize technology operations to effectively support a 21st century government.
- Empower our citizens through technology: Provide transparent, easy-to-use, and customer-focused government and student services.
- Promote better decision-making through analytics: Leverage the state’s data to make more informed decisions, policies, and laws.
An enterprise approach optimizes IT security and risk management activities performed at the statewide level, allowing the state to gain economies of scale and helping to ensure security program consistency.
The Government Data Analytics Center is developing a comprehensive master data management tool to document the state’s data sources and definitions, as well as any quality issues associated with the data in terms of accuracy, currency, and completeness. Evaluating a data source at the enterprise level with varying business perspectives can point out these types of data quality concerns. Based on this knowledge, the GDAC can work with the data source agency to identify ways to improve and expand the capture of quality data to support more accurate analysis and decisions.
North Carolina constituencies expect great digital experiences when engaging with state government. Our goal is to deliver content, resources and services anytime, anywhere and on any device. We aim to deliver user-centric digital services with an emphasis on accessibility, ease-of-use and consistency while ensuring security and reliability.
The N.C. Department of Information Technology administers Digital Commons, a customized content management platform running on the open-source Drupal framework (currently Drupal 9) and hosted on FedRAMP compliant Amazon Web Services. As the state's enterprise web content management system, Digital Commons is considered the standard delivery platform for web and digital content.
The platform supports more than 60 websites for agencies, boards and commission, including the nc.gov Constituent Portal
The State Chief Information Officer strives to simplify electronic transactions with North Carolina State Government. The SCIO is required to ensure this happens in a secure manner. This is accomplished through authentication of users and controlled access to applications and services.
To achieve this, the SCIO requires all inter-agency and external facing solutions/applications that create content use the State’s Identity and Access Management solution (“NCID”).
More information about the NCID service.
NCID is used to integrate with numerous systems to synergize the end-user experience by providing authentication/authorization to State applications and solutions.
All solutions requiring NCID authentication must externalize identity and access management and support one of the following protocols:
- Security Assertion Markup Language (SAML v2)
- Lightweight Directory Access Protocol
- Web Services (SOAP/WSDL)
As existing solutions are upgraded or replaced, they will be required to support the above protocols.
A formal exception is required to use a solution other than NCID. The agency must provide just cause for the exception to be approved.